The $274/5min Bot Attack: Protecting Next.js with Docker & Redis

The Nightmare Scenario: $274 in 5 Minutes Imagine waking up to a notification from your hosting provider. Not a "New User" alert, but a billing alert. In just five minutes, a malicious bot swarm hit your Next.js application, triggering a massive spike in serverless function execution and bandwidth. The cost? $274. This isn't a hypothetical. It recently happened to a developer on Vercel Pro, and the fallout highlighted a critical vulnerability in modern "hands-off" hosting: when you scale automatically, your bill scales automatically too—even if the traffic is malicious. As a full-stack developer who has built and shipped over 50 production systems, I've seen this pattern repeat. The "magic" of serverless is great until the bill arrives. Today, we're going to look at how to take back control by moving to a self-hosted Docker architecture with Redis-backed rate limiting. Why Default Serverless Protection Isn't Enough Most PaaS providers offer basic DDoS protection, but "Layer 7" attacks—