sjs/rack-attack
1
0
Fork 0
mirror of https://github.com/samsonjs/rack-attack.git synced 2026-04-27 15:07:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Updating readme

Browse source 
Setting up example for multiple filter support, adding note to documentation
This commit is contained in:
jamesprior 2015-11-06 10:01:54 -05:00
parent c8f8f85af2
commit 6d787147db
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
README.md
View file

@ -128,7 +128,7 @@ end
`Fail2Ban.filter` can be used within a blacklist to block all requests from misbehaving clients. `Fail2Ban.filter` can be used within a blacklist to block all requests from misbehaving clients.
This pattern is inspired by [fail2ban](http://www.fail2ban.org/wiki/index.php/Main_Page). This pattern is inspired by [fail2ban](http://www.fail2ban.org/wiki/index.php/Main_Page).
See the [fail2ban documentation](http://www.fail2ban.org/wiki/index.php/MANUAL_0_8#Jail_Options) for more details on See the [fail2ban documentation](http://www.fail2ban.org/wiki/index.php/MANUAL_0_8#Jail_Options) for more details on
how the parameters work. All fail2ban filters share the same match counter, using one filter per app is recommended. how the parameters work. For multiple filters, be sure to put each filter in a separate blacklist and use a unique discriminator for each fail2ban filter.
```ruby ```ruby
# Block suspicious requests for '/etc/password' or wordpress specific paths. # Block suspicious requests for '/etc/password' or wordpress specific paths.
@ -136,7 +136,7 @@ how the parameters work. All fail2ban filters share the same match counter, usi
Rack::Attack.blacklist('fail2ban pentesters') do |req| Rack::Attack.blacklist('fail2ban pentesters') do |req|
# `filter` returns truthy value if request fails, or if it's from a previously banned IP # `filter` returns truthy value if request fails, or if it's from a previously banned IP
# so the request is blocked # so the request is blocked
Rack::Attack::Fail2Ban.filter(req.ip, :maxretry => 3, :findtime => 10.minutes, :bantime => 5.minutes) do Rack::Attack::Fail2Ban.filter("pentesters-#{req.ip}", :maxretry => 3, :findtime => 10.minutes, :bantime => 5.minutes) do
# The count for the IP is incremented if the return value is truthy # The count for the IP is incremented if the return value is truthy
CGI.unescape(req.query_string) =~ %r{/etc/passwd} || CGI.unescape(req.query_string) =~ %r{/etc/passwd} ||
req.path.include?('/etc/passwd') || req.path.include?('/etc/passwd') ||