security – What are sane values for Nginx Rate Limiting?

I’m trying to limit the number of concurrent connections to my site using Nginx limit_req. My goal is to defend the website against some users with a heavy hand on HTTRack, some aggressive bots and a couple of script kiddie. Nothing too hard, really.

I understood the whole leaky bucket analogy, but what I’m not so sure is how deep the bucket should be.

I understand that a tipical browser opens less than 10 concurrent connections to each host. So this would be approx. 15 requests per second, just to err on the side of caution:

limit_req_zone $binary_remote_addr zone=myzone:10m rate=15r/s;

Since these requests are more or less concurrent, I make them burstable:

limit_req zone=myzone burst=30 nodelay;

What do you think? Are these good values or are they too limiting/too broad?

Limiting "this" keyword usage/abuse in method, via declaration

This is a method I’ve in a class. Declaring {methods, object properties} against this once, removes many (7 in this snippet) this. prefixes, is that a bad pattern?

openStream (target) {
    const
        {ws, remoteStreams, UI, iceCredentials: credentials, name, parent} = this;
    target = ws.addrParse(target);
    if (remoteStreams.get(target.address))
        return UI.remoteStream({target});

    remoteStreams.set(target.address, new streamClient({target, credentials, parent));
    console.log('ws.%s.open(%o)', name, target.address);
}

ddos – Alternative to Proxy servers for limiting internet access?

My company is using on premise DMZ proxy servers to limit internet access to employees working from home. When they use company laptop, they are automatically configured to go through the proxy server for all traffic. The proxy will then block access to malicious and other unwanted site.

This solution works but is very bandwidth intensive as all traffic is multiplied by 2x. The proxy server is also under heavy ddos attacks (we’re trying to figure this out too)

Is there another solution that can help us protect our company laptops and data by blocking dangerous traffic without using proxy servers? How does your company monitor work from home laptop traffic?

Thank you folks

How to do overall and site specific rate limiting based on HTTP URI using modsecurity

Hi All,

I want to do URI based rate limiting in modsecurity. There are two rates that have to be kept track of, one is the overall rate a… | Read the rest of https://www.webhostingtalk.com/showthread.php?t=1827947&goto=newpost

Hitch TLS rate limiting

Good morning,

The main issue with Varnish itself is that it doesn’t support SSL/TLS. But when we use Hitch as SSL termination, it becomes… | Read the rest of https://www.webhostingtalk.com/showthread.php?t=1827614&goto=newpost

sql server – Limiting sp_whoisactive output

All,

I am currently putting together a knowledge based article that we can hand to our helpdesk to run through in order to do some preliminary troubleshooting or information gathering. One of the things I did was create the ability (thanks to Brent, https://www.brentozar.com/askbrent) to provide non-sysadmin’s the ability to run sp_whoisactive to output some details they could provide to dbas like myself in the ticket. The problem I am running into is I want to exclude “sql_text” from results, but I cannot seem to figure out how?

I understand you have the ability to filter the output when it goes to a table (@output_column_list param) but I am not having the agents export it to a table. Initially, I was under the impression that the “@output_column_list” was where I could adjust the columns I wanted to see in the results, but it is clearly only a parameter used to filter the output to a table. In my desperate attempt, I tried the above parameter anyways and would leave out “sql_text” from the output, but all that did was reposition the column order.

EXEC sp_WhoIsActive @output_column_list = '(dd%)(session_id)(login_name)(wait_info)(tasks)(tran_log%)(cpu%)(temp%)(block%)(reads%)(writes%)(context%)(physical%)(query_plan)(locks)(%)'

Therefore, I want them to be able to copy the contents (with headers) to an excel sheet to attach. The less complicated work, the better as I fear if I provide the help desk with too much info it will confuse them.

Am I missing something? They will not have the ability to run any jobs or even look at logs, so their rights are already VERY limited.

rate limiting – How do I limit linux CPU and RAM usage per user

I would like to limit CPU and ram usage per user.

So, let’s say there is user john.
He can run as many processes as he wants, but he also needs to have 2048 megabytes of ram and 2 CPU cores.

I know there are methods like ‘ulimit’ and ‘nice’, but I’m limited to just one command, so I would need something like this:

limiter_cmd -ram 2048 -cpu 2 screen -s 1 ./script

Also, I’m using the ‘screen’ command to save sessions.

Limiting points of elementary set

I consider the following set

$$A:=left{ frac{3mn}{2(m^2+mn+n^2)}; m,n in mathbb Z; text{ and }m,n text{ are not both zero}right}$$

Is it possible to identify the closure of $A$ in the reals?

control systems – Limiting transfer function of PID to upper and lower bounds

I have a question about Limiting the output of a transfer function in my system model.
(Im fairly new to control theory and control systems)

I have a model where a PID controller is directly controlling the acceleration of a quadcopter. The quadcopter is “trying” to fly at a set hight.

Currently, I have the following:
Copter PID

My question is: how can I limit the acceleration (the PID output) in the system?

I’ve tried the solution from question 133541. But that didn’t work out for me. Mathematica tells me the transfer function of the PID controller cant be converted into a nonlinearStateSpaceModel? I don’t really know why or how as I’m new to the field.

enter image description here

Thank you in advance!

More flexible Digital Wellbeing settings for limiting time spent in specific apps?

Digital Wellbeing is a feature/app built in to recent Google phones and some phones with Google-licensed Android distributions, but it isn’t open source, so unfortunately it doesn’t seem like it would be possible to modify it and add new features. I am looking for something a little more powerful, that would allow me to, for example:

  • Group a bunch of social media apps together, and have one time limit per day that covers them all as a group, rather than timing the usage of each individual app separately. For example, instead of limiting myself to 30 minutes on Twitter, 30 minutes on Facebook, and 30 minutes on Reddit, I would like to be able to limit myself to 1.5 hours in total on any “social media” app (the group of apps being definable by me, and I would define it to include Twitter, Facebook, Reddit, and perhaps others). So with that “group limit”, I would be able to spend, for example, 1 hour on Twitter and 30 minutes on Facebook, but then it wouldn’t allow me to use any of those 3 apps for the remainder of the day.
  • Disable the time limits automatically at weekends, and re-enable them at the beginning of the next week
  • Disable all the time limits manually in the evening, but have them re-enabled automatically the following day, in case I forget to do so.

Is there any way I can achieve these goals?

Also, is there any way to also achieve these goals on my Windows PC, in a unified way? Right now I’m just blocking those particular websites on my PC, as a workaround. That means I can only access them on my phone, so I don’t have an easy way to get around the time limits I’ve set up on my phone. But it would be nice to have a time limit that’s shared across all of my devices.