Hi ,
I am new to mantis., I am getting an Application Error #27, " You have reached the allowed activity limit of 10 events within the last 3600 seconds; your action has been blocked to avoid spam, please try again later. "
Can you please tell the steps to resolve the above issue.
Application error - 27
Moderators: Developer, Contributor
-
- Posts: 2
- Joined: 28 Aug 2017, 11:47
Application error - 27
Hi ,
I am new to mantis , I got error message "Application Error #27, You have reached the allowed activity limit of 10 events within the last 3600 seconds; your action has been blocked to avoid spam, please try again later "
I am new to mantis , I got error message "Application Error #27, You have reached the allowed activity limit of 10 events within the last 3600 seconds; your action has been blocked to avoid spam, please try again later "
Re: Application error - 27
I followed the link provided and what struck me was the lack of explanation of the usage and behavior. It is all well and good to provide a technical definition, but the OP clearly stated that he/she was new to Mantis.
Given the lack of experience of the OP, I suggest that a bit of context would have been more helpful.
Given the lack of experience of the OP, I suggest that a bit of context would have been more helpful.
Re: Application error - 27
Thanks for asking. I appreciate your assistance in the forums and with the project.
These sorts of values need some context to allow a new user, or even an old one, to gauge the impact. Some discussion can be quite helpful.
- What is the behavior of the app is the value of $g_antispam_max_event_count is increased to, say, 20?
- Is $g_antispam_max_event_count sort of binary, effectively off or on?
- Are there any general guidelines for changing the setting for $g_antispam_time_window_in_seconds and $g_antispam_max_event_count?
- How is "event" defined?
Currently I have one user, and only one user, who is suffering from this. However, it is a user in a key account. The browsers involved are Internet Explorer 11 and Chrome. So, will disabling help this user or simple open the app to malicious attacks?
Any advice along these lines would be helpful.
These sorts of values need some context to allow a new user, or even an old one, to gauge the impact. Some discussion can be quite helpful.
- What is the behavior of the app is the value of $g_antispam_max_event_count is increased to, say, 20?
- Is $g_antispam_max_event_count sort of binary, effectively off or on?
- Are there any general guidelines for changing the setting for $g_antispam_time_window_in_seconds and $g_antispam_max_event_count?
- How is "event" defined?
Currently I have one user, and only one user, who is suffering from this. However, it is a user in a key account. The browsers involved are Internet Explorer 11 and Chrome. So, will disabling help this user or simple open the app to malicious attacks?
Any advice along these lines would be helpful.
Re: Application error - 27
Maybe this is a better wording to understand antispam functionality:
Antispam measures are not active if signup is disabled, as we assume that we can trust manually created users.
They are also not active if the access level of the user is greater than the default access level, e.g. if your default access
level is REPORTER (default setting out of the box), users with access level DEVELOPER are not affected by the antispam measures.
e.g. if a user creates an issue, adds a note and assigns the issue is counted as three events.
Set it to 0 for unlimited events
To deactivate antispam measures for this user, you could
- deactivate antispam measures in general (set $g_antispam_max_event_count = 0), or
- provide a higher access level to this single user, e.g. UPDATER, or
- deactivate antispam measures for this single user (set antispam_max_event_count = 0 in database via page Manage > Configuration)
Antispam measures are not active if signup is disabled, as we assume that we can trust manually created users.
They are also not active if the access level of the user is greater than the default access level, e.g. if your default access
level is REPORTER (default setting out of the box), users with access level DEVELOPER are not affected by the antispam measures.
Each entry you can see in history is counted as an event.
e.g. if a user creates an issue, adds a note and assigns the issue is counted as three events.
Users that are affected by antispam measures can create 20 events in one hour (assuming you did not change $g_antispam_time_window_in_seconds)
It's the maximum number of events during $g_antispam_time_window_in_seconds to allow for users that are affected by anti spam measures.
Set it to 0 for unlimited events
Hard to say. Default settings allow users to create 10 events in one hour. You have to adjust depending on your complaining users and any spam attack you might encounter.
It seems this user has just access level of REPORTER.
To deactivate antispam measures for this user, you could
- deactivate antispam measures in general (set $g_antispam_max_event_count = 0), or
- provide a higher access level to this single user, e.g. UPDATER, or
- deactivate antispam measures for this single user (set antispam_max_event_count = 0 in database via page Manage > Configuration)
Re: Application error - 27
Excellent! Thank you for the information. It will certainly help us.