Firewool, a firewalling gem for rails 3
I just published firewool, a rails 3 firewall in sheep’s clothing. It lets you specify IPs you want allowed and blocked with a filter. So you can restrict IP access to controller actions and therefore, URLs. There are more ideas of usage in the README.
Comments
Nice, been looking for something like this. But would like to see something have better support for dynamic IPs (common in today’s mobile world). Maybe prompt for auth if new browser. Once auth passed set permanent cookie so future requests do not prompt. This would help people on dynamic IPs.
Also surprised to see this as a Rails add-on. Seems like a perfect use case for rack middleware. Then can be used with any framework.
The cookie thing isn’t a bad idea except I don’t want to replace devise/etc. Dynamic IPs are screwed on firewalls, just like with firewool. You have to add all possible ones or just block bad ones (like country ranges, spammers or annoying people you see in your logs).
I’ll look into the rack suggestion.
Post a comment