i wouldnt redirect (as more resources needed to do 2 pages now), but rewrite could be an option

yeah i wouldnt redirect either. i wouldnt rewrite also. just send 403 response. the request is likely bot anyway, html is not really needed and in the case of a ddos, the less resource you use the better

that exceed lets

exceed what?

Thank you both so much

Im really new to security and i cant find much on info on best practices for these

Im currently using upstash rate limiting and vercel firewall as my security

I heard about axiom

But not sure if i should use it , im still looking at vercel firewall since i think now they provide lots of cloudfare support

And have ip and user agent address blocking

axiom? that's just for logging, not for ddos protection

@joulev yes sorry i was thinking of using that for logging

But im still debating as i see vercel now logs ip address and other assets