I have a web application, which allows users to upload images, the applications stores them in my Azure blob storage, where I have set the access level to anonymous read access for blobs only, so that users that I can render them in the application also, user can export excel which will have public URLs of these images.
My doubt is how do I secure my Azure blob storage from DDOS attack, where a public URL of a blob can be hit in a loop to download the image infinite times, which can cause a high bandwidth usage with a huge amount of read operations eventually impacting my Azure blob storage bill.
Is there any way to prevent multiple consecutive or parallel requests from a same IP address to a publicly accessible blob?