Opened 19 years ago
Closed 16 years ago
#2538 closed enhancement (wontfix)
Add throttling middleware
Description ¶
It'd be nice to have a middleware that would throttle requests from the same IP address, to prevent things like brute-force password attacks and DOS attacks. Or just rudeness on the part of search-engine spiders. This middleware would have to keep track of each request and which IP address it came from. Probably HTTP_FORWARDED_FOR, too, if that's available.
Change History (4)
comment:1 by , 19 years ago
| Keywords: | session handling added |
|---|
comment:2 by , 18 years ago
| Resolution: | → wontfix |
|---|---|
| Status: | new → closed |
Marked as wontfix, since this is better handled at the webserver level using something like mod_throttle, unless anyone has other situations when this is necessary?
comment:3 by , 16 years ago
| Resolution: | wontfix |
|---|---|
| Status: | closed → reopened |
In the world of App Engine this would be handy to prevent too much data submission from a single IP perhaps? i.e. when running django in a non-apache environment.
comment:4 by , 16 years ago
| Resolution: | → wontfix |
|---|---|
| Status: | reopened → closed |
Closing again - no need to bloat Django just for app engine's sake. Not saying that this might not be useful, it just doesn't need to be in core Django
Take it to django-dev if you want to discuss more.
there are several of these already available for apache2. what could a middleware version in django do what those couldn't ?