How make rate limitation for not logged in users? Just with sessions? Is there standard mechanisms for this?
How make rate limitation for not logged in users? Just with sessions? Is there standard mechanisms for this?
rate limitation… what???
Can you post you query in details?
Rate Limiting of http-queries: http://www.yiiframework.com/doc-2.0/guide-rest.html#rate-limiting
There is described a mechanism that works only for logged in users.
We experienced very similar problem before, when tried RateLimiter at the first time.
The suggestion to Yii2 core team is to design RateLimiter filter good enough not only for API calls, but to make it more reusable in simple controllers.
Here is the use case:
Limit number of API calls globally - 5 requests/second
Limit number of API calls for action1 - 30 requests/minute
Limit number of API calls for action2 - 60 requests/minute
Limit number of successfull user registrations (action /register) - 1/hour
Limit number of failed user logins (action /login) - 5 requests/15 minutes
Add possibility to have 1 shared limit for several actions
For the moment RateLimiter functional is pretty “limited” 
Hello,
are there any news about whether it is planned to extend the Yii RateLimiter to support guests? I want to implement a web service (API) where guests should have other rate limits than logged in users.
Kind regards,
karl