Opened 8 years ago
Closed 4 years ago
#1678 closed task (wontfix)
Relax anti-DOS protection for the SVN service
| Reported by: | strk | Owned by: | |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | SysAdmin | Keywords: | dos, svn, apache |
| Cc: |
Description
It looks like 30 requests within a single second are easy to make when it comes to fetching SVN code. See postgis:#3553
This ticket is to raise the DOSSiteCount limit a little bit, after checking that it is really legit to hit that hard, even if it is for an SVN checkout.
Change History (4)
comment:1 by , 8 years ago
comment:2 by , 8 years ago
It's reasonable to set the svn limits rather high, since a spammer won't have commit rights without a project admin manually adding them to the correct project group. So more than a few hundred hits a minute for all of the possible options.
comment:3 by , 8 years ago
It doesn't take commit access to successfully run a denial-of-service attack
comment:4 by , 4 years ago
| Resolution: | → wontfix |
|---|---|
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
It was found to be DOSPageCount (3) to be the cause of blocking, not DOSSiteCount (which is 50, btw, not 30): postgis:#3553#comment:6