feat(www): recalibrate API IP rate limit

We now have 30/s for /api/ and 4/m for the dyn update endpoints,
per IP. There do not seem to be plausible use cases that exceed
this.

On the other hand, we have one user who causes about 6.5% of all
update requests on some days, sometimes sending up to 15 in one
second. Applying this limit will get rid of most of these
requests, and maybe alert the user of their misconfiguration.

We currently do not have any users who update more than four dyn
domains at the same time. If someone wants to to that, they can
add `sleep 1` or something like that to their cronjob.

www/conf/nginx.conf

@@ -34,8 +34,9 @@ http {
     # if rate limits are exceeded, clients will receive a 503 answer (try again later)
     # rate limits are exceeded when the 'leaky bucket' is full
 
-    # set up one bucket per remote ip for (costly) API access
+    # set up one bucket per remote ip for different types of (costly) API access
     limit_req_zone $binary_remote_addr zone=perip-api:100m rate=30r/s;
+    limit_req_zone $binary_remote_addr zone=perip-dyndns:100m rate=4r/m;
 
     # If limit_req directives are defined here, they apply to all servers that don't have their own ones
     #

www/conf/sites-available/15-dedyn-update.conf.var

@@ -20,8 +20,7 @@ server {
 	}
 
 	location / {
-		# max .5r/s to the API per IP. Allow burst as some people update multiple domains via cron.
-		limit_req zone=perip-api burst=10 nodelay;
+		limit_req zone=perip-dyndns;
 
 		include uwsgi_params;
 		rewrite ^(.*)$ /api/v1/dyndns/update?$1 break;

www/conf/sites-available/90-desec.api.location.var

@@ -2,9 +2,7 @@
 # Pass API requests to an API server
 ######
 location /api/ {
-    # max .5r/s to the API per IP, but 10 at once is okay. This limit may need to be increased once
-    # client applications become more powerful
-    ${PROD_ONLY} limit_req zone=perip-api burst=10 nodelay;
+    ${PROD_ONLY} limit_req zone=perip-api;
 
     expires epoch;
     etag off;