rack-attack
rack-attack copied to clipboard
rack
Rack middleware for blocking & throttling
We should probably also update CI, but we've been testing `rack-attack` from the `rack` repo (external tests) and all the tests are passing. So this should probably be good.
Fixes #511. This PR adds several features designed to increase fault-tolerance in case the cache infrastructure (Redis, Memcached, etc.) fails. This introduces a few new configs; the intention here is...
## Overview My company's been using Rack::Attack for years and it's an important part of how our Rails application controls traffic. But because every IP's 60-second period for its requests...
Don't fail when Redis is misbehaving, e.g. OOM command not allowed when used memory > 'maxmemory'
Rack Attack is written so it doesn't fail if Redis is down on application startup. That's cool. However, it will bring down the application if Redis server starts misbehaving at...
Use case: We have an API to allow the client to fetch data by a list of ids. The API allows up to a few thousand ids. In order to...
This can be used as: ```ruby use Rack::Attack do ... throttle("requests by ip", limit: 5, period: 2) do |request| request.ip end blocklist("block all access to admin") do |request| request.path.start_with?("/admin") end...
This is a work in progress (failing tests, missing new tests and documentation), but basically is ready for review to verify basic ideas. To add new adapters, all is needed...
Using thread locals is the simplest implementation in this case I can think of. Closes #200