sjs/rack-attack
1
0
Fork 0
mirror of https://github.com/samsonjs/rack-attack.git synced 2026-03-25 09:25:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
275 commits 1 branch 0 tags 1.1 MiB
Commit graph

72 commits

Author SHA1 Message Date
Vincent Boisard
d880bd88e0 fix: workaround MemCacheClient + MemCache backend by using a dedicated proxy 2015-12-16 16:57:54 +01:00
Vincent Boisard
faa0638719 fix: Do not attempt to process Memcache clients with DalliProxy 2015-12-08 18:55:06 +01:00
Vincent Boisard
397a7ce7b4 feature: support for ActiveSupport::MemCacheStore 2015-12-08 10:53:53 +01:00
Stan Hu
91947b83a4 Support the ability to reset Fail2Ban count and ban flag 
Closes #113
 2015-05-22 09:47:32 -04:00
Aaron Suggs
0ec73d956b Merge pull request #119 from stanhu/add-delete-interface 
Support delete method for Redis
 2015-04-16 14:11:58 -04:00
Aaron Suggs
1dd29f66b8 Update changelog for #118; bump to v4.3.0 2015-04-16 14:06:46 -04:00
Stan Hu
ff15447f3a Support delete method for Redis 2015-03-15 12:13:44 -07:00
Stan Hu
dc1b6bf687 Pass raw: true to prevent Ruby de/serialization. This is to make it possible 
to implement something like:

```store.write(key, 0, :expires_in => expires_in)```

See #113
 2015-03-15 07:18:18 -07:00
Aaron Suggs
f9b7721e59 bump version 4.2.0 2014-10-26 15:33:09 -04:00
Genadi Samokovarov
d9a5587676 Allow throttle period option to be a proc 
I need to filter requests on a period I need to get dynamically out of
information I have in the requests. Currently, I can work out the limit,
as it can be a `Proc`, however I can't do that with the period.

This PR adds support for that. Tried to do it in a way that doesn't
brake backwards compatibility, as periods are coerced to numbers during
`Rack::Throttle` initialization.
 2014-09-19 19:32:39 +02:00
Aaron Suggs
1db5a00431 version 4.1.1 2014-09-08 21:34:28 -04:00
Aaron Suggs
074e8e5aa4 Add 1 second buffer to expiry to correct throttles 
Fixes #69.

There was a race condition when `Time.now.to_i` changes between when
`epoch_time` is computed in line 18, and the cache request is made (and
the `key` is expired).

I.e., a throttle check starts at t0, but doesn’t reach the cache until
t1, the cache will have expired the throttle count. The request will
likely be allowed, even if the request exceeded the limit.

This has the effect of keeping keys in cache about 1 second longer than
strictly necessary. But the extra cache space seems like a good
trade-off for correct throttling.
 2014-09-02 14:30:57 -04:00
Aaron Suggs
7820986d9c Merge pull request #74 from zmillman/readme-request 
Improve documentation of Rack::Attack::Request
 2014-08-01 14:43:53 -04:00
Zach Millman
5c78f84be2 Improve documentation of Rack::Attack::Request 
https://github.com/kickstarter/rack-attack/issues/73
 2014-06-17 11:37:25 -07:00
Aaron Suggs
1a3cddb468 Prep for v4.1.0 2014-05-22 13:59:26 -04:00
Paul Coates
e8d98a7ad3 Changed track checker to track filter. Made track filter tests more clear. 2014-05-22 10:11:23 -07:00
Paul Coates
1ebe1c3517 Added limit and period options to track. Delegates [] to Throttle if they are present otherwise Check. 2014-05-19 11:11:01 -07:00
Aaron Suggs
0e599a4dd6 version 4.0.1 2014-05-14 13:37:30 -04:00
blahed
97dce48bfc add throttle discriminator to rack env 2014-05-01 22:20:13 -04:00
Aaron Suggs
430672d8f4 Update changelog for v4.0.0 2014-04-28 15:45:13 -04:00
hakanensari
5d72c6e5f9 Move individual proxy classes to separate files 2014-04-15 16:19:43 +01:00
hakanensari
f0a53f474e Stub #with on delegator 2014-04-09 13:15:00 +01:00
hakanensari
937cd3ca20 Merge branch 'master' into patch-3 2014-04-09 12:17:10 +01:00
hakanensari
1c0bc3da4d Merge branch 'patch-2' into patch-3 
Conflicts:
	lib/rack/attack/store_proxy.rb
 2014-04-09 12:16:16 +01:00
Aaron Suggs
66231dc5b2 v3.1.0 2014-04-04 16:16:31 -04:00
Tristan Dunn
16f1cfc578 Add a custom request class to allow for helper methods. 
