Prevent repeated requests to the same media file by the same requester

[Half-Shot]

While in theory I suppose a sensible cache would help with this, in practise the media repo doesn't cope very well with repeatedly requesting the same media file, and it might be a smart idea to sensibly limit the number of times a given IP can request the same media over and over.

We've seen cases where the same media is requested within a few hundred millseconds, and any reasonable browser / client should be caching those requests and not hitting the server each time.

[turt2live]

err, lower the rate limits?

[Half-Shot]

But it's valid to request a lot of different media? Assuming rate limits apply to the endpoint, not endpoint+mediaId?

[turt2live]

sure, but it's questionable if this needs an application level block or if it should be at a higher network layer. The application is already serving from cache (or is supposed to be), so should already be performing at maximum capability. A reverse proxy or alternative caching layer might want to de-dupe the requests or limit requests more severely.