Public servers

To contribute to the XMPP network, some people choose to run servers on which people can obtain free XMPP accounts.

This page aims to document some best practices for those servers. This is not a complete guide! Running a public server brings a fair amount of responsibility upon the admins, and and requires a fair amount of oversight.

mod_register

Documentation

This module allows people to register and manage XMPP accounts. By default it will allow users to change their password but will *not* allow registration of new accounts. To enable this set 'allow_registration' to true.

Servers with unrestricted registration are open to abuse and provide an easy method for spammers to get onto the XMPP network. If you do not control this, your server may be blocked by other servers on the network.

Some tips for controlling registration:

  • Set min_seconds_between_registrations to a sensible value (this is a per-IP rate limit). Note that spammers have lots of IP addresses and lots of time, so this limit alone is not enough to prevent abuse.
  • Use mod_watchregistrations to be alerted of new accounts

mod_limits

Documentation

This module limits bandwidth used by XMPP sessions. This helps to protect the server and XMPP network from certain types of abuse, and ensures that e.g. a single user cannot consume all the server's resources.

Traffic patterns between servers may vary, but here is an example that is being used in production on a large server and was based on observing typical usage patterns:

        limits = {
                c2s = {
                        rate = "3kb/s";
                        burst = "2s";
                };
                s2sin = {
                        rate = "30kb/s";
                        burst = "3s";
                };
        }

mod_muc_limits

Documentation (community module)

If you run a MUC (chatroom) service, this module helps to prevent flooding of rooms.

mod_firewall

Documentation (community module)

This module allows admins to respond to abuse promptly with a rule-based configuration that is able to drop and reject XMPP stanzas, as well as many other features.

Scalability

If your server grows large, there are some things to consider:

  • Ensure that you are using libevent (install lua-event and set use_libevent = true in the config file)
  • Raise the per-process file limit. With our Debian/Ubuntu packages you can add to /etc/default/prosody (create the file if it doesn't exist):
    • MAXFDS=9999

Backups

As with any server, you need to have a good backup and restore plan. Your users will not be happy if a disk or database failure destroys all their accounts and data, for example.

 
doc/public_servers.txt · Last modified: 2017/10/03 16:00 by Matthew Wild