Hello,
We recently encountered a ip_10_secs_limit error as a result of a user using iCloud Private Relay which uses a pool of shared IPs.
Is there a way to relax this setting? I suspect we’re only just triggering this rule, and have had no problems with spam.
I found this mention in the code and a GlobalSetting.max_reqs_per_ip_per_10_seconds but I’ve been unable to find it when searching the Discourse settings.
Thank you for any pointers!
Matt
Do your logs show the user’s ip addresses or do they show the icloud addresses? If it’s the latter then you need to fix the nginx config so that the end user ip is getting to discourse rather then the proxy. The topics about running discourse with other servers have the code that you need to add to the app.yml to fix that. You need to change the x-forwarded-for, if memory serves.
You can override that setting with an env variable
DISCOURSE_SETTING_NAME: value
I’m not going to try to type it on my phone.
Thanks @pfaffman
iCloud may have been a false alarm; I’ve had an additional report from a Chrome user also seeing this. Surprisingly, this issue has only just started to occur, despite no changes to server configuration etc. (running 2.9.0.beta9), so I’m wondering why this has started to occur.
You can override that setting with an env variable
Meaning, I can set ip_10_secs_limit as an env variable on the server? Is this all lower cased, does it need a prefix? I was confused because the error message showed ip_10_secs_limit, but the Discourse source code showed GlobalSetting.max_reqs_per_ip_per_10_seconds, so I’m not sure which variable name to use.
Thanks again!
I think you may be correct about the IP address; it looks like it’s reporting as a Cloudflare IP address. It seems like there are some known issues here, I will do some reading!
Then you need to add the cloudflare template. That is your real problem.
DISCOURSE_IP_10_SECS_LIMIT
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.