HomePhabricator

Update rate limiting for APCu and X-Forwarded-For

Description

Update rate limiting for APCu and X-Forwarded-For

Summary:
Ref T12612. This updates the rate limiting code to:

  • Support a customizable token, like the client's X-Forwarded-For address, rather than always using REMOTE_ADDR.
  • Support APCu.
  • Report a little more rate limiting information.
  • Not reference nonexistent documentation (removed in D16403).

I'm planning to put this into production on secure for now and then we can deploy it more broadly if things work well.

Test Plan:

  • Enabled it locally, used ab -n 100 to hit the limit, saw the limit enforced.
  • Waited a while, was allowed to browse again.

Reviewers: chad, amckinley

Reviewed By: amckinley

Maniphest Tasks: T12612

Differential Revision: https://secure.phabricator.com/D17758

Details