Created
October 29, 2015 08:43
-
-
Save phamonyut/ae47c4ff8065e53fcd71 to your computer and use it in GitHub Desktop.
Example Config Rack Attack
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class Rack::Attack | |
### Configure Cache ### | |
# If you don't want to use Rails.cache (Rack::Attack's default), then | |
# configure it here. | |
# | |
# Note: The store is only used for throttling (not blacklisting and | |
# whitelisting). It must implement .increment and .write like | |
# ActiveSupport::Cache::Store | |
# Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new | |
blacklist('allow2ban signup & signin attempts') do |req| | |
# After 5 requests in 6 hours, block all requests from that IP for 24 hours | |
Rack::Attack::Allow2Ban.filter(req.ip, maxretry: 5, findtime: 6.hours, bantime: 24.hours) do | |
req.post? && req.path =~ /sign_up/ # POST request pointed to your sign_up url | |
end | |
# After 10 requests in 2 minutes, block all requests from that IP for 24 hours | |
Rack::Attack::Allow2Ban.filter(req.ip, maxretry: 10, findtime: 1.minutes, bantime: 1.hours) do | |
req.post? && req.path =~ /sign_in/ # POST request pointed to your sign_up url | |
end | |
end | |
### Throttle Spammy Clients ### | |
# If any single client IP is making tons of requests, then they're | |
# probably malicious or a poorly-configured scraper. Either way, they | |
# don't deserve to hog all of the app server's CPU. Cut them off! | |
# | |
# Note: If you're serving assets through rack, those requests may be | |
# counted by rack-attack and this throttle may be activated too | |
# quickly. If so, enable the condition to exclude them from tracking. | |
# Throttle all requests by IP (60rpm) | |
# | |
# Key: "rack::attack:#{Time.now.to_i/:period}:req/ip:#{req.ip}" | |
throttle('req/ip', limit: 250, period: 5.minutes, &:ip) | |
# Throttle requests to 5 requests per second per ip | |
# throttle("req/ip in 1 second", limit: 5, period: 1.second, &:ip) | |
### Custom Throttle Response ### | |
# By default, Rack::Attack returns an HTTP 429 for throttled responses, | |
# which is just fine. | |
# | |
# If you want to return 503 so that the attacker might be fooled into | |
# believing that they've successfully broken your app (or you just want to | |
# customize the response), then uncomment these lines. | |
throttled_response = lambda do |env| | |
[ 503, # status | |
{}, # headers | |
['claim down']] # body | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment