monorail
/
mastodon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Throttle IPv6 signup for subnet (#17588)

This commit is contained in:
Jeong Arm 2022-02-18 21:51:51 +09:00 committed by GitHub
parent ac99f586bb
commit 1de2e3f980
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
config/initializers/rack_attack.rb
View File

@ -82,7 +82,9 @@ class Rack::Attack
end end
throttle('throttle_sign_up_attempts/ip', limit: 25, period: 5.minutes) do |req| throttle('throttle_sign_up_attempts/ip', limit: 25, period: 5.minutes) do |req|
req.remote_ip if req.post? && req.path == '/auth' return unless req.post? && req.path == '/auth'
return req.remote_ip.mask(64) if req.remote_ip.ipv6?
req.remote_ip
end end
throttle('throttle_password_resets/ip', limit: 25, period: 5.minutes) do |req| throttle('throttle_password_resets/ip', limit: 25, period: 5.minutes) do |req|