You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For other apps in DI (avalon, discovery/neosdiscovery, etc), we have taken the approach to deal with enthusiastic web scrappers by banning them (or in some cases, just banning all web scrappers).
A far better approach would be to rate limit them (and any other spammy users) and giving them a proper 429 (Too Many Requests) status code.
### Throttle Spammy Clients #### If any single client IP is making tons of requests, then they're# probably malicious or a poorly-configured scraper. Either way, they# don't deserve to hog all of the app server's CPU. Cut them off!## Note: If you're serving assets through rack, those requests may be# counted by rack-attack and this throttle may be activated too# quickly. If so, enable the condition to exclude them from tracking.# Throttle all requests by IP (60rpm)## Key: "rack::attack:#{Time.now.to_i/:period}:req/ip:#{req.ip}"throttle('req/ip',limit: 300,period: 5.minutes, &:ip)
(We don't need to rate limit logins/etc as we off source this to the central IST's SAML server)
The text was updated successfully, but these errors were encountered:
For other apps in DI (avalon, discovery/neosdiscovery, etc), we have taken the approach to deal with enthusiastic web scrappers by banning them (or in some cases, just banning all web scrappers).
A far better approach would be to rate limit them (and any other spammy users) and giving them a proper 429 (Too Many Requests) status code.
This is all easily done by using this gem:
https://github.com/kickstarter/rack-attack
We can lead by example by adding this to jupiter.
Simply add the gem and an intializer to jupiter! Done!
The rack-attack initializer in jupiter would be something like this (https://github.com/kickstarter/rack-attack/blob/master/docs/example_configuration.md):
(We don't need to rate limit logins/etc as we off source this to the central IST's SAML server)
The text was updated successfully, but these errors were encountered: