Permalink
Browse files

add LICENSE and README.md

  • Loading branch information...
1 parent e5876cc commit 7f8d4a3700d8c3bfeb8bacb0cfde4d0936d918f4 @Geal committed Jul 11, 2012
Showing with 54 additions and 0 deletions.
  1. +21 −0 LICENSE
  2. +33 −0 README.md
View
@@ -0,0 +1,21 @@
+Copyright (c) 2012 Geoffroy Couprie
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
View
@@ -0,0 +1,33 @@
+Rate Limit
+======
+
+Filter requests to your controllers, and block bruteforce attacks on your forms.
+
+By limiting the rate of requests, you could, without harming usability:
+* prevent password bruteforce on login forms
+* prevent user enumeration on password reset forms
+* slow significantly site scraping
+
+Features
+--------
+
+* Block requests if they exceed a specified rate (blockBy*)
+* Add a growing delay before accepting requests (slowBy*)
+* Reset the filter if successful use (resetBlockerByKey/resetSlowerByKey)
+
+Code example
+------------
+
+```ruby
+class HelloController < ApplicationController
+ def index
+ if RateLimit.slowByIp(request)
+ puts "not blocking the page"
+ else
+ puts "blocking the page"
+ render :nothing => true, :status => 403
+ end
+ end
+end
+```
+

0 comments on commit 7f8d4a3

Please sign in to comment.