awesome-repositories.com
Blog
awesome-repositories.com

Descoperă cele mai bune repository-uri open source cu căutare AI.

ExploreazăCăutări recomandateAlternative open-sourceSoftware self-hostedBlogHartă site
ProiectDespreCum realizăm clasamentulPresăServer MCP
LegalConfidențialitateTermeni
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
rack avatar

rack/rack-attack

0
View on GitHub↗
5,746 stele·344 fork-uri·Ruby·MIT·3 vizualizări

Rack Attack

Rack-attack is a middleware rate limiter and request filter for the Rack interface. It provides a system for throttling HTTP requests and maintaining IP address blocklists to protect applications from malicious traffic and denial-of-service attacks.

The project enables application layer DDoS mitigation and API rate limit management by identifying and rejecting requests from banned clients or abusive IP addresses. It allows for the definition of safelists to bypass filters and uses custom logic to determine if a client should be blocked or throttled.

The tool covers comprehensive traffic management through automated client banning, exponential backoff strategies, and the ability to define custom rejection responses. It includes instrumentation for monitoring request patterns and supports external cache backends to synchronize state across distributed application instances.

Features

  • Request Rate Limiting - Controls the number of requests a client can make within a specific timeframe to prevent system overload.
  • Request Interception Middleware - Intercepts incoming HTTP requests in a middleware pipeline to evaluate security rules before application processing.
  • External State Stores - Integrates with external state stores to maintain ban records and request counts across distributed instances.
  • Distributed Rate Limit Stores - Provides external cache backend integration to synchronize rate limiting state across distributed application instances.
  • Traffic Throttling - Limits request rates based on unique identifiers to prevent system overload and mitigate DoS attacks.
  • Automated IP Banning - Automatically blocks clients for a set duration after they exceed thresholds for forbidden requests or failures.
  • Malicious Traffic Blocking - Identifies and rejects requests from banned IP addresses or abusive clients before they reach application logic.
  • IP Blocking Middleware - Ships middleware that rejects traffic from forbidden IP addresses and subnets to protect the application.
  • Predicate-Based Request Filtering - Evaluates incoming requests against custom truthy logic blocks to determine safelisting, blocking, or throttling.
  • IP-Based Rate Limiting - Tracks request frequency using unique identifiers like IP addresses to apply granular per-user quotas.
  • Middleware Rate Limiters - Provides a middleware layer for the Rack interface to throttle HTTP requests and block abusive clients.
  • IP Address Blocklists - Maintains blocklists to identify and reject traffic from specific banned IP addresses.
  • API Rate Limiting - Provides tools for managing API request quotas and communicating limits via standard HTTP headers.
  • Rack Request Filters - Implements a filtering mechanism for Rack applications to evaluate requests against security rules and safelists.
  • Quota Status Headers - Implements HTTP response headers that communicate remaining request quotas and retry delays to API clients.
  • Throttled Response Customization - Allows defining custom HTTP response objects, status codes, and headers for blocklisted or throttled requests.
  • DDoS Protections - Protects Rack-based web applications from DDoS attacks by managing request rates and blocking abusive clients.
  • Request Safelisting - Permits trusted clients or specific requests to bypass all security filters and rate limits.
  • Layered Throttle Compositions - Implements layered throttle composition to apply multiple time-window limits for exponential backoff strategies.
  • Server-Side Backoff Enforcement - Implements layered throttles that progressively increase the wait time between requests for abusive clients.
  • Pipeline Short-Circuiting - Immediately returns custom HTTP responses when a request matches a blocklist, terminating the pipeline early.

Istoric stele

Graficul istoricului de stele pentru rack/rack-attackGraficul istoricului de stele pentru rack/rack-attack

Căutare AI

Explorează mai multe repository-uri excelente

Descrie ce ai nevoie în limbaj simplu — AI-ul sortează mii de proiecte open source selectate în funcție de relevanță.

