Hi, i have a question to RUM architecture. I have added RUM to our Webshop frontend JS code and able to test with local APM-server... if i want to really monitor the Webshop users events, do i need to make the APM - Server - port available to the world? Is there any security to prevent DDOS attacks or something like this on APM port or do i need to handle this by infrastructure?
APM server is exposing an API for RUM agent same way as your backend is exposing API to your frontend. so protect it the same way you are doing with your backend API behind a WAF/Proxy ...
The APM Server port needs to be exposed publicly if your application is used over the internet, but if you only have an internal app, you only need to expose the port on that network.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.