{"id":640,"date":"2025-05-18T19:36:16","date_gmt":"2025-05-18T19:36:16","guid":{"rendered":"https:\/\/buhave.com\/courses\/?p=640"},"modified":"2025-05-20T12:57:52","modified_gmt":"2025-05-20T12:57:52","slug":"security-and-rate-limiting","status":"publish","type":"post","link":"https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/","title":{"rendered":"Security and Rate Limiting"},"content":{"rendered":"<h2>Authentication and Authorization<\/h2>\n<h3><strong>Authentication<\/strong><\/h3>\n<p>The process of verifying the identity of a user or system.<\/p>\n<ul>\n<li>Username and password authentication<\/li>\n<li>Multi-factor authentication (MFA)<\/li>\n<li>Biometric authentication (fingerprint, facial recognition)<\/li>\n<li>OAuth and SSO (Single Sign-On) systems<\/li>\n<\/ul>\n<h3>Authorization<\/h3>\n<p>The process of granting or denying access to resources based on verified identities.<\/p>\n<ul>\n<li>Role-based access control (RBAC)<\/li>\n<li>Attribute-based access control (ABAC)<\/li>\n<li>Access control lists (ACLs)<\/li>\n<li>OAuth scopes and permissions<\/li>\n<\/ul>\n<h3>Types of Authentication<\/h3>\n<p><strong>Password-based authentication<\/strong>:<\/p>\n<p>The user provides a password for login verification.<\/p>\n<ul>\n<li>Common, but less secure if not paired with strong policies like MFA<\/li>\n<li>Consider using hashing and salting for password storage<\/li>\n<\/ul>\n<p><strong>Multi-Factor Authentication (MFA)<\/strong>:<\/p>\n<p>Adds an additional layer of security by requiring more than just a password.<\/p>\n<ul>\n<li>Common factors include something the user knows (password), something the user has (OTP from a mobile device), or something the user is (biometric data)<\/li>\n<li>Greatly increases security by reducing the chance of unauthorized access<\/li>\n<\/ul>\n<p><strong>Single Sign-On (SSO)<\/strong>:<\/p>\n<p>A user logs in once and gains access to multiple services without needing to authenticate again.<\/p>\n<ul>\n<li>Improves user experience by reducing the number of logins<\/li>\n<li>Commonly used for enterprise systems and web applications<\/li>\n<\/ul>\n<h3>Types of Authorization<\/h3>\n<p><strong>Role-Based Access Control (RBAC)<\/strong>:<\/p>\n<p>Permissions are assigned based on the user&#8217;s role in the system.<\/p>\n<ul>\n<li>Roles define the level of access (e.g., Admin, User, Guest)<\/li>\n<li>Easy to manage when there are a small number of roles<\/li>\n<\/ul>\n<p><strong>Attribute-Based Access Control (ABAC)<\/strong>:<\/p>\n<p>Uses attributes (such as user characteristics, resource types, or environment conditions) to make access control decisions.<\/p>\n<ul>\n<li>More granular and flexible than RBAC, as it supports complex conditions<\/li>\n<li>Commonly used in dynamic environments<\/li>\n<\/ul>\n<p><strong>Access Control Lists (ACLs)<\/strong>:<\/p>\n<p>Defines permissions for each individual user or group on a specific resource.<\/p>\n<ul>\n<li>Can be complex to manage in large systems<\/li>\n<li>Useful for fine-grained access control of specific files, data, or services<\/li>\n<\/ul>\n<p><strong>Best Practices for Authentication and Authorization<\/strong><\/p>\n<ul>\n<li>Use HTTPS to encrypt data during authentication<\/li>\n<li>Store passwords securely using hashing and salting algorithms<\/li>\n<li>Implement token-based authentication (JWT) for API security<\/li>\n<li>Regularly review and audit user access privileges<\/li>\n<li>Limit the number of failed login attempts to protect against brute force attacks<\/li>\n<\/ul>\n<h2>Encryption, hashing, SSL\/TLS<\/h2>\n<h3>Encryption:<\/h3>\n<p>The process of converting data into a secure format to prevent unauthorized access.<\/p>\n<ul>\n<li>Symmetric encryption: Both the encryption and decryption use the same key (e.g., AES)<\/li>\n<li>Asymmetric encryption: Uses a public key for encryption and a private key for decryption (e.g., RSA, ECC)<\/li>\n<li>Commonly used in securing data in transit, such as HTTPS or encrypting sensitive data in databases<\/li>\n<li>Essential for maintaining confidentiality of data, especially in communication over untrusted networks like the internet<\/li>\n<\/ul>\n<h3>Hashing:<\/h3>\n<p>A one-way process of transforming data into a fixed-size value (hash) that represents the original data.