diff options
author | ThibG <thib@sitedethib.com> | 2019-05-27 21:57:49 +0200 |
---|---|---|
committer | multiple creatures <dev@multiple-creature.party> | 2019-11-19 15:37:05 -0600 |
commit | c068f908038290df64eb9061798cd540b9ee0a4d (patch) | |
tree | e5d2b310237b69ce73a76968436b4b4700f15500 /config | |
parent | b08d29418c0582556b3c3c09faf6e1e2ac8561b7 (diff) |
Improve rate limiting (#10860)
* Rate limit based on remote address IP, not on potential reverse proxy * Limit rate of unauthenticated API requests further * Rate-limit paging requests to one every 3 seconds
Diffstat (limited to 'config')
-rw-r--r-- | config/initializers/rack_attack.rb | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb index 555421d55..e07341b75 100644 --- a/config/initializers/rack_attack.rb +++ b/config/initializers/rack_attack.rb @@ -58,7 +58,7 @@ class Rack::Attack end throttle('throttle_unauthenticated_api', limit: 300, period: 5.minutes) do |req| - req.remote_ip if req.api_request? && req.unauthenticated? + req.remote_ip if req.api_request? && !req.authenticated? end throttle('throttle_api_media', limit: 300, period: 5.minutes) do |req| @@ -70,7 +70,7 @@ class Rack::Attack end throttle('throttle_unauthenticated_media_proxy', limit: 30, period: 30.minutes) do |req| - req.remote_ip if req.unauthenticated? && req.path.start_with?('/media_proxy') + req.remote_ip if !req.authenticated? && req.path.start_with?('/media_proxy') end throttle('throttle_api_sign_up', limit: 5, period: 30.minutes) do |req| @@ -83,7 +83,7 @@ class Rack::Attack end throttle('throttle_unauthenticated_paging', limit: 300, period: 15.minutes) do |req| - req.remote_ip if req.paging_request? && req.unauthenticated? + req.remote_ip if req.paging_request? && !req.authenticated? end API_DELETE_REBLOG_REGEX = /\A\/api\/v1\/statuses\/[\d]+\/unreblog/.freeze |