Bird
0
0

Why might per-IP rate limits be less effective against attackers using VPNs or proxies?

hard📝 Conceptual Q10 of 15
Rest API - Rate Limiting and Throttling
Why might per-IP rate limits be less effective against attackers using VPNs or proxies?
ABecause attackers can change IP addresses easily, bypassing limits
BBecause per-IP limits track user accounts, not IPs
CBecause VPNs encrypt data, making limits irrelevant
DBecause proxies block all requests automatically
Step-by-Step Solution
Solution:

  1. Step 1: Understand per-IP limits

    They restrict requests based on client IP addresses.

  2. Step 2: Consider VPN/proxy behavior

    Attackers can switch IPs via VPNs or proxies, evading per-IP limits.

  3. Final Answer:

    Because attackers can change IP addresses easily, bypassing limits -> Option A

  4. Quick Check:

    IP switching bypasses per-IP limits [OK]
Quick Trick: VPNs let attackers change IPs to bypass limits [OK]
Common Mistakes:
  • Thinking per-IP limits track users
  • Assuming encryption disables limits
  • Believing proxies block all requests

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Rest API Quizzes
Authentication and Authorization - Bearer token authentication - Quiz 1easy Error Handling - Problem Details (RFC 7807) format - Quiz 2easy HATEOAS and Linking - Action links for state transitions - Quiz 12easy Pagination Patterns - Link headers for navigation - Quiz 3easy Pagination Patterns - Keyset pagination for performance - Quiz 7medium Rate Limiting and Throttling - Fixed window algorithm - Quiz 5medium Rate Limiting and Throttling - Why rate limiting protects services - Quiz 8hard Rate Limiting and Throttling - Rate limit headers (X-RateLimit) - Quiz 4medium Rate Limiting and Throttling - Rate limit headers (X-RateLimit) - Quiz 11easy Versioning Strategies - Header-based versioning - Quiz 5medium