| ▲ | Havoc 7 hours ago | |
They should rate limit it with a limit high enough that normal use doesn't hit it Appeals to responsibility aren't going to sink in to people that are clearly careless | ||
| ▲ | theshrike79 6 hours ago | parent | next [-] | |
Rate limit anonymous, unlimited if you provide an API key. This way you can identify WHO is doing bad things and disable said API key and/or notify them. | ||
| ▲ | kevincox 6 hours ago | parent | prev [-] | |
But rate-limiting public data is a huge pain. You can't really just have a static file anymore. Maybe you can configure your HTTP server to do IP based rate limiting but that is always ineffective (example public clouds where the downloader gets a new IP every time) or hits bystanders (a reasonable download the egresses out of the same IP or net block). So if you really want to do this you need to add API keys and authentication (even if it is free) to reliably track users. Even then you will have some users that find it easier to randomly pick from 100 API keys rather than properly cache the data. | ||