How Does Bitwarden Defend Their Website Against DoS-related attacks?

Dear Bitwarden Developers,

I am concerned about how Bitwarden defends their website against DoS-related attacks. For instance, the infamous DDoS flooding attacks and even low-bandwith attacks like Slow-Loris attacks.

I am interested in learning how Bitwarden defends against these dangerous attacks since I am working on a student organization website that must be well-defended against these attacks as well. We have administration members that must remember their account credentials to ensure only they change the site. Moreover, I intend members of our student organization to start using Bitwarden since it is much more secure, free and open source, and easier to use than other secure alternatives like KeePassXC.

I wish our members to use a password management service that has more reliable assurance to work at all times.

If Bitwarden uses any unique strategies to defend against these attacks, what are they?

I thank anyone from the Bitwarden development team for any responses they send back to me.

Kyle mentioned ( that “Managed services on Azure are used for everything”. So perhaps you should take a look at this:

We use Cloudflare for a variety of things, DDoS protection being one of them :smiley:


Hi tgreer.

Thanks for letting me know! Now that you me mentioned this, I will mention this to my student organization team and see if we can add CloudFlare protection to our site.