我正在尝试限制一些试图在我们的生产服务器上进行暴力验证的机器人。
这是一个带有机架攻击 6.3 的 Rails 4 应用程序,我将其配置如下:
config/initializers/rack_attack.rb
class Rack::Attack
# Throttle all requests by IP (60rpm)
#
# Key: "rack::attack:#{Time.now.to_i/:period}:req/ip:#{req.ip}"
throttle('req/ip', limit: 300, period: 5.minutes) do |req|
unless req.path.start_with?('/assets')
Rails.logger.error("Rack::Attack Too many requests from IP: #{req.ip}")
req.ip
end
end
### Prevent Brute-Force Attacks ###
# Throttle any POST requests by IP address
#
# Key: "rack::attack:#{Time.now.to_i/:period}:pink/posts/ip:#{req.ip}"
throttle('pink/posts/ip', limit: 1, period: 2.seconds) do |req|
if req.post?
Rails.logger.error("Rack::Attack Too many POSTS from IP: #{req.ip}")
req.ip
end
end
end
但是我不断收到来自同一个 IP 的数百万个请求,我错过了什么吗?
文档说 Rails 应用程序默认使用它,因此这应该是启用节流所需的唯一配置。