How I stopped a malicious IP from hammering my Gitea instance

Published on 2024-08-31 in 👨‍💻 Dev

Updated on 2024-08-31

⚠️ This entry is already over one year old. It may no longer be up to date. Opinions may have changed.

Some IP from the US seemed to crawl my Gitea instance (running on the same small VPS as my blog and other self-hosted services) non-stop, which caused high CPU usage. I already wondered why the terminal was lagging so much and why Gitea had such a high CPU usage.

I updated my Caddyfile to add rate limiting (for all IPs) and completely blocked that particular IP that was rate limited.

git.jlel.se {
    @denied remote_ip 1.2.3.4
    abort @denied

    encode zstd gzip

    rate_limit {
        zone gitea {
            key {remote_host}
            events 50
            window 10s
        }
    }

    reverse_proxy gitea:3000

    header -Server
}

Seems to work so far. And Caddy is awesome! 😊

A screenshot showing a decreased CPU usage after adding the rate limit and block

Tags: Caddy, Selfhosting