Suspicious login emails coming from all over

The issue here is that we are in 2-3 month cadence for updating maxmind, and this data is going stale real fast, this is probably the second or third time this happened.

This issue does not exist in today’s maxmind db.

We do not want to be downloading 60mb from 200 or so containers every day, I will not be surprised if maxmind just burn our IP if we do this.

What we can do though is have some sort of middle ground here that forces an update in a slightly more aggressive cadence without risking getting our infrastructure IPs burnt or get a terrible reputation with maxmind.

My proposal would be:

  1. Add site setting for refresh_maxmind_db_during_precompile_days default to say 2 days.

  2. During assets:precompile if we did not download maxmind in refresh_maxmind_db_during_precompile_days then spin a thread to download maxmind and join on it prior to finishing assets:precompile

End result is that in our infrastructure maxmind will only be up to 2 days old, but we will need to deploy sites to update it.

Also for self hosters, rebuilds will always ensure maxmind is pretty fresh.

@codinghorror thoughts?

6 Likes