You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There are some people with misconfigured applications/Nexus repo's who request files way too much. It could be good to use fail2ban to stop them from making requests too often. A first approximation for detecting this would be to check for IP's downloading the same file more than 5 times in half an hour. There are a few things to consider here:
The larger the time window, the more memory this will consume
If we're going to move to a CDN, how will we handle misconfigured clients like this? Maybe we can analyse the logs and block IPs out of band?
We don't want to block normal users, it should probably be run in report only mode for a while to make sure it's calibrated correctly.
It would be good to build up profiles of what normal maven usage and abusive behaviour look like, as kicking off a build with a clean m2 will generate a lot of (valid) requests.
There are some people with misconfigured applications/Nexus repo's who request files way too much. It could be good to use fail2ban to stop them from making requests too often. A first approximation for detecting this would be to check for IP's downloading the same file more than 5 times in half an hour. There are a few things to consider here:
http://codelog.climens.net/2011/02/13/using-fail2ban-with-nginx-in-debian/
http://blog.teabough.com/fail2ban-api-mailjet/
The text was updated successfully, but these errors were encountered: