Unable to disable Rate Limiting

[jlemangarin]

Description

Hello !

For administration automation purpose (Adding a lot of people in a room or multiple rooms, changing permissions for everyone, ..), I need to send a lot of requests to Synapse in a short amount of time

Bue when I try, I have this error :

In synapse Logs :

2023-01-04 18:50:13,228 - synapse.http.server - 89 - INFO - POST-192 - <XForwardedForRequest at 0x7fd10e251828 method='POST' uri='/_matrix/client/r0/rooms/%OBFUSCATED%3AOBFUSCATED.com/invite?access_token=<redacted>' clientproto='HTTP/1.0' site='8008'> SynapseError: 429 - Too Many Requests

This is a severe issue for us as it completly breaks the synchronisation and so, the integrity of our application.

I tried in my dev server to disable all rate limiting configurations like this :

## Ratelimiting ##

# Ratelimiting settings for client actions (registration, login, messaging).
#
# Each ratelimiting configuration is made of two parameters:
#   - per_second: number of requests a client can send per second.
#   - burst_count: number of requests a client can send before being throttled.
#
# Synapse currently uses the following configurations:
#   - one for messages that ratelimits sending based on the account the client
#     is using
#   - one for registration that ratelimits registration requests based on the
#     client's IP address.
#   - one for login that ratelimits login requests based on the client's IP
#     address.
#   - one for login that ratelimits login requests based on the account the
#     client is attempting to log into.
#   - one for login that ratelimits login requests based on the account the
#     client is attempting to log into, based on the amount of failed login
#     attempts for this account.
#   - one for ratelimiting redactions by room admins. If this is not explicitly
#     set then it uses the same ratelimiting as per rc_message. This is useful
#     to allow room admins to deal with abuse quickly.
#
# The defaults are as shown below.
#
rc_message:
  per_second: 0
  burst_count: 0
#
rc_registration:
  per_second: 0
  burst_count: 0
#
rc_login:
  address:
    per_second: 0
    burst_count: 0
  account:
    per_second: 0
    burst_count: 0
  failed_attempts:
    per_second: 0
    burst_count: 0
#
rc_admin_redaction:
  per_second: 0
  burst_count: 0

And I can't find any option to disable completly the rate limiting.

Thanks in advance !

Steps to reproduce

• Disable all rate limits in configuration
• Send a lot of admin requests

Homeserver

Local homeserver

Synapse Version

{"server_version":"1.47.0","python_version":"3.6.8"}

Installation Method

pip (from PyPI)

Database

fresh single postgres install

Workers

Single process

Platform

CentOS 7, nginx

Configuration

rc_message:
per_second: 0
burst_count: 0

rc_registration:
per_second: 0
burst_count: 0

rc_login:
address:
per_second: 0
burst_count: 0
account:
per_second: 0
burst_count: 0
failed_attempts:
per_second: 0
burst_count: 0

rc_admin_redaction:
per_second: 0
burst_count: 0

Relevant log output

2023-01-04 18:50:13,228 - synapse.http.server - 89 - INFO - POST-192 - <XForwardedForRequest at 0x7fd10e251828 method='POST' uri='/_matrix/client/r0/rooms/%OBFUSCATED%3AOBFUSCATED.com/invite?access_token=<redacted>' clientproto='HTTP/1.0' site='8008'> SynapseError: 429 - Too Many Requests

Anything else that would be useful to know?

I also tried #6286

But it does nothing (even after a server restart)

[dklimpel]

Did you try also this?
https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#rc_invites

Your server version seems to be outdated. 1.47.0 is over one year old (November 2021).

[jlemangarin]

Hey @dklimpel

Thank you, confirm it works !

I'm sorry I didn't got far enough in the documentation. I thought all the available directives was documented in the original .yaml file.

Thank you !