Uploaded image for project: 'Infrastructure'
  1. Infrastructure
  2. INFRA-15500

IP adresses banned/blacklisted on apache.org

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Fix Version/s: None
    • Component/s: HTTP Server
    • Labels:
      None
    • Project:
      Infrastructure

      Description

      I have two machines (141.24.210.108 and 141.24.210.110), which somehow cannot connect to "apache.org" since this weekend anymore.
      Are they bannend? If so, is there any policy why this happened?




        Activity

        Hide
        pono Daniel Takamori added a comment - - edited
        141.24.210.110 (sks01.theoinf.tu-ilmenau.de): Too many JIRA visits (102531 >= limit of 100000) - Ban last renewed renewed Mon, 13 Nov 2017 17:04:47 GMT
        141.24.210.108 (spezial.theoinf.tu-ilmenau.de): Too many JIRA visits (100929 >= limit of 100000) - Ban last renewed renewed Mon, 13 Nov 2017 21:12:39 GMT

        It looks like you've been abusing the REST API in JIRA. This is incredibly excessive traffic and as such you were automatically banned.

        If we lift the ban can you avoid this kind of traffic?
        Show
        pono Daniel Takamori added a comment - - edited 141.24.210.110 (sks01.theoinf.tu-ilmenau.de): Too many JIRA visits (102531 >= limit of 100000) - Ban last renewed renewed Mon, 13 Nov 2017 17:04:47 GMT 141.24.210.108 (spezial.theoinf.tu-ilmenau.de): Too many JIRA visits (100929 >= limit of 100000) - Ban last renewed renewed Mon, 13 Nov 2017 21:12:39 GMT It looks like you've been abusing the REST API in JIRA. This is incredibly excessive traffic and as such you were automatically banned. If we lift the ban can you avoid this kind of traffic?
        Hide
        jradek Jaromir Radek added a comment - Reporter
        Hi, I must admit, I script of mine went "amok" and created lots of JIRA visits.

        Can you please assist, how to avoid the traffic?
        I.e. when does this 100000 limit apply (connections/calls per days)? How long (hours/days) does the ban last?
        Show
        jradek Jaromir Radek added a comment - Reporter Hi, I must admit, I script of mine went "amok" and created lots of JIRA visits. Can you please assist, how to avoid the traffic? I.e. when does this 100000 limit apply (connections/calls per days)? How long (hours/days) does the ban last?
        Hide
        gstein Greg Stein added a comment -
        Euh... common sense. You should never make 100,000 calls *or* connections per day. That is excessive, so the ban will kick in. What possible use case requires that many? Please explain.

        Bans are permanent, and require explanation (like this ticket) before being manually lifted.
        Show
        gstein Greg Stein added a comment - Euh... common sense. You should never make 100,000 calls *or* connections per day. That is excessive, so the ban will kick in. What possible use case requires that many? Please explain. Bans are permanent, and require explanation (like this ticket) before being manually lifted.
        Hide
        jradek Jaromir Radek added a comment - Reporter
        I fully understand and agree your policy.

        Let me explain, what happened, as far as I understood.
        An automatic script queried (using REST api) a couple of projects hosted in apache jira repositories. Afterwards, and thats the problem, it requested multiple issue fields on a per issues basis. These individual calls, quickly add up to huge numbers. For example, the cassandra project has ~15000 issues and doing 4 requests per issue ends up in over > 50000 calls.

        (1) Individual calls, are not necessary, since all properties can be retrieved at once.
        (2) A bug in the script queried _all_ issues, which was not intended.
        (3) The script issued all requests in quick succession, and only failed because your severs stop answering.

        Sorry, for all the problems. Abusing the API was not planned or on purpose.

        Please lift the ban.
        Show
        jradek Jaromir Radek added a comment - Reporter I fully understand and agree your policy. Let me explain, what happened, as far as I understood. An automatic script queried (using REST api) a couple of projects hosted in apache jira repositories. Afterwards, and thats the problem, it requested multiple issue fields on a per issues basis. These individual calls, quickly add up to huge numbers. For example, the cassandra project has ~15000 issues and doing 4 requests per issue ends up in over > 50000 calls. (1) Individual calls, are not necessary, since all properties can be retrieved at once. (2) A bug in the script queried _all_ issues, which was not intended. (3) The script issued all requests in quick succession, and only failed because your severs stop answering. Sorry, for all the problems. Abusing the API was not planned or on purpose. Please lift the ban.
        Hide
        pono Daniel Takamori added a comment -
        I'll lift the ban for now but if your script malfunctions again I'll leave it in place. Mind your scripts abusing public services.
        Show
        pono Daniel Takamori added a comment - I'll lift the ban for now but if your script malfunctions again I'll leave it in place. Mind your scripts abusing public services.
        Hide
        jradek Jaromir Radek added a comment - Reporter
        Thanks. Is the ban already lifted? I cannot access apache.org from the two machines.
        Show
        jradek Jaromir Radek added a comment - Reporter Thanks. Is the ban already lifted? I cannot access apache.org from the two machines.
        Hide
        jradek Jaromir Radek added a comment - Reporter
        My two machines are still banned. I cannot reach apache.org (not even ping).
        Show
        jradek Jaromir Radek added a comment - Reporter My two machines are still banned. I cannot reach apache.org (not even ping).
        Hide
        cthistle Chris Thistlethwaite added a comment -
        [~jradek] manually added your IP to the whitelist. I'll remove you from the whitelist soon and you'll be back under the normal rules of traffic.
        Show
        cthistle Chris Thistlethwaite added a comment - [~jradek] manually added your IP to the whitelist. I'll remove you from the whitelist soon and you'll be back under the normal rules of traffic.
        Hide
        jradek Jaromir Radek added a comment - Reporter
        Thank you very much!
        It works again.
        Show
        jradek Jaromir Radek added a comment - Reporter Thank you very much! It works again.
        Hide
        cthistle Chris Thistlethwaite added a comment -
        Awesome, I've also removed you from the whitelist. Just means you're under the guard of our automatic ban system. Feel free to open a new ticket if you get blocked again and reference this ticket.
        Show
        cthistle Chris Thistlethwaite added a comment - Awesome, I've also removed you from the whitelist. Just means you're under the guard of our automatic ban system. Feel free to open a new ticket if you get blocked again and reference this ticket.

          People

          • Assignee:
            pono Daniel Takamori
            Reporter:
            jradek Jaromir Radek
            Request participants:
            None
          • Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: