Alerting for high request volumes

[scottbarnes]

Problem

A clear and concise description of what you want to happen

Right now, we have no way of knowing, within any given batch of 10 minutes, whether we’re getting hit an unreasonable number of times by “unknown” agents (e.g. not bingbot or googlebot).

If we see unusual activity (defined perhaps as a ratio of the number of requests from the top IP compared to all requests in the time span), we want a Slack message with the anonymized IP + link to relevant documentation to enable staff to investigate and take action (deanonymize + nginx block)

Expected behaviour / screenshots (ex: Figma design screenshots for UI feature)

Additional Context

It's possible the knowledge gained from this could help inform rate limiting rules implemented within Nginx: https://blog.nginx.org/blog/rate-limiting-nginx.

Proposal & Constraints

No response

Leads

Related files

Stakeholders

---

@mek

Instructions for Contributors

• Please run these commands to ensure your repository is up to date before creating a new branch to work on this issue and each time after pushing code to Github, because the pre-commit bot may add commits to your PRs upstream.