Skip to content

Commit

Permalink
Add rate limit for media proxy requests (mastodon#10490)
Browse files Browse the repository at this point in the history 
30 per 30 minutes, like media uploads
  • Loading branch information
@Gargron @hiyuki2578
Gargron authored and hiyuki2578 committed Oct 2, 2019
1 parent e502f72 commit d888e1a
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions config/initializers/rack_attack.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,10 @@ def web_request?
req.authenticated_user_id if req.post? && req.path.start_with?('/api/v1/media')
end

throttle('throttle_media_proxy', limit: 30, period: 30.minutes) do |req|
req.ip if req.path.start_with?('/media_proxy')
end

throttle('throttle_api_sign_up', limit: 5, period: 30.minutes) do |req|
req.ip if req.post? && req.path == '/api/v1/accounts'
end
Expand Down

0 comments on commit d888e1a

Please sign in to comment.