Embraser01
commented
5 years ago In which cases does this happens? It is a restriction that is only on auth routes...
Closed corentingiraud closed 5 years ago
Embraser01
commented
5 years ago In which cases does this happens? It is a restriction that is only on auth routes...
corentingiraud
commented
5 years ago Password (re)definition. It happens to a barman (in prod env) and to me when i tried to reproduce the bug. My point is: for now, a normal trafic is considered as spucious traffic...
corentingiraud
commented
5 years ago [2018-10-18T13:55:32] warn: [RATE LIMIT REACHED]: For request /reset-password by ::ffff:127.0.0.1
Embraser01
commented
5 years ago As I can see, it happend for two different ips (the rate limit is set per IPs). The first one was probably done on the Wi-Fi K-Fêt and the other done on 4G. Anyway, this must have happend after 5 fails...
I can increase this number (I don't really see the point to disabled it in dev) because in the case multiple devices do request from the same network (e.g. WiFi K-Fêt), it will count as one device.
corentingiraud
commented
5 years ago As you want :)
Embraser01
commented
5 years ago I will look into it tomorrow morning :smile: Anyway, I will set the reject time at 15min instead of 20min and increase number of attemps to 10 failed requests.
Describe the bug
In production, we schould increase rate limit in order to remove anoying
Too many request error(code 429).In dev mode, we schould remove this restriction.
Screenshots
Desktop (please complete the following information): All
Smartphone (please complete the following information): All