diff options
author | Patrick Cloke <clokep@users.noreply.github.com> | 2023-02-22 14:37:18 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-02-22 14:37:18 -0500 |
commit | 4ed08ff72ef8f1abf85ab22de1e51b570f67b27e (patch) | |
tree | cf00cd5638590b1faac36f90aeb72ee2b6a80ae4 /synapse | |
parent | Use `json.dump` in `FileExfiltrationWriter` (#15095) (diff) | |
download | synapse-4ed08ff72ef8f1abf85ab22de1e51b570f67b27e.tar.xz |
Tighten the default rate limit of creating new devices. (#15135)
Diffstat (limited to '')
-rw-r--r-- | synapse/config/ratelimiting.py | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/synapse/config/ratelimiting.py b/synapse/config/ratelimiting.py index 5c13fe428a..b733fac617 100644 --- a/synapse/config/ratelimiting.py +++ b/synapse/config/ratelimiting.py @@ -87,9 +87,18 @@ class RatelimitConfig(Config): defaults={"per_second": 0.1, "burst_count": 5}, ) + # It is reasonable to login with a bunch of devices at once (i.e. when + # setting up an account), but it is *not* valid to continually be + # logging into new devices. rc_login_config = config.get("rc_login", {}) - self.rc_login_address = RatelimitSettings(rc_login_config.get("address", {})) - self.rc_login_account = RatelimitSettings(rc_login_config.get("account", {})) + self.rc_login_address = RatelimitSettings( + rc_login_config.get("address", {}), + defaults={"per_second": 0.003, "burst_count": 5}, + ) + self.rc_login_account = RatelimitSettings( + rc_login_config.get("account", {}), + defaults={"per_second": 0.003, "burst_count": 5}, + ) self.rc_login_failed_attempts = RatelimitSettings( rc_login_config.get("failed_attempts", {}) ) |