How did that go with the 2pac spammer on SO? Do you get that a lot?
I was shocked how little comprehensive information was out there on rate limiting and velocity checking for software developers
True, and I hope youāre planning to follow this up with some links to resources on implementing rate limiting. Since youāve implemented this on SO, do you have any implementation tips for us?
Trust me, Iāve been working intimately with Stack Overflow for the last six months, and you ABSOLUTELY DO NOT want new users posting more than one question every 10 minutes.
Does that affect the rate a user can reply to a question?
Would a curve-like rate limiter be more user friendly while still fairly effective? For each question asked, within a time-frame, increase the ācostā for asking the next question. Users with valid questions might not see the rate-limiter in action, but spamming users would quickly see it and hit a wall.
As a user of Tor, I do get the sorry.google.com page most of the time. But what really annoys me is that it does not always offer any captcha validation when I make a direct query. This forces me to go back to its home page, make the query from there, get the sorry page again but with the captcha, solve the puzzle and finally get my search results. And lately, even that has occasionally failed to ask the captcha question. It is frustrating.
Is there any other effective search engine with as simple an interface?
For our API, we allow you to select which rate limit you would like for your application (via API Key).
Because obviously, as you have statedā¦ rate limiting by API key would be nice for web servers, but not for iPhone applicationsā¦
The choice gives people time to think about their applicationā¦ Though it does breed apps that are linear in where they are deployed (ie only clients or only servers)ā¦
Actually, I think that the idea, in general, is good;
However, as it has been already pointed out, itād be nice if the question that didnāt pass the rate limiter would be stored (at least the last one only) if you are a registered user;
Hey Jeff - How about allowing questions or answers that have been made by new users to be viewable only by established users (say 1000+ rep) and not publicly viewable - except by the poster. Those posts are marked such that the established users who see the post know that theyāre waiting for moderation and can single click an accept link which increments a counter next to it. Once 5 established users have accepted the post then the view limitation is removed.
So to the new user it appears as if the post is out there in the public. We assume that enough established users will quickly see the post and moderate it in minutes (if not seconds).
The ISPs have already oversold their bandwidth. The caps are to prevent them from being bitten by how far they have oversold it.
When I worked at a gas station in high school, we werenāt warned about young people, we were warned about Gypsies (not kidding). Apparently they are a big threat to shoplift.
More on topic, Jeff, do you think it is easier/better to implement things like rate limiting after the fact, or incorporate it into the initial design?
Thereās no particular reason that the user needs to know about the limits. Let them type in questions as often as they want - if they havenāt already sent one in the last 10 minutes, post it instantly, but if theyāve already posted one then delay it in a queue until 10 minutes is up. If a userās queue contains a whole bunch of posts, something is amiss and something can be done.
On the students thing - itās also because kids tend to loiter a lot (though, the no loitering signs supposedly have that covered) and because kids are harder to monitor in larger groups and tend to steal more since by and large they have no income.
As for enforcing it, Iād wager a bet that itās not a hard and fast rule. If four students are in the store at the same time and theyāre all being good, then no need to kick anyone out. If theyāre being unruly and maybe even getting into a fight or something.
When I was in High School, the principal actually came over the central intercom and told everyone in the school that he has been informed that the gas station across the street has told us we (students) are no longer welcome there. No 3-at-a-time, no one was allowed there anymore.
If the sign said Only 3 black people at a time in the store, you would probably respond very differently.
Yes, however students in this context are minors and minors have a limited subset of rights that adults have. More importantly, they canāt vote and therefore canāt make something like this illegal in the future when they can vote (either because by then theyāll agree with it or theyāll have forgotten about it)
One thing that irritates the hell out of me are the forum searches that limit you to one every 30 seconds. Generally Iām searching a forum to find the answer to some problem Iām having and it usually takes more than one search to find what Iām looking for. Couple this with the fact that many forum search mechanisms are god-awful to begin with (but thatās another rant for another day.)
So after my first search doesnāt work out, Iāll go back and modify, only to be greeted with some Search Flood Protection Warning that wants me to wait another 30 seconds before I can continue.
Iām not saying I know a better solution, or even that I wouldnāt necessarily do the same thing if I had to, just that it irritates the hell out of me when I come across it.
I always figured those signs related to students with backpacks and/or bags. Many stores around my school used to ask students to leave their bags at the register/front of the store while they were in there.
I think that request is fair enough. Limitting the number of school aged kids is a bit far out.
@Mike Dimmick
Because of the limited space available, most people in Africa are behind a NAT.
FTFY - you will get dynamically assigned IP addresses in Europe, but theyāre definitely not NAT-ed (of course, there are community mesh networks and whatever, but those are corner cases within the margin of statistical error).
I wonder what happens if thereās only two students in the shop. Does the owner go out and find the third and drag him in?
Iāll get me coat.
Skizz
Store has less than $30 after dark ā roflmao :D. American creativity knows no limits.
It is good to limit the traffic if there is too much. Still I believe that curing the reason of traffic should be first in the priority list. For example if teenagers shoplift much, then there might be something wrong in the methods they have been raised or there might be something wrong with the society. Of course anything is not an excuse for shoplifting, but still. In software the required bandwidth can be minimized eg. by changing pictures to small jpgs. I hate it when I buy a computer game and it doesnāt run on my machine. But there are games that run, and I play those until I upgrade the machine. I donāt want to upgrade the machine just because a new game became to market and the game requires almost a super computer to run smoothly.
Iāve seen those signs that limit ammount of school kids in school in UK and New Zealand too but this is very boring anyway. (emphasis mine)
Yep.
IPv4 address allocation is incredibly unfair around the world. You can see how theyāre allocated at http://www.iana.org/assignments/ipv4-address-space/.
Apple have a whole Class A, 16 million IP addresses, to themselves. So do Ford Motor Company, and the UK Ministry of Defence. HP in effect have two (Compaq bought Digital, and HP merged with Compaq).
Because of the limited space available, most people in Europe and Asia are behind a NAT.
Hmmm, if Iām over 21 but taking a night class, does this mean me?