libcgi-application-plugin-ratelimit-perl 1.0-4 source package in Ubuntu
Changelog
libcgi-application-plugin-ratelimit-perl (1.0-4) unstable; urgency=medium [ Salvatore Bonaccorso ] * debian/control: Use HTTPS transport protocol for Vcs-Git URI [ gregor herrmann ] * debian/copyright: change Copyright-Format 1.0 URL to HTTPS. * Remove Jaldhar H. Vyas from Uploaders. Thanks for your work! [ Salvatore Bonaccorso ] * Update Vcs-* headers for switch to salsa.debian.org [ gregor herrmann ] * debian/watch: use uscan version 4. [ Debian Janitor ] * Bump debhelper from deprecated 8 to 12. * Set debhelper-compat version in Build-Depends. * Remove constraints unnecessary since stretch: + libcgi-application-plugin-ratelimit-perl: Drop versioned constraint on libcgi-application-extra-plugin-bundle-perl in Replaces. + libcgi-application-plugin-ratelimit-perl: Drop versioned constraint on libcgi-application-extra-plugin-bundle-perl in Breaks. -- Jelmer Vernooij <email address hidden> Fri, 10 Jun 2022 00:41:52 +0100
Upload details
- Uploaded by:
- Debian Perl Group
- Uploaded to:
- Sid
- Original maintainer:
- Debian Perl Group
- Architectures:
- all
- Section:
- perl
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Oracular | release | universe | perl | |
Noble | release | universe | perl | |
Mantic | release | universe | perl | |
Lunar | release | universe | perl |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
libcgi-application-plugin-ratelimit-perl_1.0-4.dsc | 2.4 KiB | 17e35a420f6e506e261976e256409f0506b1b7bbaa3976894ae3890e600e5f8a |
libcgi-application-plugin-ratelimit-perl_1.0.orig.tar.gz | 7.3 KiB | eda5fe08de12ea885520fc9c2b15f448905eece5ce74c765895dfeacf9f3123c |
libcgi-application-plugin-ratelimit-perl_1.0-4.debian.tar.xz | 3.0 KiB | e19d52f60f3bc1cb39644816928bf95d4748f23605c1f33047b67247394b8434 |
Available diffs
- diff from 1.0-3.1 to 1.0-4 (1.5 KiB)
No changes file available.
Binary packages built by this source
- libcgi-application-plugin-ratelimit-perl: Perl module for limiting the runmode call rate per user
CGI::Applicati
on::Plugin: :RateLimit provides protection against a user
calling a runmode too frequently. A typical use-case might be a contact form
that sends email. You'd like to allow your users to send you messages, but
thousands of messages from a single user would be a problem.
.
This module works by maintaining a database of hits to protected runmodes. It
then checks this database to determine if a new hit should be allowed based
on past activity by the user. The user's identity is, by default, tied to
login (via REMOTE_USER) or IP address (via REMOTE_IP) if login info is not
available. You may provide your own identity function via the
identity_callback( ) method.
.
To use this module you must create a table in your database with the
following schema (using MySQL-syntax, although other DBs may work as well
with minor alterations):
.
CREATE TABLE rate_limit_hits (
user_id VARCHAR(255) NOT NULL,
action VARCHAR(255) NOT NULL,
timestamp UNSIGNED INTEGER NOT NULL,
INDEX (user_id, action, timestamp)
);
.
You may feel free to vary the storage-type and size of user_id and action to
match your usage. For example, if your identity_callback() always returns an
integer you could make user_id an integer column.
.
This table should be periodically cleared of old data. Anything older than the
maximum timeframe being used can be safely deleted.
.
IMPORTANT NOTE: The protection offered by this module is not perfect.
Identifying a user on the internet is very hard and a sophisticated attacker
can work around these checks, by switching IPs or automating login creation.