[openstreetmap/openstreetmap-website] rate-limit changeset comments (Issue #4196)
Mateusz Konieczny
notifications at github.com
Fri Aug 25 13:53:42 UTC 2023
My idea would be to leave no-rate-limit flag for future then. Once it would be present "DWG status" would be replaced by "DWG status or no-rate-limit flag"
First matching rule would apply:
DWG status: unlimited
accounts with less than 500 changeset comments and unresolved report filed about them: 1 comment/60 minutes (if possible to reasonably implement, was not mentioned either way)
accounts with less than 200 changeset comments: 1 comment/5 minutes
otherwise: 60 comments/hour
------------------------------------------------
With such model accounts mass reverting vandal attack would be unable to make notes which changesets were reverted. This would be fixable with no-rate-limit-flag.
Another option is to have "otherwise: unlimited" with hope that vandal accounts will be blocked within 1000 minutes (assuming worst case of 1 comment/5 minutes). If taking into account reports is possible then people reporting vandal accounts would slow them down significantly, even if report is not processed immediately.
Though it would potentially make possible to harass users by making useless reports against them, but rate limiting changeset comments is not effective harassment method, I think. And power users especially likely to interact with vandals would be exempt.
Main overall drawbacks would be that code will not write itself, potential for bugs blocking legitimate users, increased code complexity. And if someone can have thousands accounts then rate limits by itself will not help much. But overall it seems worth as part of the countervandal strategy.
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/4196#issuecomment-1693397011
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/issues/4196/1693397011 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20230825/fde7a2bf/attachment.htm>
More information about the rails-dev
mailing list