#1678: Relax anti-DOS protection for the SVN service
---------------------------+------------------------------
Reporter: strk | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Keywords: dos, svn, apache
---------------------------+------------------------------
It looks like 30 requests within a single second are easy to make when it
comes to fetching SVN code. See postgis:#3553
This ticket is to raise the DOSSiteCount limit a little bit, after
checking that it is really legit to hit that hard, even if it is for an
SVN checkout.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1678>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1678: Relax anti-DOS protection for the SVN service
------------------------------+--------------------
Reporter: strk | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: dos, svn, apache |
------------------------------+--------------------
Comment (by strk):
It was found to be DOSPageCount (3) to be the cause of blocking, not
DOSSiteCount (which is 50, btw, not 30): postgis:#3553#comment:6
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1678#comment:1>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1678: Relax anti-DOS protection for the SVN service
------------------------------+--------------------
Reporter: strk | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: dos, svn, apache |
------------------------------+--------------------
Comment (by wildintellect):
It's reasonable to set the svn limits rather high, since a spammer won't
have commit rights without a project admin manually adding them to the
correct project group. So more than a few hundred hits a minute for all of
the possible options.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1678#comment:2>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1678: Relax anti-DOS protection for the SVN service
------------------------------+--------------------
Reporter: strk | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: dos, svn, apache |
------------------------------+--------------------
Comment (by strk):
It doesn't take commit access to successfully run a denial-of-service
attack
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1678#comment:3>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.