+4Hi,
Since the 7th of January we have experienced already three times (7h and today two times) that the webhooks have gone crazy. For a period of 1 hour it generates a DoS in our systems.
We are returning 200 HTTP code fast, and we make everything else in background. So our sever is suffering.
Thank you.
+24I'm wondering if this is related to the Garmin outage rather than being a Strava issue? Once Garmin came back up it probably caused a large influx of activities to Strava, which in turn caused a large number of webhook calls.
On my site, I deal with this by pushing all the pending webhook calls into my database and then have a separate processing job which handles them more slowly. That way the thread handling the webhook can respond with HTTP200 quickly after a few basic checks without using up too many resources. The processing job is limited to a small number of threads and also checks API limits. That both prevents any kind of DDoS type issue and also makes sure when something like this happens where a large number of calls come in at once I don't use all my API calls up; once the limit is hit the processing job pauses until the next 15 minute (or 24h) interval.
+4Thank you for the quick response. I have implemented something like you proposed as a ‘firewall’.
It doesn’t seem as an Strava issue, but probably it affects them too. I never saw that before, and as we are having 1 call per minute, this seemed too awkward since it was a sustained 50 events per second for maybe 20 minutes. Probably is some kind of third party integration that is updating the activity in a wrong way.
I have a generic endpoint that responds quickly with a 200 and then passes the event to another function to do the processing.
I haven’t implemented a queuing solution that ignores duplicates but I might.
+24
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
