Ludovic Courtès <[email protected]> writes: > Heya Danjela, > > Daniela Lura <[email protected]> skribis: > >> Taking into consideration the suggestion made in this thread: >> https://lists.gnu.org/archive/html/guix-devel/2020-05/msg00096.html, my >> mentor, Christopher Baines suggested me to write a script that serves a >> search page for packages using the search functionality within the Guix >> Data Service, >> https://data.guix.gnu.org/repository/1/branch/master/latest-processed-revision/packages?search_query=git&field=version&field=synopsis&after_name=&limit_results=100 >> . >> >> The prototype page can be accessed through a test version of the Guix >> website that Chris deployed: >> http://guix-website-test.cbaines.net/packages/search > > Cool! To be clear, guix-website-test actually makes a search query on a > Data Service instance, right? I guess that explains part of the > slowness, but maybe we could tweak nginx to keep search results in cache > for a few hours. > > Florian raised an important issue regarding the possibility of denial of > service. Ideas on how to mitigate that, either in the Data Service, or > nginx at guix.gnu.org?
On this point specifically, I've used the rate limiting functionality in NGinx before, and that's probably a low cost approach to guarding against this. It's not going to stop a DDOS, but might help avoid lots of requests from one IP address causing load issues.
signature.asc
Description: PGP signature
