Skip to content

Commit

Permalink
Add rack-attack safelist
Browse files Browse the repository at this point in the history
  • Loading branch information
@Teqed
Teqed committed Sep 12, 2024
1 parent 99869db commit 5b35dbb
Showing 1 changed file with 6 additions and 2 deletions.
8 changes: 6 additions & 2 deletions config/initializers/rack_attack.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,16 +61,20 @@ def paging_request?
params['page'].present? || params['min_id'].present? || params['max_id'].present? || params['since_id'].present?
end
end

Rack::Attack.safelist('allow from localhost') do |req|
req.remote_ip == '127.0.0.1' || req.remote_ip == '::1'
end

Rack::Attack.blocklist('deny from blocklist') do |req|
IpBlock.blocked?(req.remote_ip)
end

throttle('throttle_authenticated_api', limit: 1_500, period: 5.minutes) do |req|
throttle('throttle_authenticated_api', limit: 5_000, period: 1.minutes) do |req|
req.authenticated_user_id if req.api_request?
end

throttle('throttle_per_token_api', limit: 300, period: 5.minutes) do |req|
throttle('throttle_per_token_api', limit: 1_500, period: 1.minutes) do |req|
req.authenticated_token_id if req.api_request?
end

Expand Down

0 comments on commit 5b35dbb

Please sign in to comment.