Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DDoS prevention for anonymous manager API requests #2060

Open
achimnol opened this issue Apr 24, 2024 · 0 comments · May be fixed by #2067, #2074, #2075, #2076 or #2083
Open

DDoS prevention for anonymous manager API requests #2060

achimnol opened this issue Apr 24, 2024 · 0 comments · May be fixed by #2067, #2074, #2075, #2076 or #2083
Assignees
@jopemachine
Labels
comp:manager Related to Manager component type:feature Add new features
Milestone
24.09

Comments

@achimnol
Copy link
Member

We have a rate-limiting mechanism for authenticated API requests.
Let's expand this to work on client IPs for non-authenticated API requests using the same mechanism.

If the number of tracked client IPs exceeds a certain threshold (configurable), let's drop (immediately close) all non-authenticated requests until the number is reduced. This check should also done in a non-bursty way.
@achimnol achimnol added type:feature Add new features comp:manager Related to Manager component labels Apr 24, 2024
@achimnol achimnol added this to the 24.09 milestone Apr 24, 2024
@jopemachine jopemachine mentioned this issue Apr 25, 2024
Closed
2 tasks
This was linked to pull requests Apr 25, 2024
refactor: Move anonymous_ratelimit to shared_config #2067
Open
feat: Implement hit counter for detecting hot_clients_ips #2074
Open
feat: Implement get_hot_anonymous_clients to RateLimit API #2075
Open
feat: Implement rate limiter for anonymous clients #2076
Open
feat: Truncate hot_clients_ips when it exceed the max_size #2083
Open
feat: Add hot_clients_ips_maxsize, hot_clients_ips_threshold_ratio #2087
Open
@jopemachine jopemachine linked a pull request Aug 5, 2024 that will close this issue
Open
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jopemachine jopemachine

Labels
comp:manager Related to Manager component type:feature Add new features
Projects
None yet
Milestone
24.09
2 participants
@achimnol @jopemachine