From: Sarah Hoffmann Date: Wed, 12 Dec 2012 17:55:03 +0000 (+0100) Subject: Merge remote-tracking branch 'upstream/master' X-Git-Tag: deploy~656 X-Git-Url: https://git.openstreetmap.org/nominatim.git/commitdiff_plain/7c56f24c1f83e9d19c9df723bb86335598add902 Merge remote-tracking branch 'upstream/master' Conflicts: lib/init-website.php --- 7c56f24c1f83e9d19c9df723bb86335598add902 diff --cc lib/init-website.php index 6db2ac37,8603e309..ef8237fb --- a/lib/init-website.php +++ b/lib/init-website.php @@@ -1,34 -1,53 +1,51 @@@

Access blocked

"; - echo "Your IP has been blocked for overusing OpenStreetMap's volunteer-run servers.
\n"; - echo 'Please consult the Nominatim usage policy for more information.'; - echo "\n\n"; - exit; - } + $aBucketKeys = array(); - $sTempBlockedIP = file_get_contents(CONST_IPBanFile); - if (preg_match('/\b'.$_SERVER["REMOTE_ADDR"].'\b/', $sTempBlockedIP)) - { - header('HTTP/1.0 503 Service Temporarily Unavailable'); - header('Content-type: text/html; charset=utf-8'); - echo "

Access blocked

"; - echo "Your IP has been blocked temporarily for overusing OpenStreetMap's volunteer-run servers. This ban will be lifted automatically in a while. To avoid further blocks, please read the
\n"; - echo 'Nominatim usage policy carefully before you continue to use this service.'; - echo "\n\n"; - exit; - } + if (isset($_SERVER["HTTP_REFERER"])) $aBucketKeys[] = str_replace('www.','',strtolower(parse_url($_SERVER["HTTP_REFERER"], PHP_URL_HOST))); + if (isset($_SERVER["REMOTE_ADDR"])) $aBucketKeys[] = $_SERVER["REMOTE_ADDR"]; + if (isset($_GET["email"])) $aBucketKeys[] = $_GET["email"]; - } + $fBucketVal = doBucket($aBucketKeys, + (defined('CONST_ConnectionBucket_PageType')?constant('CONST_ConnectionBucket_Cost_'.CONST_ConnectionBucket_PageType):1) + user_busy_cost(), + CONST_ConnectionBucket_LeakRate, CONST_ConnectionBucket_BlockLimit); + + if ($fBucketVal > CONST_ConnectionBucket_WaitLimit && $fBucketVal < CONST_ConnectionBucket_BlockLimit) + { + $m = getBucketMemcache(); + $iCurrentSleeping = $m->increment('sleepCounter'); + if (false === $iCurrentSleeping) + { + $m->add('sleepCounter', 0); + $iCurrentSleeping = $m->increment('sleepCounter'); + } + if ($iCurrentSleeping >= CONST_ConnectionBucket_MaxSleeping || isBucketSleeping($aBucketKeys)) + { + // Too many threads sleeping already. This becomes a hard block. + $fBucketVal = doBucket($aBucketKeys, CONST_ConnectionBucket_BlockLimit, CONST_ConnectionBucket_LeakRate, CONST_ConnectionBucket_BlockLimit); + } + else + { + setBucketSleeping($aBucketKeys, true); + sleep(($fBucketVal - CONST_ConnectionBucket_WaitLimit)/CONST_ConnectionBucket_LeakRate); + $fBucketVal = doBucket($aBucketKeys, CONST_ConnectionBucket_LeakRate, CONST_ConnectionBucket_LeakRate, CONST_ConnectionBucket_BlockLimit); + setBucketSleeping($aBucketKeys, false); + } + $m->decrement('sleepCounter'); + } + + if (strpos(CONST_BlockedIPs, ','.$_SERVER["REMOTE_ADDR"].',') !== false || $fBucketVal >= CONST_ConnectionBucket_BlockLimit) + { + echo "Your IP has been blocked. \n"; + echo "Please create a nominatim trac ticket (http://trac.openstreetmap.org/newticket?component=nominatim) to request this to be removed. \n"; + echo "Information on the Nominatim usage policy can be found here: http://wiki.openstreetmap.org/wiki/Nominatim#Usage_Policy \n"; + exit; + } - - header('Content-type: text/html; charset=utf-8'); - diff --cc settings/settings.php index 8ebd81ee,58463a51..d82a3337 --- a/settings/settings.php +++ b/settings/settings.php @@@ -14,18 -14,38 +14,40 @@@ @define('CONST_Osm2pgsql_Binary', CONST_BasePath.'/osm2pgsql/osm2pgsql'); @define('CONST_Osmosis_Binary', '/usr/bin/osmosis'); + // Connection buckets to rate limit people being nasty + @define('CONST_ConnectionBucket_MemcacheServerAddress', false); + @define('CONST_ConnectionBucket_MemcacheServerPort', 11211); + @define('CONST_ConnectionBucket_MaxBlockList', 100); + @define('CONST_ConnectionBucket_LeakRate', 1); + @define('CONST_ConnectionBucket_BlockLimit', 10); + @define('CONST_ConnectionBucket_WaitLimit', 6); + @define('CONST_ConnectionBucket_MaxSleeping', 10); + @define('CONST_ConnectionBucket_Cost_Reverse', 1); + @define('CONST_ConnectionBucket_Cost_Search', 2); + @define('CONST_ConnectionBucket_Cost_Details', 3); + + // Override this function to add an adjustment factor to the cost + // based on server load. e.g. getBlockingProcesses + if (!function_exists('user_busy_cost')) + { + function user_busy_cost() + { + return 0; + } + } + // Website settings - @define('CONST_ClosedForIndexing', false); - @define('CONST_ClosedForIndexingExceptionIPs', ''); @define('CONST_BlockedIPs', ''); + @define('CONST_IPBanFile', CONST_BasePath.'/settings/ip_blocks'); + @define('CONST_WhitelistedIPs', ''); + @define('CONST_BlockedUserAgents', ''); + @define('CONST_BlockReverseMaxLoad', 15); @define('CONST_BulkUserIPs', ''); - @define('CONST_Website_BaseURL', 'http://'.php_uname('n').'/'); + @define('CONST_Website_BaseURL', 'http://nominatim.openstreetmap.org/'); @define('CONST_Tile_Default', 'Mapnik'); - @define('CONST_Default_Language', 'xx'); + @define('CONST_Default_Language', 'en'); @define('CONST_Default_Lat', 20.0); @define('CONST_Default_Lon', 0.0); @define('CONST_Default_Zoom', 2);