Rack-Attack Gem

Public
Add rack-attack gem and default initializer
Icons/chart bar
Used 12 times
Created by
D Dale Zak

Usage
For more information on rack-attack, please visit https://github.com/rack/rack-attack

Run this command in your Rails app directory in the terminal:

rails app:template LOCATION="https://railsbytes.com/script/xkjs9G"
Template Source

Review the code before running this template on your machine.

run 'bundle add rack-attack'

file 'config/initializers/rack_attack.rb', <<-CODE
class Rack::Attack
  class Request < ::Rack::Request
    def params(*args)
      @params ||= ActionDispatch::Request.new(env).params(*args)
    end
    def remote_ip
      @remote_ip ||= (env['action_dispatch.remote_ip'] || env['HTTP_X_FORWARDED_FOR'] || ip).to_s
    end
  end
end
Rack::Attack.safelist('safelist localhost') do |req|
  req.ip == '127.0.0.1' || req.ip == '::1'
end
Rack::Attack.throttle 'throttle logins', limit: 5, period: 1.hour do |req|
  if req.post? && (req.path == '/users/sign_in' || req.path == '/users/sign_in.json')
    req.params['email'].to_s.downcase.gsub(/\s+/, "").presence
  end
end
Rack::Attack.throttle 'throttle signups', limit: 2, period: 1.hour do |req|
  if req.post? && (req.path == '/users/sign_up' || req.path == '/users/sign_up.json')
    req.params['email'].to_s.downcase.gsub(/\s+/, "").presence
  end
end
Rack::Attack.throttle 'throttle password resets', limit: 2, period: 1.hour do |req|
  if req.post? && (req.path == '/users/password' || req.path == '/users/password.json')
    req.params['email'].to_s.downcase.gsub(/\s+/, "").presence
  end
end
Rack::Attack.blocklist 'blocklist fail2ban pentesters' do |req|
  Rack::Attack::Fail2Ban.filter "pentesters-\#{req.ip}", maxretry: 2, findtime: 1.hour, bantime: 1.day do
    CGI.unescape(req.query_string) =~ %r{/etc/passwd} ||
      req.path.include?('/etc/passwd') ||
      req.path.include?('wp-admin') ||
      req.path.include?('wp-login') ||
      req.path.include?('wp-content') ||
      req.path.include?('wp-includes') ||
      req.path.include?('tar.gz') ||
      req.path.include?('.zip') ||
      req.path.include?('.php') ||
      req.path.include?('.env') ||
      req.path.include?('.git') ||
      req.path.include?('.aspx') ||
      req.path.include?('.db') ||
      req.path.include?('.ini') ||
      req.path.include?('.7z') ||
      req.path.include?('.rar') ||
      req.path.include?('.key') ||
      req.path.include?('.cgi') ||
      req.path.include?('.ssh') ||
      req.path.include?('.sql') ||
      req.path.include?('.swf') ||
      req.path.include?('.cfm') ||
      req.path.include?('.config') ||
      req.path.include?('.sqlite') ||
      req.path.include?('ht.access') ||
      req.path.include?('installed.json') ||
      req.path.include?('.gem/credentials')
  end
end
CODE
Comments

Sign up or Login to leave a comment.