rack-attack在黑名单页面上配置文本

时间:2016-09-05 04:07:15

标签: ruby-on-rails heroku rackattack

我使用机架攻击阻止ip。

# Block requests from 1.2.3.4
Rack::Attack.blocklist('block 1.2.3.4') do |req|
# Requests are blocked if the return value is truthy
'1.2.3.4' == req.ip
end

IP成功阻止。此人可以在左上角查看带有“禁止”字样的白页。有没有办法改变字符串“禁止”?

编辑:

尝试使用它。我的所有其他错误页面也配置相似。 https://mattbrictson.com/dynamic-rails-error-pages 但它没有看到机架攻击403禁止页面。

2 个答案:

答案 0 :(得分:3)

要自定义阻止列表和限制请求的响应,请使用符合Rack应用程序界面的对象。

Rack::Attack.blocklisted_response = lambda do |env|
  # Using 503 because it may make the attacker think that he had successfully
  # DOSed the site. Rack::Attack returns 403 for blocklists by default
  [ 503, {}, ['Your custom string here']]
end

查看相关的documentation

答案 1 :(得分:0)

覆盖blocklisted_response

@Tony Vincent is correct.我想我会进一步阐述。

您只需要覆盖blocklisted_response的默认值即可。

您可以看到默认值here

@blocklisted_response = lambda { |_env| [403, { 'Content-Type' => 'text/plain' }, ["Forbidden\n"]] }

因此,在rack_attack.rb初始化程序中,您可以执行以下操作:

Rack::Attack.blocklisted_response = lambda{ |_env| [ 403, { "Content-Type" => "text/plain" }, [ "You have been blocked from the system. If you think this has been done in error, please contact Support at support@system.com. Thank you." ] ] }