Rack middleware for blocking & throttling
Rack::Attack is a rack middleware to protect your web app from bad clients. It allows whitelisting, blacklisting, throttling, and tracking based on arbitrary properties of the request.
Questions tagged [rackattack]
35 questions
0
votes
1 answer
Gitlab "Forbidden" error
I are running GitLab - Version:10.0.3 and encountered the Forbidden error and Gitlab is forbidding our own office IP. I have already added our office IP in the gitlab_rails['rack_attack_git_basic_auth'] section in gitlab.rb file and also restart…
Srihari
- 31
- 6
0
votes
1 answer
sync rack request and response
In my rails 4 app I'd like to response with html both for html and js request. At the moment when the request is html type the rendering works fine, but when the request is js then the html file doesn't get rendered on the screen (although in the…
Sean Magyar
- 2,360
- 1
- 25
- 57
0
votes
1 answer
rack-attack isn't filtering blacklisted referers
I have set up the rack-attack config per the advanced configuration instructions. I am using Heroku and have confirmed the env variable contains all of the urls and everything is properly formatted.
I have even gone into the console on Heroku and…
airjoshb
- 1
- 2
0
votes
1 answer
Using Rack::Attack to throttle Basic Auth
I have gem rack-attack setup for my app. I want to start throttling basic auth authentication based on IP.
My basic auth code setup like so:
# config/environments/production.rb
config.middleware.insert_after(::Rack::Lock, '::Rack::Auth::Basic',…
Jonathan Mui
- 2,471
- 3
- 19
- 27
0
votes
1 answer
Using memcached to throttle connections
I'm trying to understand how rack-attack uses memcached to throttle connections.
As far as I can tell there's no easy way to manage lists in memcached, and no way to search keys by prefix. Yet rack-attack is somehow keeping a list count within…
Yarin
- 173,523
- 149
- 402
- 512