Closed Bug 1911202 Opened 1 year ago Closed 1 year ago

Remove support for iprepd from the BMO code base as it is not being used since the move to GCP

Categories

(bugzilla.mozilla.org :: Infrastructure, task)

Product:
bugzilla.mozilla.org
Component:
Infrastructure
Version:
Production
Type:
task

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: dkl, Assigned: dkl)

Details

Attachments

(1 file)

[mozilla-bteam/bmo] Bug 1911202 - Remove support for iprepd from the BMO code base as it is not being used since the move to GCP (#2294)
46 bytes, text/x-github-pull-request
Details | Review

We are sending requests for login and mfa failures to the old iprepd endpoint but no real protection is happening. So we should disable the feature, remove the code and look for an alternative solution for customized rate limiting.

One main feature of iprepd, we could send types of violations based on userid instead of ip address which allowed us to block the brute forcing of a specific account from multiple ip addresses.

Original endpoint docs:
https://github.com/mozilla-services/iprepd

Status: NEW → ASSIGNED
Summary: Remove support for iprepd from the BMO code base as I understand it from Ops it is not being used since the move to GCP → Remove support for iprepd from the BMO code base as it is not being used since the move to GCP

Anywhere where I can, I will mimic what iprepd was giving us directly in the BMO code using the current rate limiting functionality.

Merged
https://github.com/mozilla-bteam/bmo/commit/3d826bcf502aef107b47b177a1e714e10b13e140

Status: ASSIGNED → RESOLVED
Closed: 1 year ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: