NodeJS socket.io flood

Question

I want to know, if it's useful to prevent users from flooding the server by emitting sockets.

If it is, how to block theses attacks. I ask this question because there are not a lot of recent posts about it.

Answer 1

It is useful to prevent users from flooding the server by emitting sockets.

That depends entirely upon your application and what the consequences are of a rogue client sending a lot of emits(). If your server goes down when that happens or service is severely compromised, then yes it would be useful.

how to block theses attacks

I'd say that this generally fits under the rate limiting umbrella, the same as with http requests. If you want to protect against an overactive client, then you would typically set up some rate limiting on your server (that's what Google does for its APIs) and when a client exceeds the rate limit, you can drop their socket.io connection and refuse new connections from that user for some period of time. After repeated offenses, you might ban their account.

You can also limit the number of simultaneous connections from the same client to some smallish number (depends upon your app what that number should be) to keep them from pounding you multiple times all from the same client.

Moving up the scale of sophistication, you can make your rate limiting be account-based so if an account has more than one open connection, you count the rate limit for all that accounts connections together, not each connection separately.