New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Rack::Attack #2244

Merged
merged 6 commits into from Nov 17, 2018

Conversation

Projects
None yet
2 participants
@kevinrobinson
Copy link
Contributor

kevinrobinson commented Nov 17, 2018

Who is this PR for?

students, families

What does this PR do?

Adds more layers of defense against attacks from attack bots, mostly throttling repeated login requests.

Checklists

Which features or pages does this PR touch?

  • Core

Does this PR use tests to help verify we can deploy these changes quickly and confidently?

  • Included specs for changes
  • Manual testing made more sense here

This code will run locally and in tests, but production config is a bit different. Will deploy this to demo first and then roll out after that.

@studentinsights-bot

This comment has been minimized.

Copy link

studentinsights-bot commented Nov 17, 2018

@kevinrobinson, this looks like it might be worth double-checking! @kevinrobinson might be able to help.

@kevinrobinson kevinrobinson force-pushed the feature/rack-attack branch from 3417040 to 6f34b9c Nov 17, 2018

kevinrobinson added some commits Nov 17, 2018

@kevinrobinson

This comment has been minimized.

Copy link
Contributor

kevinrobinson commented Nov 17, 2018

selfie

@kevinrobinson kevinrobinson merged commit 7e7d322 into master Nov 17, 2018

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details

@kevinrobinson kevinrobinson deleted the feature/rack-attack branch Nov 17, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment