Rack attack is the gem which we use in ruby on rails for implementing rate limiting. It has a lot of amazing features like safe listing, blocklisting (blacklisting), tracking, throttling etc.
We will take a look at it's readme for more information now from it's github page.
As the names mean, safelisting means allow if condition matches and blacklisting means block if the condition matches. Safelists have the most precedence, so any request matching a safelist would be allowed despite matching any number of blocklists or throttles.
View the readme and explain
Demo
Rack::Attack.blocklist_ip("127.0.0.1")Rack::Attack.safelist_ip("127.0.0.1") and the above one but this takes precedence.Rack::Attack.blocklist("block all access to admin") do |request|
# Requests are blocked if the return value is truthy
request.path.start_with?("/admin")
end