Preventing DDoS attacks on SMS URL
Dear Community,
I am facing DDoS attacks on one of our application. The attacker is sending hundred of requests to a URL, which is consuming all of our SMS quota. The attack is originating from multiple IPs. Please inform how I can protect this application API from this kind of DDoS attack from appliation code level. I need help from application security experts and web developers.
https://abc.com is frontend & xyz.com is backend api
Sample of DDoS reqeust:
POST /asdf/service/sendmobilecode HTTP/1.1
Host: xyz.com
Authorization: ***********
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36
Content-Type: application/json
Origin: https://abc.com
Referer: https://abc.com/
{"number":"91234567890"}
Kind Regards