Revert "Add rate limiting of /api/annotations (#5423)" (#5431)

This reverts commit 3f7bcb0.
hypothesis · Nov 23, 2018 · 81d3853 · 81d3853
1 parent 3f7bcb0
commit 81d3853
Showing 1 changed file with 0 additions and 61 deletions.
diff --git a/conf/nginx.conf b/conf/nginx.conf
@@ -17,22 +17,6 @@ http {
 
   access_log off;
 
-  # If there is an auth token, rate limit based on that,
-  # otherwise rate limit per ip.
-  map $http_authorization $limit_per_user {
-    "" $binary_remote_addr;
-    default $http_authorization;
-  }
-
-  # 1m stands for 1 megabyte so the zone can store ~8k users.
-  # User's typically don't go over 1rps including bots so set the
-  # generic rate limit of all endpoints to 1rps.
-  limit_req_zone $limit_per_user zone=badge_user_1rps_limit:1m rate=1r/s;
-  limit_req_zone $limit_per_user zone=assets_user_1rps_limit:1m rate=1r/s;
-  limit_req_zone $limit_per_user zone=create_ann_user_1rps_limit:1m rate=1r/s;
-  limit_req_zone $limit_per_user zone=user_1rps_limit:1m rate=1r/s;
-  limit_req_status 429;
-
   # We set fail_timeout=0 so that the upstream isn't marked as down if a single
   # request fails (e.g. if gunicorn kills a worker for taking too long to handle
   # a single request).
@@ -71,10 +55,6 @@ http {
       return 302 "https://trello.com/b/2ajZ2dWe/public-roadmap";
     }
 
-    location @api_error_429 {
-        return 429 '{"status": "failure", "reason": "Request rate limit exceeded"}';
-    }
-
     location / {
       proxy_pass http://web;
       proxy_http_version 1.1;
@@ -86,47 +66,6 @@ http {
       proxy_set_header X-Forwarded-Server $http_host;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Request-Start "t=${msec}";
-
-      # The /api/badge endpoint limit is chosen to limit the
-      # load from any single user, and take advantage of latency
-      # not being critical.
-      location /api/badge {
-        limit_req zone=badge_user_1rps_limit burst=15;
-        error_page 429 @api_error_429;
-
-        proxy_pass http://web;
-      }
-
-      # The /assets rate limit is chosen so that the user
-      # can refresh the web page with the most asset links
-      # on it a few times in succession without hitting the
-      # limit.
-      location /assets {
-        limit_req zone=assets_user_1rps_limit burst=139 nodelay;
-
-        proxy_pass http://web;
-      }
-
-      # The POST /api/annotations limit is chosen to allow
-      # reasonable usage while preventing a single user from
-      # causing service disruption.
-      location =/api/annotations {
-        limit_req zone=create_ann_user_1rps_limit burst=8;
-        error_page 429 @api_error_429;
-
-        proxy_pass http://web;
-      }
-
-      location /api {
-        limit_req zone=user_1rps_limit burst=44 nodelay;
-        error_page 429 @api_error_429;
-
-        proxy_pass http://web;
-      }
-
-      # An overall rate limit was chosen to allow reasonable usage while
-      # preventing a single user from causing service disruption.
-      limit_req zone=user_1rps_limit burst=44 nodelay;
     }
   }