-
Notifications
You must be signed in to change notification settings - Fork 111
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rate limiting #18
Comments
Hello, ddns itself does not provide any rate limiting functionality but it should be possible to implement this directly in caddy (maybe using this plugin https://caddyserver.com/v1/docs/http.ratelimit) or your webserver of choice. |
Thanks, that didn't appear to me. What about adding it to the docker image with some sane defaults (targeted at (very) small servers as for big servers the people would anyway adjust other settings or use a different web server)? |
I'm not sure if this is really a problem unless your installation is as big as DynDns or any other big hoster. The sample docker setup uses a docker image from abiosoft https://hub.docker.com/r/abiosoft/caddy/ which provides a way of building caddy containers with custom piugins. |
I just imagined someone could (D)DoS your server https://ddns.pboehm.de/ quite easily I guess. |
That is probably true, but a rate limiting based on IP addresses, ... probably is no real solution to that problem. Besides that, ddns.pboehm.de is only a test server provided with no guarantees. In case you rely on it, you should probably host it yourself and restrict access to it. |
There are several very different strategies and one based on IP addrs is one of the bad ones.
I meant it rather like a friendly notifier 😉. I think this issue can be closed as you answered my question. Thanks again. |
Didn't find time to dig in the code, but is there any rate limiting support (at least for creation & updates of existing records)?
If so, what are the defaults and how could I change them? I envision something like https://flask-limiter.readthedocs.io/en/stable/ (but of course for Go) - mainly the Moving Window strategy.
The text was updated successfully, but these errors were encountered: