Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

once auth ships, reject all non-authorized requests #505

Open
gruns opened this issue Oct 12, 2023 · 2 comments
Open

once auth ships, reject all non-authorized requests #505

gruns opened this issue Oct 12, 2023 · 2 comments
Assignees
Labels
enhancement New feature or request Medium Priority

Comments

@gruns
Copy link
Contributor

gruns commented Oct 12, 2023

add two rate limits when no auth token is provided

  • solid rate limits per IP. eg a max of like 5 reqs/IP/s
  • extreme rate limit per origin/referer. eg a max of 5 reqs/referer/s
  • do not ship this until auth ships 🙂
  • return http 429 appropriately when rate limits hit

requests with an invalid auth token will still be rejected

@hannahhoward
Copy link
Contributor

changed to initial implementation being NO unauthorized requests

@gruns
Copy link
Contributor Author

gruns commented Oct 20, 2023

yep! new implementation plan:

stage 1: auth required for every request. all requests without auth are rejected outright by l1s
stage 2: all requests without auth are severely rate limited to allow curl, wget, and other 'toy' usage of saturn without auth

for stage 2, the goal of the rate limits is:

  1. to allow for toy usage of saturn, eg with curl from the command line for debugging
  2. to explicitly disallow production usage of saturn without auth. for prod use, a customer must sign up and add auth to their requests

here are some potential rate limiting strategies to consider for implementation:

  • rate limit per IP, e.g. 5 reqs/IP/sec
  • rate limit per origin, e.g. 5 reqs/origin/sec
  • download rate limit per request, e.g. 200kbps maximum download speed per request
  • response size per request, e.g. 10MB maximum response size per request

some combination of all, or some, of the above rate limits will help accomplish both of stage 2's goals above

@gruns gruns changed the title once auth ships, implement severe rate limits on both IP and origin/referer once auth ships, implement strong rate limits on both IP and origin/referer Oct 25, 2023
@gruns gruns changed the title once auth ships, implement strong rate limits on both IP and origin/referer once auth ships, implement strong rate limits on both IP and origin/referer for requests without auth Oct 25, 2023
@reidlw reidlw changed the title once auth ships, implement strong rate limits on both IP and origin/referer for requests without auth once auth ships, reject all non-authorized requests Oct 30, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request Medium Priority
Projects
None yet
Development

No branches or pull requests

3 participants