Fixes #58.
 2014-04-04 14:41:59 -05:00
Aaron Suggs
ea09a49538 Merge pull request #54 from stevehodgkiss/dont_override_new_and_return_a_class 
Rack::Attack.new should return an instance of a class, not the Rack::Attack constant
 2014-04-03 22:37:05 -04:00
hakanensari
92be2791ab Handle older Dalli clients 2014-04-01 12:23:10 +01:00
hakanensari
128c5aa9bf Support a Dalli Connection Pool 2014-04-01 12:10:32 +01:00
hakanensari
adab844784 Support older dalli client versions 2014-04-01 11:21:14 +01:00
Steve Hodgkiss
c3a077442a Make Rack::Attack a class and Rack::Attack.new return an instance of that class, rather than Rack::Attack. 2014-03-28 14:53:51 +11:00
hakanensari
a7ec48fb44 Implement Proxy for Dalli 
kickstarter/rack-attack#52
 2014-03-26 21:54:12 +00:00
Aaron Suggs
7c6cead69c Version 3.0.0; update changelog 2014-03-15 08:01:55 -04:00
Will Kimeria
87f628d0c1 If redis client throws exception, don't raise it 
For throttling, when the redis client throws an exception, the request
ends up getting rate limited. Modify this to be similar to how
ActiveSupport.MemCacheStore functions (the read, write and increment
methods do not raise exceptions)
 2014-03-14 11:50:59 -07:00
Jordan Moncharmont
273e045f10 fix edge case, if maxretry is 1, let them get 1 request in 2013-09-27 17:35:01 -07:00
Jordan Moncharmont
ef59c5182a Allow2Ban 
An alternate to fail2ban that allows clients until they hit the
thresholds, then blocks them.  Think of it like a throttle where you can
block for more than one period.
 2013-09-27 17:18:52 -07:00
Aaron Suggs
1d367f5acd version 2.3.0, update changelog, copy tweaks 2013-08-20 11:39:44 -04:00
Pedro Nascimento
ab6d7b239d Allow limit option to be a proc. 
This allows you to do stuff like:
`req.env["USER"] == "god" ? 1000 : 1`
 2013-08-19 19:47:48 -03:00
Aaron Suggs
98eec24a8c Update changelog, version 2.2.1 2013-08-05 21:14:16 -04:00
Aaron Suggs
9388e98eb0 version 2.2.0 2013-06-20 11:05:00 -04:00
Aaron Suggs
24143dd195 Cleanup whitespace 2013-06-20 10:19:56 -04:00
madlep
2819e0d7a4 collapse fail2ban name/discriminator into one argument 2013-06-17 08:50:39 +10:00
madlep
94a304b815 reorder logic to not repeatedly extend ban after more failed requests 2013-06-14 12:49:53 +10:00
madlep
3f1c98a868 Fail2Ban helper 
based on gist from @ktheory https://gist.github.com/ktheory/5723534

Modified slightly to use fail2ban `filter` terminology to simplify
Rack::Attack initializer configuration (only one block is requred for
this approach instead of 2)
 2013-06-12 15:51:13 +10:00
madlep
6c259ea9be delegate Redis custom logic to StoreProxy 
this removes ugly `if redis blah` code from cache
 2013-06-12 15:03:39 +10:00
madlep
22fc386bad add read/write methods to cache 2013-06-12 15:03:24 +10:00
Aaron Suggs
d1cf2a2eea bump to version 2.1.1 2013-05-16 14:24:41 -04:00
Han Chang
2a91eb6c55 Fix #14 2013-05-10 22:08:31 +00:00
Aaron Suggs
22f051fa2d Merge pull request #10 from vipulnsward/mandatory_options 
extract mandatory options constant
 2013-05-03 07:41:02 -07:00
Vipul A M
7f3a24022b extract mandatory options constant 2013-05-03 09:25:43 +05:30