about summary refs log tree commit diff
path: root/config/initializers
diff options
context:
space:
mode:
authorEugen Rochko <eugen@zeonfederated.com>2016-09-24 13:53:54 +0200
committerEugen Rochko <eugen@zeonfederated.com>2016-09-24 13:53:54 +0200
commit3b56350121998abb249f14a45c656c2655d6344e (patch)
treeb1928f8f121f3e03ae5f019cee394b1fe836154f /config/initializers
parentdb6df6ddb3448a28c56dff08e6442e4109e6fab2 (diff)
Fix #6 - Rate limit GET reqs to 300/5min, POST to 100/5min
Diffstat (limited to 'config/initializers')
-rw-r--r--config/initializers/rack-attack.rb8
1 files changed, 6 insertions, 2 deletions
diff --git a/config/initializers/rack-attack.rb b/config/initializers/rack-attack.rb
index 15fc6b351..fb447685b 100644
--- a/config/initializers/rack-attack.rb
+++ b/config/initializers/rack-attack.rb
@@ -1,5 +1,9 @@
 class Rack::Attack
-  throttle('req/ip', limit: 300, period: 5.minutes) do |req|
-    req.ip
+  throttle('get-req/ip', limit: 300, period: 5.minutes) do |req|
+    req.ip if req.get?
+  end
+
+  throttle('post-req/ip', limit: 100, period: 5.minutes) do |req|
+    req.ip if req.post?
   end
 end