1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-18 19:40:55 +01:00
phorge-phorge/support
epriestley 4d0935ba5e Rate limit requests by IP
Summary:
Fixes T3923. On `secure.phabricator.com`, we occasionally get slowed to a crawl when someone runs a security scanner against us, or 5 search bots decide to simultaneously index every line of every file in Diffusion.

Every time a user makes a request, give their IP address some points. If they get too many points in 5 minutes, start blocking their requests automatically for a while.

We give fewer points for logged in requests. We could futher refine this (more points for a 404, more points for a really slow page, etc.) but let's start simply.

Also, provide a mechanism for configuring this, and configuring the LB environment stuff at the same time (this comes up rarely, but we don't have a good answer right now).

Test Plan: Used `ab` and reloading over and over again to hit rate limits. Read documentation.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: chad, epriestley

Maniphest Tasks: T3923

Differential Revision: https://secure.phabricator.com/D8713
2014-04-08 18:36:21 -07:00
..
aphlict Various linter fixes. 2014-02-26 12:44:58 -08:00
bin Ignore and README for support/bin 2013-04-03 12:58:39 -07:00
empty Various linter fixes. 2014-02-26 12:44:58 -08:00
jshint Use JsShrink if jsxmin is not available 2013-05-18 17:04:22 -07:00
phame Delete license headers from files 2012-11-05 11:16:51 -08:00
PhabricatorStartup.php Rate limit requests by IP 2014-04-08 18:36:21 -07:00