sjs/rack-attack
1
0
Fork 0
mirror of https://github.com/samsonjs/rack-attack.git synced 2026-03-25 09:25:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix examples

Browse source
This commit is contained in:
Aaron Suggs 2012-08-16 11:48:36 -04:00
parent 8ed2d7aa14
commit a2d0f55a81
2 changed files with 6 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
examples/instrumentation.rb
View file

@ -1,9 +1,3 @@
# Log blacklists & throttles
ActiveSupport::Notifications.subscribe('rack.attack.blacklist') do |name, start, finish, request_id, req|
puts req.inspect
end
ActiveSupport::Notifications.subscribe('rack.attack.throttle') do |name, start, finish, request_id, req|
ActiveSupport::Notifications.subscribe('rack.attack') do |name, start, finish, request_id, req|
puts req.inspect
end

10
examples/rack_attack.rb
View file

@ -7,20 +7,20 @@ Rack::Attack.throttle("req/ip", :limit => 10, :period => 1) { |req| req.ip }
# Throttle attempts to a particular path. 2 POSTs to /login per second per IP
Rack::Attack.throttle "logins/ip", :limit => 2, :period => 1 do |req|
req.ip if req.post? && req.path_info =~ /^login/
req.post? && req.path == "/login" && req.ip
end
# Throttle login attempts per email, 10/minute/email
Rack::Attack.throttle "logins/email", :limit => 2, :period => 60 do |req|
req.params['email'] unless req.params['email'].blank?
req.post? && req.path == "/login" && req.params['email']
end
# Blacklist cloud IPs from accessing PATH regexp
# Blacklist bad IPs from accessing admin pages
Rack::Attack.blacklist "bad_ips from logging in" do |req|
req.path =~ /^login/ && bad_ips.include?(req.ip)
req.path =~ /^\/admin/ && bad_ips.include?(req.ip)
end
# Whitelist a User-Agent
Rack::Attack.whitelist 'internal user agent' do |req|
req.user_agent =~ 'InternalUserAgent'
req.user_agent == 'InternalUserAgent'
end