我正在使用rack-attack来阻止ip。
# Block requests from 1.2.3.4
Rack::Attack.blocklist('block 1.2.3.4') do |req|
# Requests are blocked if the return value is truthy
'1.2.3.4' == req.ip
end
IP被成功阻断。这个人可以看到一个白色页面,左上角写着"禁止"。有没有办法改变字符串"禁止"?
编辑:
尝试使用这个。我的所有其他错误页面也都进行了类似的配置。https://mattbrictson.com/dynamic-rails-error-pages但是它在机架攻击403禁止页面上不起作用。
要自定义阻塞列表和节流请求的响应,请使用遵循Rack应用程序接口的对象。
Rack::Attack.blocklisted_response = lambda do |env|
# Using 503 because it may make the attacker think that he had successfully
# DOSed the site. Rack::Attack returns 403 for blocklists by default
[ 503, {}, ['Your custom string here']]
end
参见相关文档
覆盖blocklisted_response
@Tony Vincent是正确的。我想我应该再详细说明一下
您只需要覆盖blocklisted_response
的默认值。
您可以在这里看到默认值:
@blocklisted_response = lambda { |_env| [403, { 'Content-Type' => 'text/plain' }, ["Forbiddenn"]] }
在你的rack_attack.rb
初始化器中,你可以这样做:
Rack::Attack.blocklisted_response = lambda{ |_env| [ 403, { "Content-Type" => "text/plain" }, [ "You have been blocked from the system. If you think this has been done in error, please contact Support at support@system.com. Thank you." ] ] }
覆盖blocklistd_response
也可以显示HTML页面
在rack_attack中。
初始化器,你可以做以下操作:
Rack::Attack.blocklisted_response = lambda{ |_env| [ 403, { "Content-Type" => "text/html" }, [ "<!DOCTYPE html>
<html>
<head>
<title>The page you were looking for doesn't exist (404)</title>
<meta name='viewport' content='width=device-width,initial-scale=1'>
</head>
<body class='rails-default-error-page'>
<!-- This file lives in public/404.html -->
<div class='dialog'>
<div>
<h1>The page you were looking for doesn't exist.</h1>
<p>You may have mistyped the address or the page may have moved.</p>
</div>
<p>If you are the application owner check the logs for more information.</p>
</div>
</body>
</html>
" ] ] }