• Level Up Coding
  • Posts
  • LUC #52: Strategies to Prevent System Misuse and Resource Overload

LUC #52: Strategies to Prevent System Misuse and Resource Overload

Plus, how modular monoliths work, principles of OOP explained, and how to use Big O to ace your technical interviews

This week’s issue brings you:


A big thank you to our partner Postman who keeps this newsletter free to the reader.

Postman v11 just got released, and with it a bunch of awesome new features 🔥 Check it out.

Strategies to Prevent System Misuse and Resource Overload

Mass adoption is any system or application’s dream.

But with that comes the risk of misuse and resource overload.

Measures should be in place to ensure the quality of service across all users.

Last year, there was a well-known case of Twitter/X facing this exact problem.

Their solution? Rate limiting. This involved restricting the number of requests a user or service can make on a system.

While it's certainly a viable solution for many cases, it isn't the only one. Let's look at some other alternatives that can be implemented into any system.

It's important to note that these solutions should be implemented defensively to avoid scenarios requiring ad hoc remedies.


Throttling is a simple technique that slows the time it takes to process a task in order to minimize resource consumption.

This is often used in conjunction with quotas or rate-limiting so that users aren't entirely cut off from the service but instead, the quality of service is lowered to a reasonable level.

This is a popular approach internet service providers take to minimize bandwidth congestion during peak traffic. Similarly, throttling requests on a server or API is also commonly done in software systems.

Authentication and Authorization

These are important security measures that minimize the risk of service misuse and denial of service attacks (DoS).

It also helps identify and limit the access of bots and scraper accounts.

First, the requesting user or service would be verified and identified using a username and password or more sophisticated methods such as 2FA. Once they have been identified, the system would then determine which resources the requester can have excess to and their level of priority to the system’s resources (if applicable).


CAPTCHA aims to identify human requesters and deny access to bots. It does so by introducing human-solvable tests before granting access to the service or certain features.

While this technique is a popular approach, its impact on the application’s accessibility is a notable consideration.

You would have noticed CAPTCHA tests have become increasingly challenging in recent years. AI technology is making it increasingly difficult to distinguish between human requesters and bots so the challenges are becoming more difficult.

Intrusion Detection and Prevention Systems

Specifically used to mitigate the risk of system attacks, this approach involves monitoring network traffic to identify malicious activity.

Intrusion Detection Systems (IDS) are used to alert and report on identified threats, whereas Intrusion Prevention Systems (IPS) aim to block them.

Beyond the requirement of identifying and blocking threats, some other solutions that prevent system overload are:

Load balancing: distribute requests across multiple servers.

Prioritization: ensuring critical requests have priority to system resources.

Circuit breaker pattern: prevent task retries that are likely to fail.

Concurrency limits: limit the number of connections that can be made to the system or the number of concurrently running tasks.

Preventing system overload and misuse requires a full team effort to employ defensive engineering. The techniques mentioned above should be implemented carefully to ensure legitimate requests are not restricted.

A combination of multiple strategies should be used to develop a full-system approach that suits your system’s unique use case.

What are Modular Monoliths, and How Do They Work? (Recap)

Modular monoliths combine the simplicity of traditional monoliths with the flexibility and scalability potential of microservices.

Deployed as a single application, they consist of loosely coupled, cohesive modules designed using domain-driven principles.

Each module functions independently, minimizing the impact of changes across the system.

Benefits include straightforward architecture and easier data management.

However, while development is simpler than with microservices, scaling and performance optimizations might require careful design and might not always match the distributed nature of microservices.

Principles of OOP Explained (Recap)

Encapsulation: group together related methods and properties while protecting the internal state.

Abstraction: hide implementation details to reduce complexity.

Inheritance: inherits properties and methods from other classes as a way to share logic.

Polymorphism: enables objects to change their form by extending or overriding existing methods.

How to Use Big O to Ace Your Technical Interviews (Recap)

A few scenarios where Big O can be used: Live coding challenges, code walk-throughs, discussions about projects/solutions you've built, and discussions about your approach to programming & problem-solving.

When these scenarios come up, be sure to mention the Big O of your solution and how it compares to alternative approaches. Think out loud.

When comparing solutions, pay attention to the problem’s requirements. For example, linear time complexity may be completely fine when the input can never be too large. But if you’re dealing with big data, you’ll want to opt for something more efficient.

Of course, the goal is to get the correct Big O notation that applies to your solution. But don't worry about getting it wrong. The point is to show that you are thinking about the efficiency and performance of your solution. Do this and you’ll be able to showcase an important trait that technical hiring managers look for: The ability to consider a solution's viability beyond whether it works or not. This shows maturity in your decision-making and approach to developing software.

That wraps up this week’s issue of Level Up Coding’s newsletter!

Join us again next week, where we’ll explore How to approach scaling a database, what is event-driven architecture and how it works, types of API testing, and how data processing systems work.