Start searching with AI

Alternative open-source pentru Rack Attack

Proiecte open-source similare, clasificate după numărul de funcționalități comune cu Rack Attack.
  • kickstarter/rack-attackAvatar kickstarter

    kickstarter/rack-attack

    5,744Vezi pe GitHub↗

    This project is a Rack middleware rate limiter and application layer firewall for Ruby web applications. It serves as a security layer to throttle and block HTTP requests based on custom rules, protecting web servers from abusive traffic. The system provides capabilities for IP blocking and the banning of malicious clients. It implements request safelisting to bypass restrictions for trusted users and uses time-windowed rate limiting to control request frequency. The middleware covers traffic management and monitoring, including the ability to track request patterns and instrument traffic ev

    Ruby
    Vezi pe GitHub↗5,744
  • mitchellkrogza/nginx-ultimate-bad-bot-blockerAvatar mitchellkrogza

    mitchellkrogza/nginx-ultimate-bad-bot-blocker

    4,750Vezi pe GitHub↗

    This project is a collection of configuration files and scripts serving as a bot blocker and security middleware for Nginx. It functions as an automated blocklist manager that filters malicious user-agents and IP addresses to mitigate vulnerability scanning, login brute-forcing, and DDoS attacks. The system distinguishes itself by automating the maintenance of security rules, downloading updated bot definitions and reloading the server on a schedule. It also includes a search engine spam filter capable of generating robots.txt files and link disavow lists to prevent malicious domains from imp

    Shelladwarebot-blockerbots
    Vezi pe GitHub↗4,750
  • express-rate-limit/express-rate-limitAvatar express-rate-limit

    express-rate-limit/express-rate-limit

    3,265Vezi pe GitHub↗

    This project is a middleware for the Express web framework designed to restrict request frequency and protect server capacity. It functions as a traffic throttler that intercepts incoming requests to evaluate and enforce limits based on client identity within defined time windows. The system distinguishes itself through a pluggable data store pattern that allows for distributed rate limiting. By delegating hit count storage to external databases, it ensures consistent request tracking across multiple server instances and maintains state across process restarts. The library provides comprehen

    TypeScriptapiexpressexpress-js
    Vezi pe GitHub↗3,265
  • loveshell/ngx_lua_wafAvatar loveshell

    loveshell/ngx_lua_waf

    4,025Vezi pe GitHub↗

    ngxluawaf is an OpenResty web application firewall that uses Lua to filter malicious HTTP requests and block web attacks. It operates as a programmable request filter and IP access controller for Nginx, providing a security layer to identify and block unauthorized scanners, fuzzing attempts, and abnormal network requests. The project includes capabilities for HTTP layer 7 DDoS mitigation by restricting request frequency per IP address. It further secures the environment by restricting access to sensitive archives and blocking script execution in upload directories to prevent data leakage.

    Lua
    Vezi pe GitHub↗4,025
Vezi toate cele 30 alternative pentru Rack Attack→

Întrebări frecvente

Ce face rack/rack-attack?

Rack-attack is a middleware rate limiter and request filter for the Rack interface. It provides a system for throttling HTTP requests and maintaining IP address blocklists to protect applications from malicious traffic and denial-of-service attacks.

Care sunt principalele funcționalități ale rack/rack-attack?

Principalele funcționalități ale rack/rack-attack sunt: Request Rate Limiting, Request Interception Middleware, External State Stores, Distributed Rate Limit Stores, Traffic Throttling, Automated IP Banning, Malicious Traffic Blocking, IP Blocking Middleware.

Care sunt câteva alternative open-source pentru rack/rack-attack?

Alternativele open-source pentru rack/rack-attack includ: kickstarter/rack-attack — This project is a Rack middleware rate limiter and application layer firewall for Ruby web applications. It serves as… mitchellkrogza/nginx-ultimate-bad-bot-blocker — This project is a collection of configuration files and scripts serving as a bot blocker and security middleware for… express-rate-limit/express-rate-limit — This project is a middleware for the Express web framework designed to restrict request frequency and protect server… loveshell/ngx_lua_waf — ngx_lua_waf is an OpenResty web application firewall that uses Lua to filter malicious HTTP requests and block web… pavel-odintsov/fastnetmon — FastNetMon is a network traffic analyzer and DDoS detection system designed to identify and mitigate distributed… anjoy8/blog.core — Blog.Core is a production-ready backend boilerplate for building enterprise APIs and microservices using ASP.NET Core.…