<\/p>\n<ul>\n<li>Common hashing algorithms: SHA-256, MD5, and bcrypt<\/li>\n<li>Used for storing passwords securely (e.g., hashed and salted passwords)<\/li>\n<li>Unlike encryption, hashes cannot be reversed to retrieve the original data<\/li>\n<li>Used for verifying the integrity of data (e.g., file integrity checks, digital signatures)<\/li>\n<\/ul>\n<h3>SSL\/TLS<\/h3>\n<p><strong>SSL (Secure Sockets Layer)<\/strong>:<\/p>\n<p>The predecessor to TLS (Transport Layer Security), used to encrypt data between a client and a server.<\/p>\n<ul>\n<li>SSL has been deprecated due to known vulnerabilities and is no longer considered secure<\/li>\n<li>SSL and TLS serve the same purpose but TLS is more secure and efficient<\/li>\n<\/ul>\n<p><strong>TLS (Transport Layer Security)<\/strong>:<\/p>\n<p>A protocol that ensures secure communication between a client and server by encrypting data.<\/p>\n<ul>\n<li>TLS 1.2 and 1.3 are the most widely used versions today<\/li>\n<li>TLS provides confidentiality, integrity, and authentication by using certificates and public-private key pairs<\/li>\n<li>TLS protects data during transmission (e.g., HTTPS, email communication, VPN)<\/li>\n<\/ul>\n<p><strong>SSL\/TLS Handshake<\/strong>:<\/p>\n<p>The process by which the client and server establish a secure connection.<\/p>\n<ul>\n<li>Includes exchanging certificates, verifying authenticity, and generating session keys<\/li>\n<li>Ensures both parties are who they claim to be and sets up encryption for data transmission<\/li>\n<\/ul>\n<p><strong>SSL\/TLS Certificates<\/strong>:<\/p>\n<p>Digital certificates used to authenticate the identity of the server and enable secure encrypted communication.<\/p>\n<ul>\n<li>Issued by Certificate Authorities (CAs) after verifying the legitimacy of the requesting party<\/li>\n<li>Ensure that users can trust the website or service they are communicating with<\/li>\n<li>Contain the server\u2019s public key, the server\u2019s identity, and expiration date<\/li>\n<\/ul>\n<h3>Best Practices for Encryption, Hashing, and SSL\/TLS<\/h3>\n<ul>\n<li>Always use the latest version of TLS (preferably TLS 1.2 or 1.3)<\/li>\n<li>Enable forward secrecy in your TLS configurations to protect past communications if the private key is compromised<\/li>\n<li>Use strong and unique encryption keys, and rotate them regularly<\/li>\n<li>Never store passwords as plain text\u2014use salted and hashed passwords<\/li>\n<li>Always validate SSL\/TLS certificates to ensure the authenticity of the server<\/li>\n<\/ul>\n<h2>DDoS protection and throttling<\/h2>\n<h3>What is DDoS?<\/h3>\n<ul>\n<li>Distributed Denial of Service (DDoS) attacks overwhelm a server or network by flooding it with massive traffic from multiple sources.<\/li>\n<li>The goal is to exhaust resources and make the system unavailable to legitimate users.<\/li>\n<\/ul>\n<p><strong>Types of DDoS Attacks<\/strong><\/p>\n<ul>\n<li>Volumetric Attacks: Overload the bandwidth using massive data floods (e.g., UDP floods, amplification attacks).<\/li>\n<li>Protocol Attacks: Exploit weaknesses in network protocols (e.g., SYN floods, Ping of Death).<\/li>\n<li>Application Layer Attacks: Target specific applications with slow or complex requests (e.g., HTTP floods).<\/li>\n<\/ul>\n<p><strong>DDoS Protection Techniques<\/strong><\/p>\n<ul>\n<li>Rate Limiting: Controls the number of requests a user or IP can make in a given time period.<\/li>\n<li>IP Blacklisting: Blocks traffic from known malicious IP addresses.<\/li>\n<li>Geo-blocking: Restricts access based on geographic regions.<\/li>\n<li>Web Application Firewalls (WAF): Inspects and filters incoming HTTP requests to block malicious patterns.<\/li>\n<li>Traffic Scrubbing Services: Redirects traffic through a filtering service that removes malicious traffic before it reaches the server (e.g., Cloudflare, Akamai, AWS Shield).<\/li>\n<li>Content Delivery Networks (CDNs): Distribute content across multiple servers to absorb and mitigate traffic spikes.<\/li>\n<li>Anycast DNS Routing: Distributes traffic to multiple data centers based on proximity and server load.<\/li>\n<\/ul>\n<h3>What is Throttling?<\/h3>\n<ul>\n<li>Throttling is the process of controlling the rate at which users can access resources or perform actions.<\/li>\n<li>Prevents abuse and ensures fair usage by setting limits on API calls or resource access.<\/li>\n<\/ul>\n<p><strong>Throttling Strategies<\/strong><\/p>\n<ul>\n<li>Fixed Window: Allows a certain number of requests per fixed time interval (e.g., 100 requests per minute).<\/li>\n<li>Sliding Window: More accurate control over time-based access using rolling time windows.<\/li>\n<li>Token Bucket: Uses tokens to represent access rights; users must have tokens to make requests.<\/li>\n<li>Leaky Bucket: Queues requests and processes them at a constant rate, preventing bursts of traffic.<\/li>\n<\/ul>\n<p><strong>Benefits of DDoS Protection and Throttling<\/strong><\/p>\n<ul>\n<li>Maintains service availability during traffic spikes or attacks.<\/li>\n<li>Improves performance by preventing resource exhaustion.<\/li>\n<li>Enhances security by blocking malicious or excessive requests.<\/li>\n<li>Ensures fair usage across users and prevents abuse of services.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Authentication and Authorization Authentication The process of verifying the identity of a user or system. Username and password authentication Multi-factor authentication (MFA) Biometric authentication (fingerprint, facial recognition) OAuth and SSO (Single Sign-On) systems Authorization The process of granting or denying access to resources based on<\/p>\n","protected":false},"author":1,"featured_media":641,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[15],"tags":[],"class_list":["post-640","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-system-design"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Security and Rate Limiting - System Design Course<\/title>\n<meta name=\"description\" content=\"Security and rate limiting protect systems by controlling access and limiting request traffic to prevent abuse.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security and Rate Limiting - System Design Course\" \/>\n<meta property=\"og:description\" content=\"Security and rate limiting protect systems by controlling access and limiting request traffic to prevent abuse.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/\" \/>\n<meta property=\"og:site_name\" content=\"BUHAVE\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/BeYouHave\/\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/naveedsafdarawan\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-18T19:36:16+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-05-20T12:57:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/buhave.com\/courses\/wp-content\/uploads\/2025\/05\/Security-and-Rate-Limiting.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"628\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Naveed Safdar\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Naveed Safdar\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/system-design\\\/security-and-rate-limiting\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/system-design\\\/security-and-rate-limiting\\\/\"},\"author\":{\"name\":\"Naveed Safdar\",\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/#\\\/schema\\\/person\\\/04fe0254e118521c9fbb3da39de5acca\"},\"headline\":\"Security and Rate Limiting\",\"datePublished\":\"2025-05-18T19:36:16+00:00\",\"dateModified\":\"2025-05-20T12:57:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/system-design\\\/security-and-rate-limiting\\\/\"},\"wordCount\":1082,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/system-design\\\/security-and-rate-limiting\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/buhave.com\\\/courses\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Security-and-Rate-Limiting.webp\",\"articleSection\":[\"System Design Course\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/buhave.com\\\/courses\\\/system-design\\\/security-and-rate-limiting\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/system-design\\\/security-and-rate-limiting\\\/\",\"url\":\"https:\\\/\\\/buhave.com\\\/courses\\\/system-design\\\/security-and-rate-limiting\\\/\",\"name\":\"Security and Rate Limiting - System Design Course\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/system-design\\\/security-and-rate-limiting\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/system-design\\\/security-and-rate-limiting\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/buhave.com\\\/courses\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Security-and-Rate-Limiting.webp\",\"datePublished\":\"2025-05-18T19:36:16+00:00\",\"dateModified\":\"2025-05-20T12:57:52+00:00\",\"description\":\"Security and rate limiting protect systems by controlling access and limiting request traffic to prevent abuse.