diff options
| -rw-r--r-- | config/general.yml-example | 2 | ||||
| -rw-r--r-- | doc/CHANGES.md | 2 |
2 files changed, 4 insertions, 0 deletions
diff --git a/config/general.yml-example b/config/general.yml-example index 86399f0bc..345d3b1d6 100644 --- a/config/general.yml-example +++ b/config/general.yml-example @@ -137,3 +137,5 @@ EXCEPTION_NOTIFICATIONS_TO: - robin@example.org - seb@example.org +# This rate limiting can be turned off per-user via the admin interface +MAX_REQUESTS_PER_USER_PER_DAY: 6
\ No newline at end of file diff --git a/doc/CHANGES.md b/doc/CHANGES.md index 99aaf7c98..641dc30a5 100644 --- a/doc/CHANGES.md +++ b/doc/CHANGES.md @@ -6,6 +6,7 @@ * It is now possible to rebuild the xapian index for specific terms, rather than having to drop and rebuild the entire database every time (as previously). See rake xapian:rebuild_index for more info. * When listing authorities, show all authorities in default locale, rather than only those in the currently selected locale. * Ensure incoming emails are only ever parsed once (should give a performance boost) +* Added a simple rate-limiting feature: restrict the number of requests users can make per day, except if explicitly unrestricted in the admin interface * [Full list of changes on github](https://github.com/sebbacon/alaveteli/issues?state=closed&milestone=9) ## Upgrade notes @@ -19,6 +20,7 @@ * Ensure you have values for new config variables (see `config/general.yml-example`): * EXCEPTION_NOTIFICATIONS_FROM * EXCEPTION_NOTIFICATIONS_TO + * MAX_REQUESTS_PER_USER_PER_DAY * The recommended Varnish config has changed, so that we ignore more cookies. You should review your Varnish config with respect to the example at `config/varnish-alaveteli.vcl`. * Consider setting elinks global config as described in the "Troubleshooting" section of INSTALL.md |