堆栈内存溢出
  简体   繁体   English

是否存在阻止被入侵的URL请求的导轨或机架式宝石?

[英]Is there a rails or rack gem that blocks hacked URL requests?

 原文  2016-09-25 15:51:42       ruby-on-rails/ security/ scanning

问题描述

My Rails application frequently receives bogus traffic from hackers scanning for vulnerabilities, hitting URLs like /vb/showthread.php%3C/a . 我的Rails应用程序经常收到来自扫描漏洞的黑客的虚假流量,攻击者攻击的网址为/vb/showthread.php%3C/a These show up as noise in our logs and I would like to filter them out or handle these in some way (such as alerting someone to the scanning attempts). 这些在我们的日志中显示为噪音,我想将其过滤掉或以某种方式处理(例如,提醒某人进行扫描尝试)。

Is there a Rails or Rack gem that already does this, or are there similar libraries in other frameworks that do the same thing? 是否已经有Rails或Rack gem可以做到这一点,或者其他框架中有类似的库也可以完成相同的工作?

3 个解决方案

解决方案1
 1 已采纳  2016-09-26 03:16:13

机架式攻击中间件gem足以根据请求的任何属性来阻止请求,并提供了用于处理恶意流量的其他高级功能,例如请求限制,阻止列表和请求日志记录。

解决方案2
 0  2016-09-25 16:08:30

I'm not sure if this really answer your question by I think a custom filter will be better instead of a general gem. 我不确定这是否真的可以回答您的问题,因为我认为自定义过滤器会比一般的gem更好。

I've added a before filter on my applicaton_controller to handle weird request, then you can alert and do what you want. 我在applicaton_controller上添加了一个before过滤器,以处理奇怪的请求,然后您可以发出警报并执行所需的操作。 

class ApplicationController < ....
  before_action :filter_hacks #first filter

private
  def filter_hacks
    if request.format.to_s == 'php'
      #do something: email, save report, anything
      head(:ok) and return false
    elsif #add other filters

    end
  end

I'm sure it could be improved, but you have full control of what you want to block and what to do when that happens. 我敢肯定它会得到改善,但是您完全可以控制要阻止的内容以及发生这种情况时的操作。

解决方案3
 0  2016-09-25 19:51:55

This is a great use case for middleware. 这是一个很好的中间件用例。 You can store a list of known bad routes and use whatever logic you'd like to intercept and handle the request before it makes it through to your app. 您可以存储已知的不良路由的列表,并使用想要拦截和处理请求的任何逻辑,然后将其发送到您的应用程序。 I would read up more on how to use Rack middleware in the Rails guides . 我会在Rails指南中阅读有关如何使用Rack中间件的更多信息。

But it could be accomplished with something similar to this: 但这可以通过类似于以下内容来实现: 

class FilterBadRequest
  BAD_PATHS = [
    "/vb/showthread.php%3C/a"
  ]

  def initialize(app)
    @app = app
  end

  def call(env)
    req = Rack::Request.new(env)

    bad_request = BAD_PATHS.find { |bad_path| req.fullpath ~= bad_path }

    if bad_request
      raise ActionController::BadRequest
    else
      @app.call(env)
    end
  end
end

This raises an ActionController::BadRequest exception, but you can redirect or do whatever else makes sense within the context of your application. 这会引发一个ActionController::BadRequest异常,但是您可以在应用程序的上下文中重定向或执行其他有意义的操作。 You'll need to make sure to register the middleware within your application config file inside the config block like by calling config.middleware.use FilterBadRequest 您需要确保在config块内的应用程序配置文件中注册中间件,例如通过调用config.middleware.use FilterBadRequest

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Rails 6 中的 Rack-Cors Gem 不允许发布请求 - Rack-Cors Gem in Rails 6 Not Allowing Post Requests 导轨,机架宝石错误 - Rails, error in rack gem 在Rails中使用Rack gem - Using Rack gem in Rails Rails机架攻击宝石油门 - Rails rack attack gem throttle 在Rails上使用rack-timeout gem - Using rack-timeout gem on Rails Rack:cors gem没有为GET请求设置cors头 - Rack:cors gem not setting cors header for GET requests 如何从gem中添加机架中间件到rails应用程序 - How to add rack middleware to rails app from gem 在Bundler的Rails项目中正确使用宝石中的Rack中间件的正确方法 - Proper way to use a Rack middleware from a gem in a Rails project with Bundler 尝试Facebook Oauth2演示时Rails机架宝石冲突 - Rails rack gem conflicting when trying a Facebook Oauth2 demo 对于Rails,为什么Gem Devise是基于机架的呢? - For Rails, why does it matter that the Gem Devise is Rack-based?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM