I recently fell in love with Rack middleware.
Rack’s simplicity of serving web requests by nothing but an
Array with three elements
alone is charming. But using it as a bouncer to handle (and possibly already
return) all sorts of stuff before your requests even touch your Rails app
is the real appeal.
We had an annoying bot hitting one of our applications today. There was no harm done but while it was nowhere near a DoS, its requests did put some load on our servers. All requests came from one source IP and it would have been easy to block it on the network layer, but as we host our sites on Heroku, that was not an option.
Enter a quick middleware hack:
It’s pretty good to test-drive as well: take a look at the spec. There is nice article that illustrates how to test Rack-apps.
We have our middleware classes stowed in
app/middleware. You can hook it in with
a simple one-liner in your
Sure, you need a deployment for every new IP that needs to be blacklisted. But it’s fast and simple. You’re heartily invited to improve the code (send a PR our way).