hostinger - Supabase authv1token Being Flooded with Requests - Stack Overflow

admin管理员组

文章数量:1292658

I’m experiencing an unusual issue with my Supabase project where my logs show an excessive number of requests to the /auth/v1/token?grant_type=refresh_token endpoint, even when my website is not active. These requests are continuously hitting my server, leading to Supabase returning a 429 Too Many Requests error. The user agent in the logs is "node", indicating that these requests might be coming from a script, bot, or automated process rather than a real user. The requests are originating from the IP address 147.79.67.119, which is associated with Hostinger International in Paris, France. I am unsure whether this is due to a leaked API key or token, an automated bot attack, a bug in my own code, or a third-party service making repeated authentication requests. Has anyone encountered a similar issue with Supabase authentication? Could this be an attack, and if so, what steps should I take to mitigate it? What are the best ways to debug and stop these requests? Are there any Supabase settings I can use to limit or block these suspicious auth requests? Any advice or insights would be greatly appreciated.

I have checked my frontend and backend but haven’t found anything that would cause such behavior. I've looked into the settings of supabase and havent found anything unusual.

本文标签： hostingerSupabase authv1token Being Flooded with RequestsStack Overflow