Rate limit is applied even if login/registration failed #5548
Comments
|
We've had this issue before, and I thought we fixed it. It might just be easier to up that rate limit. |
|
Its not handled in the code, and would be tricky to add. Hopefully it can be done as part of #5550. Agree about increasing the rate limit especially for 0.19 |
Nutomic
added a commit
that referenced
this issue
Apr 7, 2025
dessalines
pushed a commit
that referenced
this issue
Apr 7, 2025
Nutomic
added a commit
that referenced
this issue
Apr 8, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Login and registration have a very low rate limit of 3 requests per hour. This can easily be hit by mistyping the login password three times in a row, or putting the wrong captcha on registration. Afterwards you only see ratelimit errors. To resolve this the rate limit should only be applied if the action was successful.
Also login is a relatively cheap action and can use a higher limit.
The text was updated successfully, but these errors were encountered: