Project

General

Profile

Actions
Copy link

Improvements #13435

open

Extract DoS throttling limit & make configurable

Added by Matthias Van Ceulebroeck about 1 month ago. Updated about 1 month ago.

Status:
Review
Priority:
Normal
Assignee:
-
Target version:
4.12.0
Start date:
01/20/2025
Due date:
% Done:

0%

Estimated time:

Description

Currently, when the number of plain HTML and Ajax sessions combined is over the limit of 20 session in total, DoS protection will be checked.
It will be triggered if the plain HTMl sessions exceeds to maximum allowed ratio.

The limit of 20 is hardcoded, and a very small limit at that. We should:

  • extract the value
  • make the value configurable
  • make de default value larger (e.g. 100)
  • extend the documentation, so that the value itself, and how sessions are counted are more clear. Especially the interaction with bots and the the bootstrap timeout should be made clear.
Actions
Copy link
 #1

Updated by Romain Mardulyn about 1 month ago

  • Status changed from New to InProgress
  • Assignee set to Romain Mardulyn
Actions
Copy link
 #2

Updated by Romain Mardulyn about 1 month ago

  • Status changed from InProgress to Review
  • Assignee deleted (Romain Mardulyn)
Actions
Copy link

Also available in: Atom PDF