Add the ability to define rack-attack rules via a JSON file #711
pnomolos
started this conversation in
Ideas & Proposals
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
The company I work for would like to be able to define rack-attack rules via a JSON format to make them simpler to test, easier to verify, and introduce the possibility that most of our attack rules could be pushed to a dedicated WAF while also providing developers with the same experience in their development environments.
I've put together a branch that's modelled after Cloudflare's Ruleset Engine. Because I was feeling ambitious, I also wrote a Rust-based extension to handle evaluation of any rules defined via the JSON format. We see about 1.5 billion requests per week, so at our scale those sorts of micro-optimizations make sense (at least until we can push rules to a WAF directly).
Is this something that interests the rack-attack team? I'd be more than happy to pull the branch into a few disparate PRs, for example if you'd like the JSON format but not the Rust extension.
The code is available here. Documentation for the JSON format is specifically available here.
Beta Was this translation helpful? Give feedback.
All reactions