I cannot change my profile, as the captcha now (after 1 successful change) keeps showing me 429 Too Many Requests instead of a mathematical operation to solve.

I edited my profile once OK.
Then on the second attempt, in the same tab, same browser, I got this error.

Maybe it's because I'm behind a very big company proxy, where thousand of people may share the same IP.

Re: @jesus2099:

Maybe it's because I'm behind a very big company proxy, where thousand of people may share the same IP.

Nope. The moment you hit the page it increments the count. Although that can be a valid case until TPM usage becomes more prevalent in node. Until then it could happen if someone else is hitting the exact same route in your intranet i.e. you will have bad actors in your company which everyone there is responsible for. The route uses your unique username so it shouldn't do that... unless you have a bad actor in your company.

The feature is working as expected, been thought out for several years, and has been thoroughly tested. It is also how the limiters have worked since at least #944. As I mentioned on development there may be some allowances later on however I (we) don't work, live, breathe 24 hours a day here.

The final questions for you are:

  1. Do you think it's responsible for making an assumption that it is not working/is broken?
  2. Do you think it's the responsible thing to not use development instead using production? You have demonstrated in the past with other issues that you know where it is. i.e. you've already opened prior issues on development... Why change now when we've continually mentioned use Development through out the years?
  3. Do you think it's responsible if there was actually a security bug like you are purporting that you would blare it to the whole world with an assumption or would it make more sense to be more discrete and methodical like every other project out there?
  4. Do you think having to take time out of everyone's busy schedule (including mine) to address an assumption is going to make things better?
    I'm open to questions and suggestions but never assume unless you are sure.

Had you not been one of our seasoned Authors you would have easily been eligible for removal. I am giving you a learned experience instead of applying that. It's not like the history of these changes are hidden from anyone and those changes are continually being manipulated by the bad actors currently and mostly on Chinese, Vietnamese, and Bangladesh server areas (i.e. we know exactly where they are doing their dirty work) however we have to leverage the good with the bad.

There are consequences to adding security, or we can just let it go and you'll lose your free hosting when the site goes offline like USO did. Which do you think is the better choice?

OUJS Admin