Moves anonymous temporary session scope from duration to number of requests (search api), moving to a daily static window and keeping ban time:
Number of requests is BACKEND_TMP_MAX ans set to 300 by default.
If more than 300 request, IP is banned for BACKEND_TMP_DURATION secondes (14400=4 hours by default).
number of request are fully reseted in BACKEND_TMP_WINDOW seconds (86400s = 24h) after 1st request (basic non-moving window).
User can still register with its login.
Currents stats are :
above 2r/j: 3000 users / day, cumulated users 70000 users in a month
50r/j: 650 users/day, 1500 users/month
100r/j: 250 users/day, 6000 users/month
200r/j: 100 users/day; 1500 users/month
300r/j: 50 users/day; 700 users/month
This means current settings (token of 30 days, 300 r/j) with a 50 users threshold.
Moves anonymous temporary session scope from duration to number of requests (search api), moving to a daily static window and keeping ban time:
Number of requests is BACKEND_TMP_MAX ans set to 300 by default. If more than 300 request, IP is banned for BACKEND_TMP_DURATION secondes (14400=4 hours by default). number of request are fully reseted in BACKEND_TMP_WINDOW seconds (86400s = 24h) after 1st request (basic non-moving window). User can still register with its login. Currents stats are :
above 2r/j: 3000 users / day, cumulated users 70000 users in a month 50r/j: 650 users/day, 1500 users/month 100r/j: 250 users/day, 6000 users/month 200r/j: 100 users/day; 1500 users/month 300r/j: 50 users/day; 700 users/month This means current settings (token of 30 days, 300 r/j) with a 50 users threshold.