Surge Protection
目次
This is caused by:
- some bad guys (spammers, vandals, ...) trying to put spam or trash on your pages
some less-bad guys (people just mirroring the wiki, without thinking about the load and the lots of useless requests and high traffic they cause)
- some bots, indexing the wiki content for some search engine
What can we do?
MoinMoin tracks requests by user name (if logged in) or IP address (if not logged in).
If the request count goes beyond some configured limit in some configured time interval, it will start to warn you (you will see a surge protection warning message instead of the expected wiki output). If you see this warning, just read it and do what it tells.
You should stop doing those requests for a minute in that case (just read the stuff you already got, drink some water, ...). You will have no problems if you continue a while later (just slow down a bit, so you won't go beyond the limit again).
If you don't pause and ignore the warnings and the requests don't stop hammering the wiki server, the wiki will think you are doing something nasty and will lock you out for some configurable amount of time.
Configuration
Configuration is done as usual: in your wikiconfig. These are the built-in default values:
1 surge_action_limits = {
2 # allow max. <count> <action> requests per <dt> secs
3 # Format:
4 # action: (count, dt)
5 'all': (30, 30), # all requests (except cache/AttachFile action) count for this limit
6 'default': (30, 60), # default limit for actions without a specific limit
7 'show': (30, 60),
8 'recall': (10, 120),
9 'raw': (20, 40), # some people use this for css
10 'diff': (30, 60),
11 'fullsearch': (10, 120),
12 'edit': (30, 300), # can be lowered after making preview different from edit
13 'rss_rc': (1, 60),
14
15 # The following actions are often used for images - to avoid pages with lots of images
16 # (like photo galleries) triggering surge protection, we assign rather high limits:
17 'AttachFile': (300, 30),
18 'cache': (600, 30), # cache action is very cheap/efficient
19 }
20 surge_lockout_time = 3600 # secs you get locked out when you ignore warnings
Hints
Big proxy or firewall
If you happen to be behind a big proxy or firewall (china? big company network?) you might get trouble with surge protection because all requests come from a single IP address, looking like a really nasty user or bot.
But you can easily work around that by just logging in, so it really counts your requests (it uses your name in that case to count requests, not your proxy/firewall IP).
You will also have no problem, if your proxy uses the 'x-forwarded-for' header with your real IP.
Disabling surge protection
It is not advised to do that. If it triggers too fast, adjust the limits to your needs. Even in an intranet wiki, it is no good if a single user can make the wiki unusable for everybody by firing up some leech tool at it.
If you want to do it nevertheless:
surge_action_limits = None # disable surge protection