From 64cefa68218b5a5d333a0747e3f3935be098bfcc Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Sun, 27 Aug 2023 09:50:40 +0100 Subject: [PATCH] Apply signup rate limits to the main site --- cookbooks/web/recipes/rails.rb | 4 ++++ cookbooks/web/resources/rails_port.rb | 10 +++++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/cookbooks/web/recipes/rails.rb b/cookbooks/web/recipes/rails.rb index 90411d552..90bd16c0a 100644 --- a/cookbooks/web/recipes/rails.rb +++ b/cookbooks/web/recipes/rails.rb @@ -143,6 +143,10 @@ rails_port "www.openstreetmap.org" do trace_image_storage_url "https://openstreetmap-gps-images.s3.dualstack.eu-west-1.amazonaws.com" overpass_url "https://query.openstreetmap.org/query-features" overpass_credentials true + signup_ip_per_day 24 + signup_ip_max_burst 48 + signup_email_per_day 1 + signup_email_max_burst 2 imagery_blacklist [ # Current Google imagery URLs have google or googleapis in the domain ".*\\.google(apis)?\\..*/.*", diff --git a/cookbooks/web/resources/rails_port.rb b/cookbooks/web/resources/rails_port.rb index 34ae01458..385423528 100644 --- a/cookbooks/web/resources/rails_port.rb +++ b/cookbooks/web/resources/rails_port.rb @@ -86,6 +86,10 @@ property :trace_image_storage_url, String property :trace_icon_storage_url, String property :tile_cdn_url, String property :imagery_blacklist, Array +property :signup_ip_per_day, Integer +property :signup_ip_max_burst, Integer +property :signup_email_per_day, Integer +property :signup_email_max_burst, Integer action :create do package %W[ @@ -336,7 +340,11 @@ action :create do "trace_image_storage_url", "trace_icon_storage_url", "tile_cdn_url", - "imagery_blacklist" + "imagery_blacklist", + "signup_ip_per_day", + "signup_ip_max_burst", + "signup_email_per_day", + "signup_email_max_burst" ).compact.merge( "server_protocol" => "https", "server_url" => new_resource.site, -- 2.39.5