frisbee-rate-limit | Stripe Developers | Page 1

tribal elk Mar 21, 2022, 5:03 PM

#

It is possible yes

gentle jay Mar 21, 2022, 5:03 PM

#

If that was the case, there's nothing really we can do from our app's perspective right?

tribal elk Mar 21, 2022, 5:11 PM

#

correct

gentle jay Mar 21, 2022, 5:16 PM

#

So if this is happening to us right now.... Stripe support says they'll get back to us if they have more info. Do you have any other recommendations?

tribal elk Mar 21, 2022, 5:21 PM

#

You could listen to the Checkout events and cancel the session after a few failures for example

gentle jay Mar 21, 2022, 5:38 PM

#

Our attacker is constantly posting to "/v1/payment_methods" and getting 400 Err.
In your example of "few failures", Would we be able to look up in stripe the count of how many of these failures if we happen to listen to Checkout events?
Also which event would we listen to?
"payment_intent.payment_failed"?

tribal elk Mar 21, 2022, 5:41 PM

#

it's tricky, if they hit /v1/payment_methods then there's no even/nothing you can do and working with our support team is the best option

gentle jay Mar 21, 2022, 5:47 PM

#

Ahh, thanks for letting me know.

#frisbee-rate-limit