Hi, Playfab. 1. Is it safe to put mysql url, username, password information in the Cloud function? I need to connect to another service and send data to that database. 2. If I set playfab api Url under Cloudflare WAF Ratelimiting to protect from abuse. Is that possible? Thank you
Is it safe to put mysql url, username, password information in the Cloud function? I need to connect to another service and send data to that database.
The content you write in the PlayFab Cloud Script will not be exposed to the players, and they can only get what you want them to know.
If I set playfab api Url under Cloudflare WAF Ratelimiting to protect from abuse. Is that possible?
In fact, our API has a request limit which can protect the API from being abused, you could check the details of API limit in [Game Manager]->[Your Title]->[Title setting]->[Limits], the API limit can prevent API from being called multiple times over a period of time. And you can also use API access policy to disable certain APIs (which you don't need). About Cloudflare WAF Rate limiting, since PlayFab's services are based on the Rest API, and as Rate limiting best practices · Cloudflare Web Application Firewall (WAF) docs mentions that “Cloudflare WAF Rate limiting can protect REST APIs from resource exhaustion (targeted DDoS attacks) and resources from abuse”, it should work. But since our login APIs have a request rate limit based on IP, if Cloudflare WAF Rate limiting will cause players to send login requests from the same IP, then it will trigger the login API throttling. Since we are not experts in Cloudflare WAF Rate limiting, you may ask Cloudflare Team for further assistance.
57 People are following this question.
