Fasthub: Abuse detection mechanism triggered for searches
FastHub Version: 4.6.4
Android Version: 7.0 (SDK: 24)
Device Information:
- Manufacturer: HUAWEI
- Brand: HUAWEI
- Model: P10 Plus
After performing a combination of repository, path and code (files) search, it will trigger the abuse detection and the IP-token combination is banned from searching files for a while.
The amount of searches before getting banned (5 on average) is significantly less than what is documented as search rate limit (30 req/min).
You have triggered an abuse detection mechanism. Please wait a few minutes before you try again.
The possible causes are documented at here. The reasons I can think of are:
- FastHub may be repeatedly performing requests in background, like the status API.
- FastHub may be retrieving the pagination too rapidly.
ishitatsuyuki
All 26 comments
Search API has its own limit and is not tied to the other apis.
k0shk0sh
on 14 Mar 2018
Yes it is and as I mentioned it's 30/min compared to the normal 5000/min. We're not triggering a documented rate limit but their private abuse detection mechanism.
ishitatsuyuki
on 14 Mar 2018
Well, I can't tell what's the problem here honestly, I never encountered such behavior.
Maybe you do alot of pagination in the search? This could be the cause as well. I can't help you tho as idk what is going.
k0shk0sh
on 14 Mar 2018
Please follow the following reproduction steps:
- Search repo for FastHub
- Open this repo
- Search the code with generic keyword (e.g. get, API, kotlin) for 10 times
I got banned this time very quickly.
ishitatsuyuki
on 14 Mar 2018
10 times straight?? or there is some seconds in between?
k0shk0sh
on 14 Mar 2018
You probably should do the search as fast as you can type, as it's likely still below the rate limit.
By the way, if you can't reproduce, I would file a case with GitHub support and post back with what they says.
ishitatsuyuki
on 14 Mar 2018
I could produce it but after many requests and selecting All from the spinner. which is legit in my opinion. its up to you if you like to fire a case to GitHub :)
k0shk0sh
on 14 Mar 2018
All GitHub suggested is to respect the Retry-After header:
In general, the best thing to do is to spread your requests over time and check the Retry-After header in case you do hit the secondary limits, so that you know when you can resume making requests.
We should show "retry after x seconds" when the header is present, and optionally fail all requests internally instead of requesting GitHub server (so the count doesn't get worse).
ishitatsuyuki
on 15 Mar 2018
@ishitatsuyuki rather don't try make the server fail and you won't have any issues at all
yakov116
on 15 Mar 2018
@yakov116 FastHub can perform multiple requests or implicitly request the server, such as fetching status.
ishitatsuyuki
on 15 Mar 2018
@ishitatsuyuki but as you understand this is a non standard thing. You are more than welcome to submit a pr
yakov116
on 15 Mar 2018
What? Non-standard? Please elaborate.
ishitatsuyuki
on 15 Mar 2018
@ishitatsuyuki this is issue number #1619 you are the first person I know that has run into this issue
yakov116
on 15 Mar 2018
I believe the root cause of this is because in the "search everything" interface we load the four types of search result concurrently. Can you reopen this issue?
ishitatsuyuki
on 25 Mar 2018
I doubt that this is the cause :) for instance, issues and pr tabs in main screen are also search and in some other places as well where there is no API i use search api.
k0shk0sh
on 25 Mar 2018
To elaborate, I have some more points of that being a cause:
- The abuse rate limit is triggered in the "search everything" panel the first time in most of my cases. The rest of triggered in repository code search.
- The 4x amplification makes sense when it comes to hitting 30req/min rate limit.
- GitHub recommends against concurrent requests.
> Make requests for a single user or client ID serially. Do not make requests for a single user or client ID concurrently.
ishitatsuyuki
on 25 Mar 2018
@ishitatsuyuki its interesting since you are the only one reporting this. I am using FastHub for a year now and I have never encountered this issue!
yakov116
on 25 Mar 2018
@yakov116 Please stop repeating the fact that this is "interesting". It does not contribute to discussion. The only thing I can say is that, it affects me.
ishitatsuyuki
on 25 Mar 2018
This looks like the thing I just got. First interaction with github since at least 24 hours, I search for a specific project (not having logged in first) and get the "You have triggered an abuse detection mechanism. Please wait a few minutes before you try again." message. It happened before some weeks or so back in the same way. Go to github, search for a project, get denied.
jensdpersson
on 23 Jan 2019
This changed in v5, please be patient!
k0shk0sh
on 23 Jan 2019
I can trigger this issue with a single, manual search for "fabric-composer" on the first try with no special crap. This is a vanilla, manual search from Chrome on Linux. This is a real pain in the ass.
hpg-mheck
on 13 Feb 2019
Guys, this has been fixed in v5 as im using graphql for that, so please be patient.
k0shk0sh
on 13 Feb 2019
k0shk0sh
on 13 Feb 2019
Why is this closed? This is still an issue. Trying to search something for the first time already triggered this for me.
Kaju-Bubanja
on 11 Nov 2019
I am experiencing the same issue, and I am doing one search every 2 or 3 seconds...
alogim
on 12 Nov 2019
Just did ONE search on a clean install of Win10 1903, using Chrome browser, and it triggered.
No idea why this would be closed. I had to login to be able to do anything.
bo3b
on 15 Nov 2019
Related issues
DroidFreak32
路
3Comments
shaboigan
路
3Comments
szechyjs
路
3Comments
yochananmarqos
路
3Comments
tom-ando
路
3Comments
Most helpful comment
Why is this closed? This is still an issue. Trying to search something for the first time already triggered this for me.