Go back to throttling as allow2ban is too strict

ujh · Jan 26, 2025 · c7261d2 · c7261d2
1 parent 4232f0f
commit c7261d2
Showing 1 changed file with 2 additions and 13 deletions.
diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb
@@ -23,19 +23,8 @@
   "mastodon" if request.user_agent =~ /mastodon/i
 end
 
-# Blocklist for misbehaving clients. The IP gets banned for 1 hour after 120 requests in 1 minute.
-Rack::Attack.blocklist("blocklist for misbehaving clients v2") do |request|
-  Rack::Attack::Allow2Ban.filter(
-    request.ip,
-    maxretry: 120,
-    findtime: 1.minute,
-    bantime: 1.hour
-  ) do
-    !(
-      request.path.starts_with?("/admins") ||
-        request.path.starts_with?("/assets")
-    )
-  end
+Rack::Attack.throttle("general", limit: 240, period: 2.minutes) do |request|
+  request.ip unless request.path.starts_with?("/admins")
 end
 
 # Block misbehaving bots