我正在使用一个名为Artillery的负载测试工具来模拟Laravel应用程序上的请求。默认情况下,Laravel应用程序使用IP来检测是否应该进行速率限制,因此在生产中,不同的IP地址不会成为问题,但对于炮兵来说,这是一个问题,因为请求返回429个错误。
我试过在生产中禁用configureRateLimiting,但仍然有429个错误。
Artillery每秒至少向我的api端点发送3个请求,持续至少2分钟,然后上升到大约每秒30个,持续15分钟。
我缺少什么来禁用此处的速率限制?
<?php
namespace AppProviders;
use IlluminateCacheRateLimitingLimit;
use IlluminateFoundationSupportProvidersRouteServiceProvider as ServiceProvider;
use IlluminateHttpRequest;
use IlluminateSupportFacadesRateLimiter;
use IlluminateSupportFacadesRoute;
class RouteServiceProvider extends ServiceProvider
{
/**
* The path to the "home" route for your application.
*
* This is used by Laravel authentication to redirect users after login.
*
* @var string
*/
public const HOME = '/home';
/**
* The controller namespace for the application.
*
* When present, controller route declarations will automatically be prefixed with this namespace.
*
* @var string|null
*/
// protected $namespace = 'App\Http\Controllers';
/**
* Define your route model bindings, pattern filters, etc.
*
* @return void
*/
public function boot()
{
if (!config('artillery.enabled')) {
$this->configureRateLimiting();
}
$this->routes(function () {
Route::prefix('api')
->middleware('api')
->namespace($this->namespace)
->group(base_path('routes/api.php'));
Route::middleware('web')
->namespace($this->namespace)
->group(base_path('routes/web.php'));
});
}
/**
* Configure the rate limiters for the application.
*
* @return void
*/
protected function configureRateLimiting()
{
if (config('artillery.enabled')) {
return;
}
RateLimiter::for('api', function (Request $request) {
return Limit::perMinute(300)->by(optional($request->user())->id ?: $request->ip());
});
}
}
我的网站通过了Cliudflare,我正在向我的生产端点发送请求,因为这是最现实的测试。
在app/Http/Kernel.php中,Laravel对所有api路由都有默认的节流限制。
protected $middlewareGroups = [
...
'api' => [
'throttle:60,1', //comment means it would be no limit
],
];
评论或增加它。