changeset 3886:3d3cbae4c550

surge protection: add exception and a high limit for 'cache' action, more comments
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Sun, 20 Jul 2008 14:01:05 +0200
parents 273a648d8ab7
children f85cd27073a9 a016745f4cca
files MoinMoin/config/multiconfig.py MoinMoin/request/__init__.py
diffstat 2 files changed, 8 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/config/multiconfig.py	Sun Jul 20 13:40:09 2008 +0200
+++ b/MoinMoin/config/multiconfig.py	Sun Jul 20 14:01:05 2008 +0200
@@ -575,16 +575,19 @@
 
     surge_action_limits = {# allow max. <count> <action> requests per <dt> secs
         # action: (count, dt)
-        'all': (30, 30),
+        'all': (30, 30), # all requests (except cache/AttachFile action) count for this limit
+        'default': (30, 60), # default limit for actions without a specific limit
         'show': (30, 60),
         'recall': (10, 120),
         'raw': (20, 40),  # some people use this for css
-        'AttachFile': (90, 60),
         'diff': (30, 60),
         'fullsearch': (10, 120),
         'edit': (30, 300), # can be lowered after making preview different from edit
         'rss_rc': (1, 60),
-        'default': (30, 60),
+        # The following actions are often used for images - to avoid pages with lots of images
+        # (like photo galleries) triggering surge protection, we assign rather high limits:
+        'AttachFile': (90, 60),
+        'cache': (600, 30), # cache action is very cheap/efficient
     }
     surge_lockout_time = 3600 # secs you get locked out when you ignore warnings
 
--- a/MoinMoin/request/__init__.py	Sun Jul 20 13:40:09 2008 +0200
+++ b/MoinMoin/request/__init__.py	Sun Jul 20 14:01:05 2008 +0200
@@ -270,7 +270,7 @@
         current_id = validuser and self.user.name or self.remote_addr
         current_action = self.action
 
-        default_limit = self.cfg.surge_action_limits.get('default', (30, 60))
+        default_limit = limits.get('default', (30, 60))
 
         now = int(time.time())
         surgedict = {}
@@ -305,7 +305,7 @@
                 if len(timestamps) < maxnum * 2:
                     timestamps.append((now + self.cfg.surge_lockout_time, surge_indicator)) # continue like that and get locked out
 
-            if current_action != 'AttachFile': # don't add AttachFile accesses to all or picture galleries will trigger SP
+            if current_action not in ('cache', 'AttachFile', ): # don't add cache/AttachFile accesses to all or picture galleries will trigger SP
                 current_action = 'all' # put a total limit on user's requests
                 maxnum, dt = limits.get(current_action, default_limit)
                 events = surgedict.setdefault(current_id, {})