T1000

Rack::Attack with common attack vectors such as denial-of-service, repeated failures, malicious strings, etc.

Installation

Add this line to your application's Gemfile:

gem 't-1000'

And then execute:

$ bundle

Or install it yourself as:

$ gem install t-1000

Usage

Middleware

Insert the middleware

use T1000::Middleware

Rack::Attack

T1000 supports all the normal rack-attack methods by calling the method on T1000.

Example:

blocked_ip = '59.12.120.18'
T1000.blacklist 'ip' do |req|
    req.ip = blocked_ip
end

Allow Vectors

  • allow_localhost
  • allow_ips(*ips, name: nil, &block)
  • allow_user_agents(*user_agents, name: nil, &block)

Block Vectors

  • block_ips(*ips, name: nil, &block)
  • block_failures(name: nil, within: 30, retries: 10, lock_for: 6000, &block)
  • block_denial_of_service(name: nil, within: 30, requests: 1000, lock_for: 6000, &block)
  • block_strings(*strings, name: nil, &block)
  • block_user_agents(*user_agents, name:nil &block)

The &block

If a block is given to any of the above methods it will be evaluated along with the vector. Both the vector and the block must return true for an action to take place.

Example

T1000.block_failures do |req|
    req.session['user_id'] != nil
end

Setting Responses

Responses can be set for throttled and blacklisted responses. Responses have access to the rack environment and must return a rack compatible response.

T1000.blacklisted_response do |env|
    [502, {}, ['Service Not Available']
end

T1000.throttled_response do |env|
    [502, {}, ['Service Not Available']
end

Development

After checking out the repo, run bin/setup to install dependencies. Then, run bin/console for an interactive prompt that will allow you to experiment.

To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release to create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.

Contributing

  1. Fork it ( https://github.com/[my-github-username]/t_1000/fork )
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create a new Pull Request