php-crud-api Add rate limit functionality

Hi, Can I use rate limit with php-crud-api? And how can I create this rate limit.

Aug 27 '17 19:08 mhajder

No, that is not (yet) supported.

You can run the script behind Kong. See: https://getkong.org/

Aug 28 '17 06:08 mevdschee

Is there something for shared hosting?

Aug 28 '17 08:08 mhajder

@Rzeszow do you have memcache available? You need some store and should preferably not be the database or disk (for performance reasons).

Aug 28 '17 10:08 mevdschee

Yes i have.

Aug 28 '17 10:08 mhajder

You can do something like described here:

https://www.leaseweb.com/labs/2015/06/limit-concurrent-php-requests-using-memcache/

Aug 28 '17 13:08 mevdschee

Thanks

Aug 28 '17 13:08 mhajder

Some Design ideas:

If you exceed the provided rate limit for a given endpoint, you will receive the 429 Too Many Requests response

Rate limits should allow filtering of concurrent requests per ip address.

Rate limits should allow a bucket per "concurrent", "minute", "hour" and/or "day"

Oct 08 '18 15:10 mevdschee

Rate limit scopes should be "per authenticated session" (a specific session key), or "per ip address"

Rate limits may have different buckets for different endpoints.

Rate limits may set 'X-Rate-Limit' headers, see: https://tools.ietf.org/id/draft-polli-ratelimit-headers-00.html#rfc.section.3.1

Mar 24 '21 08:03 mevdschee

We could count query/server time and limit the quota to x milliseconds execution time per hour, to make the quota fairer.

Mar 24 '21 09:03 mevdschee

rate limiter should error with: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/429

maybe a 'Retry-After' header (seems similar to X-Rate-Limit-Reset)

Mar 24 '21 09:03 mevdschee

php-crud-api php-crud-api copied to clipboard