#52 Rails API - Throttling with Rack::Attack
SummarySave expensive calculation time using Rack::Attack, we will learn how to limit requests coming into our application. This gem not only limits requests, but can be used to blacklist or whitelist users as well.
rails api security 7:10
Rack::Attack - https://github.com/kickstarter/rack-attack
Example Config - https://github.com/kickstarter/rack-attack/wiki/Example-Configuration
Source - https://github.com/driftingruby/052-rails-api-throttling-with-rack-attack
module Template class Application < Rails::Application ... config.middleware.use Rack::Attack end end
class Rack::Attack Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new throttle('api/ip', limit: 3, period: 10) do |req| req.ip if req.subdomain == 'api' end class Request < ::Rack::Request def subdomain host.split('.').first end end end