phamonyut/rack-attack.rb

## rack-attack.rb
class Rack::Attack
  ### Configure Cache ###

  # If you don't want to use Rails.cache (Rack::Attack's default), then
  # configure it here.
  #
  # Note: The store is only used for throttling (not blacklisting and
  # whitelisting). It must implement .increment and .write like
  # ActiveSupport::Cache::Store

  # Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new

  blacklist('allow2ban signup & signin attempts') do |req|
    # After 5 requests in 6 hours, block all requests from that IP for 24 hours
    Rack::Attack::Allow2Ban.filter(req.ip, maxretry: 5, findtime: 6.hours, bantime: 24.hours) do
      req.post? && req.path =~ /sign_up/ # POST request pointed to your sign_up url
    end

    # After 10 requests in 2 minutes, block all requests from that IP for 24 hours
    Rack::Attack::Allow2Ban.filter(req.ip, maxretry: 10, findtime: 1.minutes, bantime: 1.hours) do
      req.post? && req.path =~ /sign_in/ # POST request pointed to your sign_up url
    end
  end

  ### Throttle Spammy Clients ###

  # If any single client IP is making tons of requests, then they're
  # probably malicious or a poorly-configured scraper. Either way, they
  # don't deserve to hog all of the app server's CPU. Cut them off!
  #
  # Note: If you're serving assets through rack, those requests may be
  # counted by rack-attack and this throttle may be activated too
  # quickly. If so, enable the condition to exclude them from tracking.

  # Throttle all requests by IP (60rpm)
  #
  # Key: "rack::attack:#{Time.now.to_i/:period}:req/ip:#{req.ip}"
  throttle('req/ip', limit: 250, period: 5.minutes, &:ip)

  # Throttle requests to 5 requests per second per ip
  # throttle("req/ip in 1 second", limit: 5, period: 1.second, &:ip)

  ### Custom Throttle Response ###

  # By default, Rack::Attack returns an HTTP 429 for throttled responses,
  # which is just fine.
  #
  # If you want to return 503 so that the attacker might be fooled into
  # believing that they've successfully broken your app (or you just want to
  # customize the response), then uncomment these lines.
  throttled_response = lambda do |env|
   [ 503,  # status
     {},   # headers
     ['claim down']] # body
  end
end
	class Rack::Attack
	### Configure Cache ###

	# If you don't want to use Rails.cache (Rack::Attack's default), then
	# configure it here.
	#
	# Note: The store is only used for throttling (not blacklisting and
	# whitelisting). It must implement .increment and .write like
	# ActiveSupport::Cache::Store

	# Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new

	blacklist('allow2ban signup & signin attempts') do \|req\|
	# After 5 requests in 6 hours, block all requests from that IP for 24 hours
	Rack::Attack::Allow2Ban.filter(req.ip, maxretry: 5, findtime: 6.hours, bantime: 24.hours) do
	req.post? && req.path =~ /sign_up/ # POST request pointed to your sign_up url
	end

	# After 10 requests in 2 minutes, block all requests from that IP for 24 hours
	Rack::Attack::Allow2Ban.filter(req.ip, maxretry: 10, findtime: 1.minutes, bantime: 1.hours) do
	req.post? && req.path =~ /sign_in/ # POST request pointed to your sign_up url
	end
	end

	### Throttle Spammy Clients ###

	# If any single client IP is making tons of requests, then they're
	# probably malicious or a poorly-configured scraper. Either way, they
	# don't deserve to hog all of the app server's CPU. Cut them off!
	#
	# Note: If you're serving assets through rack, those requests may be
	# counted by rack-attack and this throttle may be activated too
	# quickly. If so, enable the condition to exclude them from tracking.

	# Throttle all requests by IP (60rpm)
	#
	# Key: "rack::attack:#{Time.now.to_i/:period}:req/ip:#{req.ip}"
	throttle('req/ip', limit: 250, period: 5.minutes, &:ip)

	# Throttle requests to 5 requests per second per ip
	# throttle("req/ip in 1 second", limit: 5, period: 1.second, &:ip)

	### Custom Throttle Response ###

	# By default, Rack::Attack returns an HTTP 429 for throttled responses,
	# which is just fine.
	#
	# If you want to return 503 so that the attacker might be fooled into
	# believing that they've successfully broken your app (or you just want to
	# customize the response), then uncomment these lines.
	throttled_response = lambda do \|env\|
	[ 503, # status
	{}, # headers
	['claim down']] # body
	end
	end