I have a web server with its own iptables firewall. I’ve recently added a DigitalOcean Cloud Firewall as an additional layer of protection, particularly for SSH which is now only accessible via a bastion.
<redacted non-standard SSH port> bastion-only 80, all IPs, TCP 443, all IPs, TCP
<redacted, hopefully not relevant>
I host an app which is embedded in a major eCommerce platform. That embedding process means that customers, when logging into their stores on that platform, may submit to me an expired access token. I reallocate the token, respond and they resubmit. Because it’s iframed and brokered by the eCommerce platform, this can legitimately happen several times in a row (4 legit requests) that eventually culminate in a successful login.
I think there’s a setting in the Cloud Firewall that’s reacting to the repeated submission of the same request (identical URL and HTTP method) from the same sender. I think it’s delaying the packets by something like 60 seconds.
To verify this, I conducted this test:
I repeated this 5 fives in order to come to my conclusion. It supports but does not prove my assertion.
I’ve looked at this question, but it seems to be unrelated: https://www.digitalocean.com/community/questions/cloud-firewall-too-slow
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.