Menu
To avoid abuse I'd like to add rate limiting to the REST API in our Rails application. After doing a bit of research into this it looks like the best practice is to move this responsibility into the web server rather than checking for this in the application itself. Unfortunately this can't be done in my case as I'm hosting the application on Heroku and so have no control over the web server set up.
What should be done in this case to stop abuse of the API?
276
I think what you are looking for is the rack-throttle or rack-attack gem. Both of them allow throttling and the rack-attack gem also allows you to time people out for a certain period of time and block certain IP addresses if they are multiple time offenders or for whatever other reason you would want to block requesters.
60
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
