suzanne.soy/travis-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

be less forgiving with /auth/github requests

Browse Source
This commit is contained in:
Konstantin Haase 2015-10-05 18:16:29 +02:00
parent 148e2acefe
commit e218b13073
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/travis/api/attack.rb
View File

@ -27,10 +27,10 @@ class Rack::Attack
#### ####
# Ban based on: IP address or access token # Ban based on: IP address or access token
# Ban time: 1 hour # Ban time: 5 hours
# Ban after: 10 POST requests within one minute to /auth/github # Ban after: 10 POST requests within five minutes to /auth/github
blacklist('hammering /auth/github') do |request| blacklist('hammering /auth/github') do |request|
Rack::Attack::Allow2Ban.filter(request.identifier, maxretry: 10, findtime: 1.minute, bantime: 1.hour) do Rack::Attack::Allow2Ban.filter(request.identifier, maxretry: 10, findtime: 5.minutes, bantime: 5.hours) do
request.post? and request.path == '/auth/github' request.post? and request.path == '/auth/github'
end end
end end