-
-
Save kivanio/cc16a0079766ec15af71 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # First blacklist checks for /etc/password, and counts hits in cache | |
| blacklist 'etc/password' do | |
| if req.query_string =~ %r{/etc/passwd} | |
| Fail2Ban.fail('etc_password', req.ip, limit: 3, period: 24.hours, ban_for: 24.hours) | |
| end | |
| end | |
| # 2nd blacklist checks for banned IPs in cache | |
| blacklist 'banned_ips' do | |
| Fail2Ban.banned?(req.ip) | |
| end | |
| module Fail2Ban | |
| class << self | |
| def fail(name, discriminator, options) | |
| count = cache.count("#{name}:#{discriminator}", options[:period]) | |
| if count > options[:limit] | |
| ban(req.ip, options[:ban_for]) | |
| end | |
| # Return true for blacklist | |
| true | |
| end | |
| def ban(discriminator, duration) | |
| cache.write("fail2ban:#{discriminator}", 1, duration) | |
| end | |
| def banned?(discriminator) | |
| cache.read("fail2ban:#{discriminator}") | |
| end | |
| def cache | |
| Rack::Attack.cache | |
| end | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment