-
Notifications
You must be signed in to change notification settings - Fork 335
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rack-attack ignores namespacing #86
Comments
You can set the rack attack key prefix like so:
Not sure why two different keys are getting created. |
I cleared the cache before: 1) "my_app:allow2ban:ban:127.0.0.1"
2) "development/c5308:my_app:23508888:allow2ban:count:127.0.0.1" I think it's because of the initializer: Rack::Attack.cache.store = ActiveSupport::Cache.lookup_store(Rails.configuration.custom.cache_store_config) Somehow it initializes too late and takes the namespace in consideration only now. |
Here is some input: When I replace: self.setex(key, expires_in, value) with: self.set(key, value)
self.expire(key, expires_in) This is what I get: 127.0.0.1:6379> keys '*'
1) "development/c5308:my_app:allow2ban:ban:127.0.0.1"
2) "development/c5308:my_app:23508906:allow2ban:count:127.0.0.1" But the expiration time are not set: 127.0.0.1:6379> get "development/c5308:my_app:allow2ban:ban:127.0.0.1"
"\x04\bi\x06" (weird value here)
127.0.0.1:6379> ttl "development/c5308:my_app:allow2ban:ban:127.0.0.1"
(integer) -1
127.0.0.1:6379> get "development/c5308:my_app:23508909:allow2ban:count:127.0.0.1"
"20"
127.0.0.1:6379> ttl "development/c5308:my_app:23508909:allow2ban:count:127.0.0.1"
(integer) -1 |
Okay, redis-namespace gave me a hard time. # Remove the namespace options
cache_store_config = :redis_store,
"redis://#{Rails.configuration.custom.config_redis['url']}:#{Rails.configuration.custom.config_redis['port']}"
Rack::Attack.cache.store = ActiveSupport::Cache.lookup_store(cache_store_config)
# Add it back to rack-attack prefix
Rack::Attack.cache.prefix = Rails.configuration.custom.redis_namespace + ':rack:attack' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
I'm using redis-namespace (https://github.com/resque/redis-namespace) too keep my keys in separate namespaces.
I configured Rack-Attack to use my configuration of redis:
I'm using allow2ban to prevent bots from hitting my login pages:
these keys are created in the redis store:
Number 3 is not namespaced, but the second is.
Plus, when looking for the expiration time, here is what I get:
The second has no expiration date though the same command is sent to Redis.
Ever heard of this behaviour?
Thanks,
The text was updated successfully, but these errors were encountered: