sjs/rack-attack
1
0
Fork 0
mirror of https://github.com/samsonjs/rack-attack.git synced 2026-03-25 09:25:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
706 commits 1 branch 0 tags 1.1 MiB
Commit graph

25 commits

Author SHA1 Message Date
fatkodima
18e637aea8 Allow to reset state between tests 2019-10-23 01:33:49 +03:00
Gonzalo Rodriguez
f5a352b8f9
style: limit line length to 120 columns 2019-08-02 10:51:53 -03:00
Gonzalo Rodriguez
c67e71defe
style: prefer ruby 1.9+ hash syntax 2019-02-27 23:29:32 -03:00
Gonzalo Rodriguez
8cbd3dc0fc
feat: improve MisconfiguredStoreError exception message to aid debugging 2018-10-11 11:44:10 -03:00
Gonzalo Rodriguez
73bc739d5a
Merge remote-tracking branch 'doliveirakn/master' 2018-06-29 11:17:19 -03:00
Gonzalo Rodriguez
8315a1e7e1
Remove support for unmaintained ruby 2.2 2018-06-28 17:08:15 -03:00
Lucas Mansur
11e9557ccb [Fixes #302] Initial style guide adoption (#330) 
* Initial Rubocop configuration

* Fix Rubocop layout offenses for lib

* Fix some spec offenses

* Fix leftover layout offenses
 2018-03-30 16:08:00 -03:00
Koen Rouwhorst
0457bf22f9 Updated all non-secure HTTP URLs to HTTPS. 2018-03-29 18:41:40 +02:00
Gonzalo Rodriguez
7a87ca2ff7
Give clearer error message for misconfigured cache store for allow/fail2ban 2018-03-23 14:18:07 -03:00
Kyle d'Oliveira
9dbece5272 Add an reader for the epoch_time variable in the cache so that it can also be returned in the data from the throttle. 
This is allows access to the same time that the cache uses for the count. This can be important for clients that want to provide rate limit information for well-behaved clients
 2018-02-15 14:45:35 -08:00
Gonzalo Rodriguez
7bb7a05987 Help users understand more clearly when the store is misconfigured 2018-02-01 10:06:39 -03:00
Stan Hu
91947b83a4 Support the ability to reset Fail2Ban count and ban flag 
Closes #113
 2015-05-22 09:47:32 -04:00
Aaron Suggs
074e8e5aa4 Add 1 second buffer to expiry to correct throttles 
Fixes #69.

There was a race condition when `Time.now.to_i` changes between when
`epoch_time` is computed in line 18, and the cache request is made (and
the `key` is expired).

I.e., a throttle check starts at t0, but doesn’t reach the cache until
t1, the cache will have expired the throttle count. The request will
likely be allowed, even if the request exceeded the limit.

This has the effect of keeping keys in cache about 1 second longer than
strictly necessary. But the extra cache space seems like a good
trade-off for correct throttling.
 2014-09-02 14:30:57 -04:00
Steve Hodgkiss
c3a077442a Make Rack::Attack a class and Rack::Attack.new return an instance of that class, rather than Rack::Attack. 2014-03-28 14:53:51 +11:00
Aaron Suggs
24143dd195 Cleanup whitespace 2013-06-20 10:19:56 -04:00
madlep
6c259ea9be delegate Redis custom logic to StoreProxy 
this removes ugly `if redis blah` code from cache
 2013-06-12 15:03:39 +10:00
madlep
22fc386bad add read/write methods to cache 2013-06-12 15:03:24 +10:00
Vipul A M
709a2331c0 Remove unused var 2013-05-03 09:19:09 +05:30
Vipul A M
d3a9667474 Fix typos 2013-05-03 00:55:23 +05:30
Aaron Suggs
cf508e1d18 Support RedisStore as cache store 
Add tests for different cache stores
 2013-02-25 12:09:59 -05:00
Aaron Suggs
f7a1eac521 Cache key time must be a fixnum 2012-08-15 18:16:12 -04:00
Aaron Suggs
853c9ceef3 Set :expires_in on throttle cache counters 
Should reduce memcached evictions
 2012-08-09 11:05:30 -04:00
Aaron Suggs
e7aa5f4abe Use rotating cache keys for throttle (instead of expiring) 
Throttles use a cache key with a timestamp (Time.now.to_i/period), so a
new cache key is used for each period.

No longer set an explicit expiry on each cache key (though it may
inherit a default expiry from the cache store).

Also, set env['rack.attack.throttle_data'] with info about incremented
(but not necessarily exceeded) throttles.
 2012-08-08 14:59:42 -04:00
Aaron Suggs
e166e87fb9 Add throttle support 2012-07-27 17:22:49 -04:00
Aaron Suggs
9284a08cc3 Whitelists support 2012-07-26 17:29:09 -04:00