"30 requests every 10 seconds per IP"
As I think of this there could be three possibilities how request rate limiting works:
Well?
Un film, une émission télévisée ou un artiste est introuvable ? Connectez-vous afin de créer une nouvelle fiche.
Vous souhaitez évaluer ou ajouter cet élément à une liste ?
Pas encore membre ?
Réponse de Travis Bell
le 14 décembre 2014 à 11h07
Hi lavsprat,
Honestly, at this point rate limiting is barely working. The reason is because we're just using Nginx's rate limiting features but since we don'tt use sticky sessions and there's 8 API instances in our cluster with no global count or timer, the counts get split across all 8 of course, mitigating any kind of limiting ability.
So how is it supposed to work right now? Mostly like option #3. You can at most make 30 requests in a 10 second span. Every 10 seconds the counter resets.
I posted this update about our future rate limiting methods but me and our ops team got busy with other things and it still has yet to make its way into production. Having said that, this is still a priority for us and has recently had a renewed interest internally. It will be going live, I just don't know exactly when. The new version fixes all of the problems we had in v1 mentioned above.
Réponse de lavsprat
le 14 décembre 2014 à 17h12
Thanks for quick answer.