Apply throttling on some certain REST API services

I have a use-case, where I need to apply throttling policy, for example, maximum request limit per second from certain IP.

I saw nice documents for another framework https://www.django-rest-framework.org/api-guide/throttling/.

I need plone.restapi specific solution. Can you guys please share your idea or already have existing solution?

Hi,

In my work we solve this problem using an API Manager, the Gravitee.io. We can't figure out how to do the trick only using the Plone framework. If you got it, please, share with us.

Thanks.

1 Like

I'd implement this in your frontend webserver, so Plone doesn't have to deal with that at all.

If you're using nginx, try: https://www.nginx.com/blog/rate-limiting-nginx/ . Other webservers allow the same kind of construct, but I use nginx only.

5 Likes

We are using Apache that's one problem :slight_smile:
I saw configure in Apache like Nginx is not easy. Found https://johnleach.co.uk/posts/2012/05/15/rate-limiting-with-apache-and-mod-security/ https://coderwall.com/p/eouy3g/using-mod_evasive-to-rate-limit-apache

Beside I want more control, for example, I want certain service should be available for certain period

My first idea popping up: write a Wsgi middleware. Second was, well there must be something out there to use/ build on. And my friend Duckduckgo found https://github.com/klmitch/turnstile

2 Likes

Plone Foundation Code of Conduct