closed-social
/
mastodon
3
0
Fork 2
Code Issues 5 Pull Requests 0 Projects 0 Releases 3 Wiki Activity
Browse Source

Increase rate limit on protected paths (#6229) 

Previously each protected path had a separate rate limit. Now they're all in the same bucket, so people are more likely to hit one with register->login. Increasing to 25 per 5 minutes should be fine.
pull/4/head
Eugen Rochko 6 years ago
committed by GitHub
parent
6f5c0afe93
commit
921b781909
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      config/initializers/rack_attack.rb

+ 1
- 1
config/initializers/rack_attack.rb View File

@ -53,7 +53,7 @@ class Rack::Attack
req.ip if req.api_request?
end
throttle('protected_paths', limit: 5, period: 5.minutes) do |req|
throttle('protected_paths', limit: 25, period: 5.minutes) do |req|
req.ip if req.post? && req.path =~ PROTECTED_PATHS_REGEX
end

Write Preview
Loading…
Cancel
Save