开发者

What are common ways of implementing web API request throttling/rate-limiting?

开发者 https://www.devze.com 2022-12-21 06:57 出处:网络
What are common ways of implementing web API request throttling? Are there any libraries for common web frameworks (Rails, Django, Java, etc.) that give you this along with temporary banning?

What are common ways of implementing web API request throttling? Are there any libraries for common web frameworks (Rails, Django, Java, etc.) that give you this along with temporary banning?

A related question suggests that the rate limiting is done at the web server by limiting requests by IP, but开发者_开发知识库 that would mean that all requests are treated equally. It seems like throttling needs to be handled by the application because:

  1. Some API calls may have different rate limits (e.g. an autocompletion API would have a higher limit than other calls)
  2. Temporary banning by API key can't be handled by the web server
  3. Requests coming from behind a proxy are treated the same (?)

related questions: here, here, and here


Django-Piston has some neat throttling in there. Check out the source http://bitbucket.org/jespern/django-piston/wiki/Home


You might also want to use tools like IPtables (linux) to hard limit some of the incoming traffic. There are also third party services like 3scale (http://www.3scale.net - disclaimer - I work for them :-) ) which allow to keep track of and manage all the usage limits you want to apply to traffic on a per-user basis.

0

精彩评论

暂无评论...
验证码 换一张
取 消