Closed Bug 783262 Opened 12 years ago Closed 11 years ago

[tracker] Add rate limiting to protect us from spammers

Categories

(support.mozilla.org :: General, defect)

Product:
support.mozilla.org
Component:
General
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
2013Q2

People

(Reporter: atopal, Unassigned)

References

Details

(Whiteboard: u=sumo-team c=general p=) 

There are a number of places where spammers and other attackers can attack us by using site functionality. We have two goals with rate limiting:
1. Protect our KPI
2. Protect our users/contributors

1. Our KPIs are at based on the data collected from the site. Since we make decisions based on them we need to be able to rely on the validity of the data.

2. Even if no KPIs are affected a flooded thread, discussion forum or article history page can make the site unusable for users and contributors. 

For KPIs rate limit:
* number of questions per day
* number of KB helpful votes per day
* number of forum helpful votes per day

For protection of users/contributors
* number of KB revisions (new, edit, localization) per day
* number of answers per hour
For protection of users/contributors:
* number of support forum threads and replies per hour
* number of KB forum threads and replies per hour
* number of article forum threads and replies per hour
Summary: Add rate limiting to protect us from spammers → [tracker] Add rate limiting to protect us from spammers
This was discussed further and notes are kept in https://etherpad.mozilla.org/sumo-rate-limiting

While this bug will be used as a tracker we'll spin off new bugs for individual items to be rate limited
Depends on: 785850
Depends on: 785851
Target Milestone: 2012Q3 → 2013Q1
(In reply to Kadir Topal [:atopal] from comment #2)
> This was discussed further and notes are kept in
> https://etherpad.mozilla.org/sumo-rate-limiting
> 
> While this bug will be used as a tracker we'll spin off new bugs for
> individual items to be rate limited

Do we need to consider rate limiting posting original questions. And if possible rate limiting account creation. Spammers actively exploit this. Detail added to etherpad.
Depends on: 866156
Depends on: 866159
Depends on: 784351
Yeah, it makes sense to limit that too.
Depends on: 835736
Depends on: 784346
No longer depends on: 835736
Q1 is in the past. Moving to the future.
Target Milestone: 2013Q1 → Future
Looks like are done here \o/
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: Future → 2013Q2
You need to log in before you can comment on or make changes to this bug.