[Moin-user] HOWTO setup Surge Protection?
Thomas Waldmann
tw-public at gmx.de
Wed Apr 19 07:57:04 EDT 2006
>> it means that for some "action" you can do max "count" requests in "dt"
>> seconds.
> the key is what means "dt" sec. ?
delta t (or short dt) is the usual abbreviaton for a time intervall.
> 'edit': (10, 120),
> is equal to 'edit': (1, 12), ??
If you assume equal request distribution over time, it is the same.
If you don't assume that (and on the internet you can't assume that), it
is not the same as in the first case you can have a burst of 9 requests
in 1 second and 1 request in the next 119 seconds and it still is ok
because it is 10r in 120s total. In the second case 9 request in 1
second will trigger surge protection as you only allow 1 request in 12
seconds (bad idea for most actions except rss_rc maybe).
>> and it counts by IP if you are not logged in.
> Mnn this is good.
> but can we option two kinds Surge Protection for two kinds visitor?
> such as, for not login user limit more, fro loged user limit light?
This is not implemented. And as surge protection is not intended to
prefer logged-in users (or punish not-logged-in users), but to avoid
high load conditions due to abuse, there is no difference if the abuse
is done by a logged in user or an unknown user.
If it triggers too often for you, just configure higher limits.
More information about the Moin-user
mailing list