Skip to content

Commit 3523c03

Browse files
cxspxrcxspxr
committed
secure with rack::attack
1 parent 6f0f9ba commit 3523c03

File tree

1 file changed

+12
-10
lines changed

1 file changed

+12
-10
lines changed

config/initializers/rack_attack.rb

Lines changed: 12 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,16 @@
11
class Rack::Attack
2+
Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new
3+
4+
# 10 requests per 10 seconds for a single ip
5+
throttle('req/ip', limit: 10, period: 10) do |req|
6+
req.ip
7+
end
8+
9+
# whitelist localhost
10+
Rack::Attack::safelist('allow-localhost') do |req|
11+
'127.0.0.1' == req.ip || '::1' == req.ip
12+
end
13+
214
# response with 429
315
self.throttled_response = ->(env) {
416
retry_after = (env['rack.attack.match_data'] || {})[:period]
@@ -9,13 +21,3 @@ class Rack::Attack
921
]
1022
}
1123
end
12-
13-
# 10 requests per 10 seconds for a single ip
14-
Rack::Attack::throttle('req/ip', limit: 10, period: 10) do |req|
15-
req.ip
16-
end
17-
18-
# whitelist localhost
19-
Rack::Attack::safelist('allow-localhost') do |req|
20-
'127.0.0.1' == req.ip || '::1' == req.ip
21-
end

0 commit comments

Comments
 (0)