[nycphp-talk] Rate limiters for sign ups for a site.
Rukbat
rukbatsramblings at gmail.com
Mon Aug 15 10:16:47 EDT 2011
Are you expecting a dozen people from the same company to try to sign up
all at once? If it's from your own company, either take it off the
limit (exit the function if the IP is your company's) or set the site up
so it can see the internal IPs of those users and don't limit internal IPs.
I don't limit internal IPs, but external ones either need to use a
CAPTCHA or the rate is limited, depending on the site.
> I'm having a problem with spam bots and am currently research how to
> build an effective rate limiter for our sign up form. Currently I am
> leaning towards IP based limits (with a certain time criteria). Has
> anyone ever had problems with this type of rate limit and corporate
> proxies/firewalls where every user has the same IP address? Also if
> anyone has any interesting articles about this type of rate/velocity
> limiting I would be interesting in learning more.
>
> Regards,
> Anthony
>
More information about the talk
mailing list