Enable rack attack and add a throttle.
This commit is contained in:
Marin Jankovski
parent
66c7eedec7
commit
c562d290ea
2 changed files with 6 additions and 0 deletions
|
|
@ -77,5 +77,8 @@ module Gitlab
|
|||
# 3) In your unicorn.rb: ENV['RAILS_RELATIVE_URL_ROOT']
|
||||
#
|
||||
# config.relative_url_root = "/gitlab"
|
||||
|
||||
# Enable rack attack middleware
|
||||
config.middleware.use Rack::Attack
|
||||
end
|
||||
end
|
||||
|
|
|
|||
3
config/initializers/rack_attack.rb
Normal file
3
config/initializers/rack_attack.rb
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
Rack::Attack.throttle('user logins, registration and password reset', limit: 6, period: 60.seconds) do |req|
|
||||
req.ip if ["/users/password", "/users/sign_in", "/users"].include?(req.path) && req.post?
|
||||
end
|
||||
Loading…
Reference in a new issue