Hi Vercel Team and Community,
I’m experiencing an urgent situation with my project and need help:
Project: multivest-engine
Issue: Bot attack caused 146.7GB data transfer spike today (normal is <1GB/day)
Current Status: 146.92 GB / 100 GB (exceeded free tier limit)
What I’ve implemented (per Vercel support recommendations):
Attack Challenge Mode: Enabled (6 hours)
Bot Protection: Enabled
WAF Rules:
- Rate Limit: 50 requests/minute per IP
- Block Source Maps: Blocks .map file requests
- Block Suspicious Bots: Blocks bot user agents
robots.txt: Deployed to block unauthorized bots
Source Maps: Disabled in production builds (GENERATE_SOURCEMAP=false)
The attack started today and I’ve implemented all protections. I’m monitoring Firewall logs and expect usage to drop significantly as the protections take effect.
My Request:
- Can a grace period be offered while protections mitigate the attack?
- Is there anything else I should do to prevent project pausing?
- Should I expect immediate reduction in data transfer?
I’m on the Hobby plan and this is clearly an attack, not legitimate traffic. Any help would be greatly appreciated.
Thank you!