Ratelimits and security concerns for public servers #81
Comments
|
yeah there is no protection whatsoever, you can fuck up a server probably quite easily these protective features are in the roadmap but got never implemented. tw.thissma.fr is deployed in a docker with a size-limited storage. Glad to hear you could deploy easily!! |
|
Okay thanks for the fast response. Could also leave an issue open for ratelimits but I think it would be cleaner to recreate one if needed. I don't want to mess with your todo management. I guess I will take down at least my backend until I figure out a good way to sandbox it or until you implemented some ratelimits :P |
|
keeping open :) |
|
Okay if it stays open here are some things I would like to see:
And then at some point it would also be nice to have per user limits if there is ip tracking or accounts. But global limits should be there from the start with sane defaults. |
Is https://tw.thissma.fr/ a unedited version of the main branch? Is it save for me to also host a public instance? Have there been any trolling incidents? Are there ratelimits on anything? Can someone just fill up the hard drive with maps?
I quickly did a test deploy to https://editor.zillyhuhn.com/ which was super smooth BTW. And was wondering if i can just leave it there and forget about it :D
The text was updated successfully, but these errors were encountered: