github.com/letsencrypt/boulder@v0.20251208.0/test/config-next/ratelimit-defaults.yml

github.com/letsencrypt/boulder@v0.20251208.0/test/config-next/ratelimit-defaults.yml (about)

     1  NewRegistrationsPerIPAddress:
     2    count: 10000
     3    burst: 10000
     4    period: 168h
     5  NewRegistrationsPerIPv6Range:
     6    count: 99999
     7    burst: 99999
     8    period: 168h
     9  CertificatesPerDomain:
    10    count: 2
    11    burst: 2
    12    period: 2160h
    13  FailedAuthorizationsPerDomainPerAccount:
    14    count: 3
    15    burst: 3
    16    period: 5m
    17  # The burst represents failing 40 times per day for 90 days. The count and
    18  # period grant one "freebie" failure per day. In combination, these parameters
    19  # mean that:
    20  # - Failing 120 times per day results in being paused after 30.25 days
    21  # - Failing 40 times per day results in being paused after 92.3 days
    22  # - Failing 20 times per day results in being paused after 6.2 months
    23  # - Failing 4 times per day results in being paused after 3.3 years
    24  # - Failing once per day results in never being paused
    25  FailedAuthorizationsForPausingPerDomainPerAccount:
    26    count: 1
    27    burst: 3600
    28    period: 24h
    29  NewOrdersPerAccount:
    30    count: 1500
    31    burst: 1500
    32    period: 3h
    33  CertificatesPerFQDNSet:
    34    count: 2
    35    burst: 2
    36    period: 3h