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/system-design\\\/security-and-rate-limiting\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/buhave.com\\\/courses\\\/system-design\\\/security-and-rate-limiting\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/system-design\\\/security-and-rate-limiting\\\/#primaryimage\",\"url\":\"https:\\\/\\\/buhave.com\\\/courses\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Security-and-Rate-Limiting.webp\",\"contentUrl\":\"https:\\\/\\\/buhave.com\\\/courses\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Security-and-Rate-Limiting.webp\",\"width\":1200,\"height\":628,\"caption\":\"Security and Rate Limiting\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/system-design\\\/security-and-rate-limiting\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Courses\",\"item\":\"https:\\\/\\\/buhave.com\\\/courses\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"System Design Course\",\"item\":\"https:\\\/\\\/buhave.com\\\/courses\\\/learn\\\/system-design\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Security and Rate Limiting\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/#website\",\"url\":\"https:\\\/\\\/buhave.com\\\/courses\\\/\",\"name\":\"BUHAVE\",\"description\":\"Courses - Learn Online for Free\",\"publisher\":{\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/buhave.com\\\/courses\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/#organization\",\"name\":\"BUHAVE\",\"url\":\"https:\\\/\\\/buhave.com\\\/courses\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/buhave.com\\\/courses\\\/wp-content\\\/uploads\\\/2025\\\/03\\\/buhave-course.webp\",\"contentUrl\":\"https:\\\/\\\/buhave.com\\\/courses\\\/wp-content\\\/uploads\\\/2025\\\/03\\\/buhave-course.webp\",\"width\":375,\"height\":75,\"caption\":\"BUHAVE\"},\"image\":{\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/BeYouHave\\\/\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/buhave\",\"https:\\\/\\\/www.youtube.com\\\/@buhave\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/buhave.com\\\/courses\\\/#\\\/schema\\\/person\\\/04fe0254e118521c9fbb3da39de5acca\",\"name\":\"Naveed Safdar\",\"description\":\"I\u2019m Naveed Safdar - SEO Manager with over 10 years of experience in SEO and Digital Marketing. I\u2019ve had the privilege of working with leading national and international companies including Grafdom, PakWheels, Systems Limited, Confiz, Educative, and Dubizzle Labs. My expertise spans technical SEO, content strategy, organic growth, and performance analytics - helping businesses improve visibility, traffic, and ROI.\",\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/in\\\/naveedsafdar\\\/\",\"https:\\\/\\\/www.facebook.com\\\/naveedsafdarawan\\\/\",\"https:\\\/\\\/www.youtube.com\\\/@naveedsafdar\"],\"url\":\"https:\\\/\\\/buhave.com\\\/courses\\\/author\\\/naveed-safdar\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Security and Rate Limiting - System Design Course","description":"Security and rate limiting protect systems by controlling access and limiting request traffic to prevent abuse.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/","og_locale":"en_US","og_type":"article","og_title":"Security and Rate Limiting - System Design Course","og_description":"Security and rate limiting protect systems by controlling access and limiting request traffic to prevent abuse.","og_url":"https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/","og_site_name":"BUHAVE","article_publisher":"https:\/\/www.facebook.com\/BeYouHave\/","article_author":"https:\/\/www.facebook.com\/naveedsafdarawan\/","article_published_time":"2025-05-18T19:36:16+00:00","article_modified_time":"2025-05-20T12:57:52+00:00","og_image":[{"width":1200,"height":628,"url":"https:\/\/buhave.com\/courses\/wp-content\/uploads\/2025\/05\/Security-and-Rate-Limiting.webp","type":"image\/webp"}],"author":"Naveed Safdar","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Naveed Safdar","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/#article","isPartOf":{"@id":"https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/"},"author":{"name":"Naveed Safdar","@id":"https:\/\/buhave.com\/courses\/#\/schema\/person\/04fe0254e118521c9fbb3da39de5acca"},"headline":"Security and Rate Limiting","datePublished":"2025-05-18T19:36:16+00:00","dateModified":"2025-05-20T12:57:52+00:00","mainEntityOfPage":{"@id":"https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/"},"wordCount":1082,"commentCount":0,"publisher":{"@id":"https:\/\/buhave.com\/courses\/#organization"},"image":{"@id":"https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/#primaryimage"},"thumbnailUrl":"https:\/\/buhave.com\/courses\/wp-content\/uploads\/2025\/05\/Security-and-Rate-Limiting.webp","articleSection":["System