我正在使用机架攻击来阻止 ip。
# Block requests from 1.2.3.4
Rack::Attack.blocklist('block 1.2.3.4') do |req|
# Requests are blocked if the return value is truthy
'1.2.3.4' == req.ip
end
IP 被成功阻止。此人可以查看左上角带有“禁止”字样的白页。有什么办法可以改变字符串 "forbidden" 吗?
编辑:
试过用这个。我所有的其他错误页面也都是类似的配置。 https://mattbrictson.com/dynamic-rails-error-pages 但它在机架攻击 403 禁止页面上不起作用。
【问题讨论】:
标签: ruby-on-rails heroku rackattack
要自定义列入黑名单和受限制的请求的响应,请使用符合 Rack 应用界面的对象。
Rack::Attack.blocklisted_response = lambda do |env|
# Using 503 because it may make the attacker think that he had successfully
# DOSed the site. Rack::Attack returns 403 for blocklists by default
[ 503, {}, ['Your custom string here']]
end
查看相关documentation
【讨论】:
blocklisted_response。@Tony Vincent is correct. 我想我会再详细说明一下。
您只需覆盖blocklisted_response 的默认值。
可以看到默认值here:
@blocklisted_response = lambda { |_env| [403, { 'Content-Type' => 'text/plain' }, ["Forbidden\n"]] }
因此,在您的 rack_attack.rb 初始化程序中,您可以执行以下操作:
Rack::Attack.blocklisted_response = lambda{ |_env| [ 403, { "Content-Type" => "text/plain" }, [ "You have been blocked from the system. If you think this has been done in error, please contact Support at support@system.com. Thank you." ] ] }
【讨论】: