ActiveSupport::Cache::MemCacheStore unsupported about rack-throttle HOT 5 CLOSED

Hi Owen! Most people are using rack-throttle for legacy versions of ruby, but if you are able to: https://github.com/kickstarter/rack-attack is much more feature full & maintained!

from rack-throttle.

Thanks FreekingDean. I'll work on migrating with our next sprint and add any gotchas/comments to this issue.

from rack-throttle.

Would love to know if there are large sweeping differences, but I believe it was originally based on this repo.

from rack-throttle.

The switch took about an hour.

• safelist took care of the IP whitelisting
• Created a Rack::Attack::Request like the example config to whitelist localhost IP and a few paths
• Able to create three different throttles based on different paths
• Plugs right into Rails.cache.store without any issues

The hardest part was understanding how to log if something was throttled. Here was my solution...

ActiveSupport::Notifications.subscribe("throttle.rack_attack") do |_name, _start, _finish, _request_id, payload|
  request = payload[:request]
  Rails.logger.error("[rack-attack] throttle=#{request.env["rack.attack.matched"]}, path=#{request.path}, ip=#{request.ip}")
end

Will throw it into production in two weeks and see how it performs.

from rack-throttle.

Works great. Only issue was that the IP method needs to be overwritten if you deal with HTTP_X_FORWARDED_FOR otherwise you'll block all traffic from your load balancers.

  def ip
    if addr = env['HTTP_X_FORWARDED_FOR']
      (addr.split(',').first || env['REMOTE_ADDR']).to_s.strip
    else
      env['REMOTE_ADDR']
    end
  end

from rack-throttle.