libcgi-application-plugin-ratelimit-perl_1.0-2_all.deb


Advertisement

Description

libcgi-application-plugin-ratelimit-perl - Perl module for limiting the runmode call rate per user

Distribution: Debian 8 (Jessie)
Repository: Debian Main amd64
Package name: libcgi-application-plugin-ratelimit-perl
Package version: 1.0
Package release: 2
Package architecture: all
Package type: deb
Installed size: 71 B
Download size: 13.82 KB
Official Mirror: ftp.br.debian.org
CGI::Application::Plugin::RateLimit provides protection against a user calling a runmode too frequently. A typical use-case might be a contact form that sends email. You'd like to allow your users to send you messages, but thousands of messages from a single user would be a problem. This module works by maintaining a database of hits to protected runmodes. It then checks this database to determine if a new hit should be allowed based on past activity by the user. The user's identity is, by default, tied to login (via REMOTE_USER) or IP address (via REMOTE_IP) if login info is not available. You may provide your own identity function via the identity_callback() method. To use this module you must create a table in your database with the following schema (using MySQL-syntax, although other DBs may work as well with minor alterations): CREATE TABLE rate_limit_hits ( user_id VARCHAR(255) NOT NULL, action VARCHAR(255) NOT NULL, timestamp UNSIGNED INTEGER NOT NULL, INDEX (user_id, action, timestamp) ); You may feel free to vary the storage-type and size of user_id and action to match your usage. For example, if your identity_callback() always returns an integer you could make user_id an integer column. This table should be periodically cleared of old data. Anything older than the maximum timeframe being used can be safely deleted. IMPORTANT NOTE: The protection offered by this module is not perfect. Identifying a user on the internet is very hard and a sophisticated attacker can work around these checks, by switching IPs or automating login creation.

Replaces

  • libcgi-application-extra-plugin-bundle-perl << 0.5

    Download

    Source package: libcgi-application-plugin-ratelimit-perl

    Install Howto

    1. Update the package index:
      # sudo apt-get update
    2. Install libcgi-application-plugin-ratelimit-perl deb package:
      # sudo apt-get install libcgi-application-plugin-ratelimit-perl

    Files

    • /usr/share/doc/libcgi-application-plugin-ratelimit-perl/changelog.Debian.gz
    • /usr/share/doc/libcgi-application-plugin-ratelimit-perl/changelog.gz
    • /usr/share/doc/libcgi-application-plugin-ratelimit-perl/copyright
    • /usr/share/man/man3/CGI::Application::Plugin::RateLimit.3pm.gz
    • /usr/share/perl5/CGI/Application/Plugin/RateLimit.pm

    Changelog

    2012-06-14 - gregor herrmann <gregoa@debian.org> libcgi-application-plugin-ratelimit-perl (1.0-2) unstable; urgency=low * Team upload. * Add short description and improve long description. Thanks to Frederik Schwarzer for the bug report and the proposed patch. (Closes: #677495) * debian/copyright: update to Copyright-Format 1.0. * Bump Standards-Version to 3.9.3 (no changes). * Remove unused lintian override.

    2011-11-11 - Nicholas Bamber <nicholas@periapt.co.uk> libcgi-application-plugin-ratelimit-perl (1.0-1) unstable; urgency=low * Split off from libcgi-application-extra-plugin-bundle-perl (Closes: #647863).

    Advertisement
    Advertisement