0

我正在尝试限制一些试图在我们的生产服务器上进行暴力验证的机器人。

这是一个带有机架攻击 6.3 的 Rails 4 应用程序,我将其配置如下:

config/initializers/rack_attack.rb

class Rack::Attack

  # Throttle all requests by IP (60rpm)
  #
  # Key: "rack::attack:#{Time.now.to_i/:period}:req/ip:#{req.ip}"
  throttle('req/ip', limit: 300, period: 5.minutes) do |req|
    unless req.path.start_with?('/assets')
      Rails.logger.error("Rack::Attack Too many requests from IP: #{req.ip}")
      req.ip
    end
  end

  ### Prevent Brute-Force Attacks ###

  # Throttle any POST requests by IP address
  #
  # Key: "rack::attack:#{Time.now.to_i/:period}:pink/posts/ip:#{req.ip}"
  throttle('pink/posts/ip', limit: 1, period: 2.seconds) do |req|
    if req.post?
      Rails.logger.error("Rack::Attack Too many POSTS from IP: #{req.ip}")
      req.ip
    end
  end

end

但是我不断收到来自同一个 IP 的数百万个请求,我错过了什么吗?

文档说 Rails 应用程序默认使用它,因此这应该是启用节流所需的唯一配置。

4

2 回答 2

2

所以最后两种语法都像我所拥有的和@wscourge 建议的工作,问题是即使官方文档说rails应用程序默认使用它,你仍然需要添加以下内容application.rb,至少在Rails 4中:

config.middleware.use Rack::Attack
于 2020-12-26T01:42:01.740 回答
1

从我在节流文档语法中看到的,正确的方法是在初始化程序中执行类方法,而不是在类定义中执行它

config/initializers/rack_attack.rb

# Throttle all requests by IP (60rpm)
#
# Key: "rack::attack:#{Time.now.to_i/:period}:req/ip:#{req.ip}"
Rack::Attack.throttle('req/ip', limit: 300, period: 5.minutes) do |req|
  unless req.path.start_with?('/assets')
    Rails.logger.error("Rack::Attack Too many requests from IP: #{req.ip}")
    req.ip
  end
end

### Prevent Brute-Force Attacks ###

# Throttle any POST requests by IP address
#
# Key: "rack::attack:#{Time.now.to_i/:period}:pink/posts/ip:#{req.ip}"
Rack::Attack.throttle('pink/posts/ip', limit: 1, period: 2.seconds) do |req|
  if req.post?
    Rails.logger.error("Rack::Attack Too many POSTS from IP: #{req.ip}")
    req.ip
  end
end
于 2020-11-20T09:22:47.190 回答