rack-smack 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: caa16a9a96c5b7e93b65202887ad6d85f1208c16
+  data.tar.gz: 60f6f861038536c62a39351710c0ee236a29f613
+SHA512:
+  metadata.gz: 6e6e8bcff5b2a4684305fb8e39fb2b3cd9824dde306b1b76f19b7e697796ae8d266829c27ec6770cbd2ff4de4a6200b42f9c642d44c6279935e2cc7d1438e903
+  data.tar.gz: 5c09bf8cd44898f7537bff1bdcb27fac29c0115dec37a1ba1ffe3fa023bfa1ad43b744f0012e2d4269168bab29ee8c0feb4186a9f22b8b1a5151316aaebc6716

data/.gitignore

@@ -0,0 +1,11 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.txt
+.DS_Store

data/.travis.yml

@@ -0,0 +1,5 @@
+sudo: false
+language: ruby
+rvm:
+  - 2.3.0
+before_install: gem install bundler -v 1.15.1

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in rack-smack.gemspec
+gemspec

data/README.md

@@ -0,0 +1,30 @@
+# Rack::Smack
+
+A no-nonsense force of good in a world of bad. Will prevent malicious bots/users from accessing your content once they are caught red-handed.
+
+## Usage
+Require `smack.rb` where you need it and the slide it into your middleware stack:
+
+```
+use Rack::Smack
+```
+
+## Options
+`file`  for filename storing the bad guys  
+`list`  for the list of keywords you want to ban on  
+`asset` for the list of keywords where you want to skip checking  
+
+### Example with options
+```
+use Rack::Smack file: 'bad_guys.txt', list: ['wp', 'wordpress', php', 'admin']
+```
+
+## Defaults
+|Option|Value|
+|-|-|
+|file|'./ban_list.txt'|
+|list|['wp', 'wordpress', 'xmlrpc', 'sfn']|
+|asset|['css', 'gif', 'jpg', 'jpeg', 'js', 'png', 'ico', 'txt']| 
+
+## Want to understand?
+[Code overview](https://alessandrominali.github.io/block_malicious_users_with_rack_app)

data/Rakefile

@@ -0,0 +1,8 @@
+require 'bundler/gem_tasks'
+
+task default: :test
+
+desc 'Run tests'
+task :test do
+  sh 'rspec spec/rack/*'
+end

data/lib/rack-smack.rb

@@ -0,0 +1 @@
+require 'rack/smack'

data/lib/rack/smack.rb

@@ -0,0 +1,49 @@
+require 'rack/smack/version'
+
+module Rack
+  # don't cross me boy
+  class Smack
+    ASSET    = %w[css gif jpg jpeg js png ico txt].freeze
+    BLOCKED  = %w[wp wordpress xmlrpc sfn].freeze
+    FILENAME = './ban_list.txt'.freeze
+
+    def initialize(app, opts = {})
+      @app     = app
+      @asset   = opts.delete(:asset) || ASSET
+      @blocked = opts.delete(:list)  || BLOCKED
+      @file    = opts.delete(:file)  || FILENAME
+      raise TypeError        unless options_valid?
+      IO.write(FILENAME, '') unless ::File.file?(@file)
+    end
+
+    def call(env)
+      @req = Rack::Request.new(env)
+      return @app.call(env) if @asset.include? @req.path.split('.')[-1]
+      return smack          if banned?
+      return ban!           if @blocked.any? { |block| @req.path.index(block) }
+      @app.call(env)
+    end
+
+    private
+
+    def ban!
+      IO.write(@file, "#{@req.ip},#{@req.path},#{Time.now}\n", mode: 'a')
+      smack
+    end
+
+    def banned?
+      IO.foreach(@file) do |row|
+        return true if row.split(',')[0] == @req.ip
+      end
+      false
+    end
+
+    def options_valid?
+      @blocked.is_a?(Array) && @asset.is_a?(Array) && @file.is_a?(String)
+    end
+
+    def smack
+      [403, { 'Content-Type' => 'text/html' }, ['Banned.']]
+    end
+  end
+end

data/lib/rack/smack/version.rb

@@ -0,0 +1,5 @@
+module Rack
+  class Smack
+    VERSION = '1.0.0'.freeze
+  end
+end

data/rack-smack.gemspec

@@ -0,0 +1,29 @@
+# coding: utf-8
+
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'rack/smack/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'rack-smack'
+  spec.version       = Rack::Smack::VERSION
+  spec.authors       = ['AlessandroMinali']
+  spec.email         = ['alessandro.minali@gmail.com']
+
+  spec.summary       = 'A no-nonsense force of good in a world of bad. Will prevent malicious bots/users from accessing your content once they are caught red-handed.'
+  spec.homepage      = 'https://github.com/AlessandroMinali/rack-smack'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+
+  spec.add_development_dependency 'bundler', '~> 1.15'
+  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rspec', '~> 3.2'
+  spec.add_development_dependency 'rack-test'
+  spec.add_development_dependency 'pry'
+end

metadata

@@ -0,0 +1,125 @@
+--- !ruby/object:Gem::Specification
+name: rack-smack
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- AlessandroMinali
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2017-09-12 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.15'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.15'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 
+email:
+- alessandro.minali@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".travis.yml"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/rack-smack.rb
+- lib/rack/smack.rb
+- lib/rack/smack/version.rb
+- rack-smack.gemspec
+homepage: https://github.com/AlessandroMinali/rack-smack
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.12
+signing_key: 
+specification_version: 4
+summary: A no-nonsense force of good in a world of bad. Will prevent malicious bots/users
+  from accessing your content once they are caught red-handed.
+test_files: []