Skip to content
Permalink
Browse files
Update infra-ban.md
updated with a section for PMCs
  • Loading branch information
cottage14 committed Mar 11, 2022
1 parent fc665a7 commit 3fd098547e0a80845cb4d432b760a3a04d31cf51
Showing 1 changed file with 32 additions and 17 deletions.
@@ -1,21 +1,36 @@
Title: Site-wide ban policy

Infra has a very specific set of rules in place to prevent abuse of Apache services. If you break one of these rules, your IP will be banned from all services across the ASF.

The following actions are **not permitted** on ASF services:

- Slow Loris-like abuse (too many request timeouts).
- More than 200,000 pageviews on any box per 12 hours.
- More than 50,000 JIRA requests per 24 hours.
- More than 50 Gibibytes traffic per 12 hours (does not include mirrors, but does include `archive.apache.org`!).
- More than 25,000 visits to archive.apache.org per 24 hours.
- More than 100 mebibits/second sustained traffic for an hour or more.
- More than 2,000 viewvc requests per 24 hours.
- More than 100,000 Confluence (`cwiki.apache.org`) page visits per 24 hours.
- More than 10,000 Bugzilla requests per 24 hours.
- More than 1,000 Gitbox requests per hour.
- More than 25,000 `repository.apache.org` visits per 24 hours.
- More than 100,000 `builds.apache.org` visits per 12 hours.
- More than 2,500 code 429 (rate-limited) responses not respected per 12 hours. Services like Gitbox, Jira, Confluence, and Bugzilla have rate limits imposed. Abusing these services will result in a **429 HTTP** response code. Not respecting the HTTP response may result in a permanent ban.
## Policy

The Apache Software Foundation provides a robust and extensive system for serving the needs of the Foundation, of our projects as they create and deploy product releases, and of people all around the world who wish to download and use those products. These services are free of charge; but we offer them with the assumption that everyone uses them appropriately.

If you abuse the system by overloading it in one way or another, you make it harder for others to do what they need to do. The Infrastructure team will take steps to prevent abuse and restore normal access to all who rely on the ASF.

### PMCs and committers

Projects misusing ASF resources may see their access to those resources suspended without warning. Examples of misuse include:

- overuse of disk space.
- neglecting maintenance or security for project virtual machines.
- over-consuming Travis minutes.


### Those visiting the ASF to download products or for other reasons

If you break one of these rules, **your IP will be banned** from all services across the ASF.

- Slow Loris-like abuse (too many request timeouts).
- More than 200,000 pageviews on any box per 12 hours.
- More than 50,000 JIRA requests per 24 hours.
- More than 50 Gibibytes traffic per 12 hours.
- More than 25,000 visits to archive.apache.org per 24 hours.
- More than 100 mebibits/second sustained traffic for an hour or more.
- More than 2,000 viewvc requests per 24 hours.
- More than 100,000 Confluence (`cwiki.apache.org`) page visits per 24 hours.
- More than 10,000 Bugzilla requests per 24 hours.
- More than 1,000 Gitbox requests per hour.
- More than 25,000 `repository.apache.org` visits per 24 hours.
- More than 100,000 `builds.apache.org` visits per 12 hours.
- More than 2,500 code `429` (rate-limited) responses not respected per 12 hours. Services like Gitbox, Jira, Confluence, and Bugzilla have rate limits imposed. Abusing these services will result in a `429 HTTP` response code. Not respecting the HTTP response may result in a **permanent ban**.

If you think we banned your IP address by mistake, or if you have been banned but have an explanation why we should bend the rules for your specific case (for instance, if you have a NAT IP address that a lot of people use), contact us at `abuse@infra.apache.org` or through the "asfinfra" <a href="https://the-asf.slack.com/" target="_blank">Slack channel</a>. We will consider leniency and allow-listing on a case-by-case basis.

0 comments on commit 3fd0985

Please sign in to comment.