Design Course"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/","url":"https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/","name":"Security and Rate Limiting - System Design Course","isPartOf":{"@id":"https:\/\/buhave.com\/courses\/#website"},"primaryImageOfPage":{"@id":"https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/#primaryimage"},"image":{"@id":"https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/#primaryimage"},"thumbnailUrl":"https:\/\/buhave.com\/courses\/wp-content\/uploads\/2025\/05\/Security-and-Rate-Limiting.webp","datePublished":"2025-05-18T19:36:16+00:00","dateModified":"2025-05-20T12:57:52+00:00","description":"Security and rate limiting protect systems by controlling access and limiting request traffic to prevent abuse.","breadcrumb":{"@id":"https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/#primaryimage","url":"https:\/\/buhave.com\/courses\/wp-content\/uploads\/2025\/05\/Security-and-Rate-Limiting.webp","contentUrl":"https:\/\/buhave.com\/courses\/wp-content\/uploads\/2025\/05\/Security-and-Rate-Limiting.webp","width":1200,"height":628,"caption":"Security and Rate Limiting"},{"@type":"BreadcrumbList","@id":"https:\/\/buhave.com\/courses\/system-design\/security-and-rate-limiting\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Courses","item":"https:\/\/buhave.com\/courses\/"},{"@type":"ListItem","position":2,"name":"System Design Course","item":"https:\/\/buhave.com\/courses\/learn\/system-design\/"},{"@type":"ListItem","position":3,"name":"Security and Rate Limiting"}]},{"@type":"WebSite","@id":"https:\/\/buhave.com\/courses\/#website","url":"https:\/\/buhave.com\/courses\/","name":"BUHAVE","description":"Courses - Learn Online for Free","publisher":{"@id":"https:\/\/buhave.com\/courses\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/buhave.com\/courses\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/buhave.com\/courses\/#organization","name":"BUHAVE","url":"https:\/\/buhave.com\/courses\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/buhave.com\/courses\/#\/schema\/logo\/image\/","url":"https:\/\/buhave.com\/courses\/wp-content\/uploads\/2025\/03\/buhave-course.webp","contentUrl":"https:\/\/buhave.com\/courses\/wp-content\/uploads\/2025\/03\/buhave-course.webp","width":375,"height":75,"caption":"BUHAVE"},"image":{"@id":"https:\/\/buhave.com\/courses\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/BeYouHave\/","https:\/\/www.linkedin.com\/company\/buhave","https:\/\/www.youtube.com\/@buhave"]},{"@type":"Person","@id":"https:\/\/buhave.com\/courses\/#\/schema\/person\/04fe0254e118521c9fbb3da39de5acca","name":"Naveed Safdar","description":"I\u2019m Naveed Safdar - SEO Manager with over 10 years of experience in SEO and Digital Marketing. I\u2019ve had the privilege of working with leading national and international companies including Grafdom, PakWheels, Systems Limited, Confiz, Educative, and Dubizzle Labs. My expertise spans technical SEO, content strategy, organic growth, and performance analytics - helping businesses improve visibility, traffic, and ROI.","sameAs":["https:\/\/www.linkedin.com\/in\/naveedsafdar\/","https:\/\/www.facebook.com\/naveedsafdarawan\/","https:\/\/www.youtube.com\/@naveedsafdar"],"url":"https:\/\/buhave.com\/courses\/author\/naveed-safdar\/"}]}},"_links":{"self":[{"href":"https:\/\/buhave.com\/courses\/wp-json\/wp\/v2\/posts\/640","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buhave.com\/courses\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buhave.com\/courses\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buhave.com\/courses\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buhave.com\/courses\/wp-json\/wp\/v2\/comments?post=640"}],"version-history":[{"count":1,"href":"https:\/\/buhave.com\/courses\/wp-json\/wp\/v2\/posts\/640\/revisions"}],"predecessor-version":[{"id":642,"href":"https:\/\/buhave.com\/courses\/wp-json\/wp\/v2\/posts\/640\/revisions\/642"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buhave.com\/courses\/wp-json\/wp\/v2\/media\/641"}],"wp:attachment":[{"href":"https:\/\/buhave.com\/courses\/wp-json\/wp\/v2\/media?parent=640"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buhave.com\/courses\/wp-json\/wp\/v2\/categories?post=640"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buhave.com\/courses\/wp-json\/wp\/v2\/tags?post=640"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}