HomeDevCentral

Count #wikipedia-fr excess flood botnet mitigation bans

Description

Count #wikipedia-fr excess flood botnet mitigation bans

Summary:
We previously set a ban duration of one day, without any
insurance this value is optimal.

Alphos suggested we count banned clients by IP:

INSERT INTO excessfloodlog ( ipaddress, connectcount)
VALUES ( :ipaddress, 1 )
ON DUPLICATE KEY UPDATE connectcount = connectcount + 1;

As we strive for an immediate log but without network blocking
operation and as in the future similar protection could be
extended to other scenarii, including cloaks, we'll log hosts.

Fixes T518.


This commit introduces a database schema change:

CREATE TABLE `log_flood` (
  `host` varchar(255) NOT NULL DEFAULT '',
  `count` tinyint(3) unsigned DEFAULT NULL,
  `created` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
  `updated` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
  PRIMARY KEY (`host`)
) ENGINE=InnoDB;

Test Plan:

  • Watch #wikipedia-fr to notice when some bans are triggered
  • See if it's correctly logged in the database

Reviewers: dereckson

Projects: #d?ghrefn, Wikimedia

Maniphest Tasks: T518

Differential Revision: http://devcentral.nasqueron.org/D33