defense-cr / defense Goto Github PK

Hi

Is the documentation correct e.g.

Defense.throttle("throttle requests per minute except localhost", limit: 10, period: 60) do |request|
  return nil if request.remote_address == "127.0.0.1"

  request.remote_address
end

in Crystal 0.35.1 request.remote_address seems to return a type: RemoteAddressType and not a String.

or maybe this example expects a different subclass of Address

Hi folks,

thank you so much for Defense.

Do you have any example for spider-gazelle?

I was getting connection errors using this shard in a Lucky framework app:

Connection closed (IO::Error)
  from /tmp/lucky/lib/redis/src/parser.cr:23:14 in 'read'
  from /tmp/lucky/lib/redis/src/connection.cr:419:20 in 'read'
  from /tmp/lucky/lib/redis/src/pipeline.cr:27:30 in 'commit'
  from /tmp/lucky/lib/redis/src/connection.cr:91:16 in 'increment'
  from /tmp/lucky/lib/defense/src/defense/throttle.cr:12:15 in 'matched_by?'
  from /tmp/lucky/lib/defense/src/defense.cr:81:7 in 'throttled?'
  from /tmp/lucky/lib/defense/src/defense/handler.cr:15:13 in 'call'
  from /usr/share/crystal/src/http/server/handler.cr:30:7 in 'call_next'
  from /tmp/lucky/lib/lucky/src/lucky/error_handler.cr:15:5 in 'call'
  # ...

I traced this down to this line of code:

In the jgaskins/redis shard, the #pipeline command is never retried if it fails, so it is generally unreliable. I fixed this by replacing #pipeline with #multi:

# ...

  def increment(unprefixed_key : String, expires_in : Int32) : Int64
    key = prefix_key(unprefixed_key)

    @redis.multi do |redis| # <= Using `#multi` instead
      redis.incr(key)
      redis.expire(key, expires_in)
    end.first.as(Int64)
  end

# ...

It has been a few days and I have not had this error since. It used to happen practically daily, taking the app offline. I had to restart the app to get it to work again.

I think this shard can be taken a bit further by allowing to digest things like SNORT rules (Intrusion Prevention System)

This will give users the ability to almost automatically filter most common web attacks.

Also a good list is the https://github.com/client9/libinjection

Crystal uses a version format which starts with a v so it van be installed properly with shards:

dependencies:
  defense:
    github: defense-cr/defense
    version: 0.2.0

Which now resolves in an error:

Fetching https://github.com/defense-cr/defense.git
Failed git ls-tree -r --full-tree --name-only v0.2.0 -- shard.yml (). Maybe a commit, branch or file doesn't exist?