Page MenuHomePhabricator

Rate limit requests by IP
ClosedPublic

Authored by epriestley on Apr 7 2014, 12:20 AM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Dec 24, 10:47 AM
Unknown Object (File)
Mon, Dec 23, 4:21 AM
Unknown Object (File)
Mon, Dec 23, 3:23 AM
Unknown Object (File)
Sun, Dec 22, 8:18 PM
Unknown Object (File)
Sun, Dec 22, 8:18 PM
Unknown Object (File)
Thu, Dec 12, 2:48 AM
Unknown Object (File)
Wed, Dec 11, 2:15 PM
Unknown Object (File)
Sun, Dec 8, 2:08 AM
Subscribers

Details

Reviewers
btrahan
Maniphest Tasks
Restricted Maniphest Task
Commits
Restricted Diffusion Commit
rP4d0935ba5e69: Rate limit requests by IP
Summary

Fixes T3923. On secure.phabricator.com, we occasionally get slowed to a crawl when someone runs a security scanner against us, or 5 search bots decide to simultaneously index every line of every file in Diffusion.

Every time a user makes a request, give their IP address some points. If they get too many points in 5 minutes, start blocking their requests automatically for a while.

We give fewer points for logged in requests. We could futher refine this (more points for a 404, more points for a really slow page, etc.) but let's start simply.

Also, provide a mechanism for configuring this, and configuring the LB environment stuff at the same time (this comes up rarely, but we don't have a good answer right now).

Test Plan

Used ab and reloading over and over again to hit rate limits. Read documentation.

Diff Detail

Repository
rP Phabricator
Branch
dos1
Lint
Lint Errors
SeverityLocationCodeMessage
Errorsupport/PhabricatorStartup.php:313XHP31Use Of PHP 5.3 Features
Unit
No Test Coverage

Event Timeline

epriestley retitled this revision from to Rate limit requests by IP.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: btrahan.
epriestley added a task: Restricted Maniphest Task.
  • Spell "preamble" correctly.
btrahan edited edge metadata.
btrahan added inline comments.
support/PhabricatorStartup.php
764

documentation*

This revision is now accepted and ready to land.Apr 7 2014, 5:28 PM
epriestley updated this revision to Diff 20700.

Closed by commit rP4d0935ba5e69 (authored by @epriestley).