Have a way to prevent a user from making X number of scans in some time window

mozilla / ssh_scan_api

An API for ssh_scan (https://github.com/mozilla/ssh_scan) and the backend API service for the Mozilla SSH Observatory (https://observatory.mozilla.org/)

31 stars 8 forks source link

Have a way to prevent a user from making X number of scans in some time window #32

Closed claudijd closed 7 years ago

claudijd commented 7 years ago

This is merely to prevent a single user from running up the queues/networkIO on the ssh_scan_api and workers.

claudijd commented 7 years ago

This is effectively enforced to no more than 1 scan per 300 window. Otherwise, the user gets a cached response. I also removed the force command for the time being, as I don't want to expose that to prevent abuse scenarios.