OpenSRF

NGINX could use a DOS mitigation example

Bug #1913617 reported by Blake GH on 2021-01-28

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenSRF	New	Undecided	Unassigned

Bug Description

The Evergreen bug:

https://bugs.launchpad.net/evergreen/+bug/1913610

The changes actually apply to this project rather than Evergreen, though the specific URL mentioned here is Evergreen specific.

https://git.evergreen-ils.org/?p=working/OpenSRF.git;a=shortlog;h=refs/heads/user/blake/LP1913610_nginx_request_limits

Jason Stephenson (jstephenson) on 2021-02-13

Changed in opensrf:
assignee:	nobody → Jason Stephenson (jstephenson)

Revision history for this message

Jason Stephenson (jstephenson) wrote on 2021-02-13:

Test script to hammer unapi Edit (2.3 KiB, text/x-sh)

I tested Blake's configuration update using the attached script. I had to change the rate limit to 5 requests per second before it would kick in on my test system.

I think the new configuration should be commented out with additional comments explaining what it does.

This might also warrant a release note for sites that are upgrading.

Changed in opensrf:
assignee:	Jason Stephenson (jstephenson) → nobody

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Test script to hammer unapi Edit

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.