suzanne.soy/travis-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

block clients sending many POST requests

Browse Source
This commit is contained in:
Konstantin Haase 2015-10-05 18:19:15 +02:00
parent e218b13073
commit 1bec0c1332
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/travis/api/attack.rb
View File

@ -35,6 +35,16 @@ class Rack::Attack
end end
end end
####
# Ban based on: IP address or access token
# Ban time: 1 hour
# Ban after: 10 POST requests within 30 seconds
blacklist('spamming with POST requests') do |request|
Rack::Attack::Allow2Ban.filter(request.identifier, maxretry: 10, findtime: 30.seconds, bantime: 1.hour) do
request.post?
end
end
### ###
# Throttle: unauthenticated requests - 50 per minute # Throttle: unauthenticated requests - 50 per minute
# Scoped by: IP address # Scoped by: IP address