couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexander Shorin <kxe...@gmail.com>
Subject Re: Input validation and limits
Date Mon, 25 Mar 2013 04:14:21 GMT
Hi Jason!

On Mon, Mar 25, 2013 at 7:22 AM, Jason Smith <jhs@apache.org> wrote:
> ## reCAPTCHA support
> ...
> ## Rate limiting

Wouldn't these things break bulk updates and replications? Both of
them triggers vdu much and let them fail on half way just because they
hit update rate wouldn't be nice.

P.S. Currently, these questions could be solved via nginx in front of
CouchDB + fail2ban. May be better to integrate with existed tools? For
example, providing auth.log with authentication successful and failure
attempts - fail2ban will be happy for this. Currently you have to live
with verbose logs (or configure per-module logging, thanks to Jan!)
which looks a bit overhead if you're interested only in auth problems.

--
,,,^..^,,,

Mime
View raw message