fix: disable self-observe by default, fix crash causes

- ENABLE_SELF_OBSERVE env var (default false) gates self-observe - Fix UA condition: empty UA no longer triggers logging - Add per-IP dedup (5min) to prevent 1M+ row storms - Remove _cache=null from selfObserve (was busting cache on every hit) - Add 90-day row pruning on startup + every 6h - Add enrichCache TTL cleanup every 5min to prevent unbounded memory growth Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-13 10:00:06 +02:00
parent 379e993384
commit 5a823501f2
3 changed files with 56 additions and 5 deletions
--- a/.env.example
+++ b/.env.example
@@ -4,3 +4,6 @@ NODE_ENV=production
 # Set a strong random token — all WP sites must send this as: Authorization: Bearer <token>
 # Leave empty to run in open mode (dev only)
 API_TOKEN=change-me-to-a-long-random-string
+# Set to 'true' to log bots that hit the API dashboard directly.
+# Disabled by default — enabling it caused DB bloat from legitimate crawlers.
+ENABLE_SELF_OBSERVE=false