From 0f1ce36a9f4dc08adaf2e5d97ed52be0a97e6aec Mon Sep 17 00:00:00 2001 From: Gagan Trivedi Date: Thu, 1 Feb 2024 12:24:34 +0530 Subject: [PATCH 1/3] feat(rate-limit): enable rate limit in production --- .../aws/production/ecs-task-definition-web.json | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/infrastructure/aws/production/ecs-task-definition-web.json b/infrastructure/aws/production/ecs-task-definition-web.json index 9bddfe41bda4..df8ad1c23eff 100644 --- a/infrastructure/aws/production/ecs-task-definition-web.json +++ b/infrastructure/aws/production/ecs-task-definition-web.json @@ -178,6 +178,22 @@ { "name": "PIPEDRIVE_IGNORE_DOMAINS", "value": "flagsmith.com,solidstategroup.com,restmail.net,bullettrain.io,flagsmithe2etestdomain.io" + }, + { + "name": "DEFAULT_THROTTLE_CLASSES", + "value": "core.throttling.UserRateThrottle" + }, + { + "name": "DJANGO_REDIS_CONNECTION_FACTORY", + "value": "core.redis_cluster.ClusterConnectionFactory" + }, + { + "name": "USER_THROTTLE_CACHE_BACKEND", + "value": "django_redis.cache.RedisCache" + }, + { + "name": "USER_THROTTLE_CACHE_LOCATION", + "value": "rediss://serverless-redis-cache-c4q8sw.serverless.euw2.cache.amazonaws.com:6379" } ], "secrets": [ From ebd3008fd2e8bd4b31c3b176148fc7af1f872dc3 Mon Sep 17 00:00:00 2001 From: Gagan Trivedi Date: Thu, 1 Feb 2024 15:33:55 +0530 Subject: [PATCH 2/3] document rate limit --- docs/docs/system-administration/system-limits.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/docs/system-administration/system-limits.md b/docs/docs/system-administration/system-limits.md index 22c4ea277da6..37d793f30b54 100644 --- a/docs/docs/system-administration/system-limits.md +++ b/docs/docs/system-administration/system-limits.md @@ -31,3 +31,9 @@ In order to ensure consistent performance, Flagsmith has the following limitatio ### Segment Data Elements - Maximum size of a Segment Rule Value is **1,000 bytes** + +### Rate Limit + +Requests made to admin endpoints (i.e., non-SDK endpoints) are subject to a default rate limit of 500 per minute. If you +are self-hosting, you have the flexibility to modify this limit by adjusting the value of the environment variable +USER_THROTTLE_RATE. From 102509621557f1c1aa094775b1d2edbca279d6c3 Mon Sep 17 00:00:00 2001 From: Gagan Trivedi Date: Thu, 1 Feb 2024 15:50:03 +0530 Subject: [PATCH 3/3] Update docs/docs/system-administration/system-limits.md Co-authored-by: Ben Rometsch --- docs/docs/system-administration/system-limits.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/docs/system-administration/system-limits.md b/docs/docs/system-administration/system-limits.md index 37d793f30b54..5eab5a684d70 100644 --- a/docs/docs/system-administration/system-limits.md +++ b/docs/docs/system-administration/system-limits.md @@ -36,4 +36,4 @@ In order to ensure consistent performance, Flagsmith has the following limitatio Requests made to admin endpoints (i.e., non-SDK endpoints) are subject to a default rate limit of 500 per minute. If you are self-hosting, you have the flexibility to modify this limit by adjusting the value of the environment variable -USER_THROTTLE_RATE. +`USER_THROTTLE_RATE`.