I start to have a lot of 500 errors (Discourse InvalidAccess) in my installation and try upgrading, downgrading, backuping, etc… The only way to solve the problem was editing the file /var/www/discourse/lib/auth/default_current_user_provider.rb. Modifying the line
could be a bug in an early version, but disabling the rate limiter is not a good idea, it is there to protect against attacks.
My guess, IP is not being reported correctly to Discourse cause the site is behind a load balancer and every request looks like it is from the same ip.
You’re right… All the ips are 127.0.0.1 because all my visitors are internals users… The app is working as institutional intranet… I dont find the way to pass the real IP’s to discourse… In the nginx logs the IP’s seems fine.