search

jupyter / nbviewer

nbconvert as a web service: Render Jupyter Notebooks as static web pages
https://nbviewer.jupyter.org
Other
2.22k stars 551 forks source link

Blacklist URL #71

Open Carreau opened 11 years ago

Carreau commented 11 years ago

Most of the bad request in the logs comes from robots trying to post links. We might want to add blacklist of links like https://developers.google.com/safe-browsing/developers_guide_v2

rgbkrk commented 10 years ago

Luckily, we give them a pretty blase error page when they fail so we're not a good target for link spam (unless they write their own notebooks).

On a side note, hypothetically, are we susceptible to a Denial of Service attack? If they fill all our threads with large junk pages, yes. If it's a targeted attack though, a blacklist won't help. This seems like more of an operational issue/part of configuration of the running site.

minrk commented 10 years ago

Yup, super easy to DOS nbviewer by making many requests to render large files (they don't even have to be notebooks, because the remote request takes up time / bandwidth).

rgbkrk commented 10 years ago

Yeah, I'm not too worried about it at this point. Even GitHub gets hit hard (which seems pretty misguided to me, as well as immature). There are so much more interesting things to do as a "hacker".

parente commented 6 years ago

XRef: #277