Code: Select all
(ip redacted) - - [09/Apr/2017:08:46:00 +0300] "GET /gitlab/fox/tt-rss.git/info/refs?service=git-upload-pack HTTP/1.1" 200 13638 "-" "git/1.9.1"
Only three IP addresses originate the *vast* majority of the above traffic, one of those registered to Digital Ocean. Maybe they NAT all outbound traffic for their hosted sites under one address? Maybe some special person out there decided to git pull every second? Who knows, really.
Anyway, for the time being I'm implementing a rate limit if the following two conditions match: request URI contains "service=git-upload-pack" and user agent contains "git".
If you're screwed by this and can't git pull anymore because Digital Ocean or whoever *is* putting everyone behind one colossal NAT please post here so I can rework or remove this limit.