From 36985e959052b8b196c3af97b3f92f88f28a4785 Mon Sep 17 00:00:00 2001 From: evazion Date: Thu, 9 Dec 2021 21:47:28 -0600 Subject: [PATCH] api: add rate limit to /posts.atom endpoint. Add a rate limit of 1 request per 2 seconds to the post RSS feed endpoint (/posts.atom). This lets you check your feeds 30 times per minute, or 1800 times per hour. The previous limit was 10 requests per second. This is because there are too many bad RSS feed reader bots constantly checking the same tags over and over again, 24 hours a day, as fast they can. --- app/controllers/posts_controller.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/app/controllers/posts_controller.rb b/app/controllers/posts_controller.rb index 9013da261..306943979 100644 --- a/app/controllers/posts_controller.rb +++ b/app/controllers/posts_controller.rb @@ -2,6 +2,8 @@ class PostsController < ApplicationController respond_to :html, :xml, :json, :js layout "sidebar" + rate_limit :index, rate: 1.0/2.seconds, burst: 50, if: -> { request.format.atom? }, key: "posts:index.atom" + def index if params[:md5].present? @post = authorize Post.find_by!(md5: params[:md5])