Rate Limiting and Velocity Checking.

I was shocked how little comprehensive information was out there on rate limiting and velocity checking for software developers, because they are your first and most important line of defense against a broad spectrum of possible attacks. It’s amazing how many attacks you can mitigate or even defeat by instituting basic rate limiting.

Take a long, hard look your own website – how would it deal with a roving band of bored, morally ambiguous schoolkids?