Add IP-based rules (#14963)

author: Eugen Rochko <eugen@zeonfederated.com> 2020-10-12 16:33:49 +0200
committer: GitHub <noreply@github.com> 2020-10-12 16:33:49 +0200
commit: 5e1364c448222c964faa469b6b5bfe9adf701c1a (patch)
tree: bf13de38f07f6a8ec4bdce9c6242c3c472bfddea /config/initializers
parent: dc52a778e111a67a5275dd4afecf3991e279e005 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb
index cd29afac5..6662ef40b 100644
--- a/config/initializers/rack_attack.rb
+++ b/config/initializers/rack_attack.rb
@@ -42,6 +42,10 @@ class Rack::Attack
     req.remote_ip == '127.0.0.1' || req.remote_ip == '::1'
   end
 
+  Rack::Attack.blocklist('deny from blocklist') do |req|
+    IpBlock.blocked?(req.remote_ip)
+  end
+
   throttle('throttle_authenticated_api', limit: 300, period: 5.minutes) do |req|
     req.authenticated_user_id if req.api_request?
   end
author	Eugen Rochko <eugen@zeonfederated.com>	2020-10-12 16:33:49 +0200
committer	GitHub <noreply@github.com>	2020-10-12 16:33:49 +0200
commit	5e1364c448222c964faa469b6b5bfe9adf701c1a (patch)
tree	bf13de38f07f6a8ec4bdce9c6242c3c472bfddea /config/initializers
parent	dc52a778e111a67a5275dd4afecf3991e279e005 (diff)