Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rate-limiting the endpoints #2

Open
fyyv opened this issue Apr 18, 2022 · 1 comment
Open

Rate-limiting the endpoints #2

fyyv opened this issue Apr 18, 2022 · 1 comment
Labels
enhancement New feature or request

Comments

@fyyv
Copy link

fyyv commented Apr 18, 2022

The following command will spam the console with access logs if logging is enabled in config.yml. Note: The below command assumes the server is running on localhost.

for n in {1..50}; do curl http://localhost:27192/api/list/; done

If the logging feature is to be used explicitly for development purposes, this is working as intended. I believe that logging could also be useful for maintenance/auditing purposes, in which case server owners would likely leave logging enabled permanently.

Where DoS attacks are a concern, server owners can deploy their own more robust solutions. However, for the sake of keeping logs readable, it could be beneficial to implement at least a primitive form of rate-limiting.
@Telesphoreo
Copy link
Member

I'll log everything to a separate file

@Telesphoreo Telesphoreo added the enhancement New feature or request label Apr 19, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Telesphoreo @fyyv