FEATURE: introduce default application level rate limiting by IP

We have tested rate limiting with admin accounts with block rate limiting for
close to 12 months now on meta.discourse.org.

This has resulted in no degradation of services even to admin accounts that
request a lot of info from the site.

The default of 200 requests a minute and 50 per 10 seconds is very generous.
It simply protects against very aggressive clients.

This setting can be disabled or tweaked using:

DISCOURSE_MAX_REQS_PER_IP_MODE and family.

The only big downside here is in cases when a very large number of users tend
to all come from a single IP.

This can be the case on sites accessing Discourse from an internal network
all sharing the same IP via NAT. Or a misconfigured Discourse that is unable
to resolve IP addresses of users due to proxy mis-configuration.
This commit is contained in:
Sam Saffron 2019-11-18 15:54:50 +11:00
parent e2ccb0c608
commit b4bfc27b19

View File

@ -212,7 +212,7 @@ max_reqs_per_ip_per_10_seconds = 50
max_asset_reqs_per_ip_per_10_seconds = 200 max_asset_reqs_per_ip_per_10_seconds = 200
# global rate limiter will simply warn if the limit is exceeded, can be warn+block, warn, block or none # global rate limiter will simply warn if the limit is exceeded, can be warn+block, warn, block or none
max_reqs_per_ip_mode = none max_reqs_per_ip_mode = block
# bypass rate limiting any IP resolved as a private IP # bypass rate limiting any IP resolved as a private IP
max_reqs_rate_limit_on_private = false max_reqs_rate_limit_on_private = false