Throttling based on previous 4xx/5xx responses? #216
Comments
|
Hi @jdelStrother, rack-attack is built to make decisions based on the request, not the response. So indeed blocking/throttling clients based on 4xx/5xx response codes isn't what rack-attack was designed for. There's a bit of history here. |
|
I am sort of looking for the same feature: I want to throttle failed login attempts (which get a 4XX response). As I see there is no way of achieving it with rack-attack currently, I think maybe I could write a custom middleware, which checks the response, and if so, manually increases the request count using the proper throttle name and discriminator. And, if it simplifies things, neither this middleware, nor rack-attack, would modify the response. I would get an off-by-one throttling, because it would be caught up upon the next request, where rack-attack can check and stop it... Does this seem reasonable to you? if so, how could I perform the "please rack-attack increase this throttle count for this discriminator"? |
I keep thinking it would be useful to block/throttle clients that have produced a high number of 4xx/5xx responses recently, to cut down on errors from badly behaved spiders / script kiddies.
I couldn't see an obvious way of bending rack-attack to do this. Am I missing anything, or any thoughts on whether this functionality might belong in rack-attack or elsewhere?
The text was updated successfully, but these errors were encountered: