diff options
author | Brendan Abolivier <contact@brendanabolivier.com> | 2019-03-15 17:46:16 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-03-15 17:46:16 +0000 |
commit | 899e523d6d92dfbc17dce81eb36f63053e447a97 (patch) | |
tree | 5a8e2a7b2638cdc06a6dd4c8736c828c25ba47b9 /docs/sample_config.yaml | |
parent | Merge pull request #4855 from matrix-org/rav/refactor_transaction_queue (diff) | |
download | synapse-899e523d6d92dfbc17dce81eb36f63053e447a97.tar.xz |
Add ratelimiting on login (#4821)
Add two ratelimiters on login (per-IP address and per-userID).
Diffstat (limited to 'docs/sample_config.yaml')
-rw-r--r-- | docs/sample_config.yaml | 39 |
1 files changed, 28 insertions, 11 deletions
diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml index 5f2534e465..b3df272c54 100644 --- a/docs/sample_config.yaml +++ b/docs/sample_config.yaml @@ -379,6 +379,34 @@ rc_messages_per_second: 0.2 # rc_message_burst_count: 10.0 +# Ratelimiting settings for registration and login. +# +# Each ratelimiting configuration is made of two parameters: +# - per_second: number of requests a client can send per second. +# - burst_count: number of requests a client can send before being throttled. +# +# Synapse currently uses the following configurations: +# - one for registration that ratelimits registration requests based on the +# client's IP address. +# - one for login that ratelimits login requests based on the client's IP +# address. +# - one for login that ratelimits login requests based on the account the +# client is attempting to log into. +# +# The defaults are as shown below. +# +#rc_registration: +# per_second: 0.17 +# burst_count: 3 +# +#rc_login: +# address: +# per_second: 0.17 +# burst_count: 3 +# account: +# per_second: 0.17 +# burst_count: 3 + # The federation window size in milliseconds # federation_rc_window_size: 1000 @@ -403,17 +431,6 @@ federation_rc_reject_limit: 50 # federation_rc_concurrent: 3 -# Number of registration requests a client can send per second. -# Defaults to 1/minute (0.17). -# -#rc_registration_requests_per_second: 0.17 - -# Number of registration requests a client can send before being -# throttled. -# Defaults to 3. -# -#rc_registration_request_burst_count: 3.0 - # Directory where uploaded images and attachments are stored. |