emly/api-golang
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

silently drop connections for banned IPs in rate limiting
All checks were successful
Build & Publish Docker Image / build-and-push (push) Successful in 1m22s
Details

Browse Source
This commit is contained in:
Flavio Fois
2026-03-25 11:17:37 +01:00
parent 4fb3290cf6
commit 858b0642d9
1 changed files with 3 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
internal/middleware/ratelimit.ban.go
View File

@@ -125,12 +125,11 @@ func (rl *RateLimiter) Handler(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
ip := rl.getIP(r) ip := rl.getIP(r)
// Check active ban // Drop connection silently if IP is banned
if unbanAt, banned := rl.banned.Load(ip); banned { if unbanAt, banned := rl.banned.Load(ip); banned {
if time.Now().Before(unbanAt.(time.Time)) { if time.Now().Before(unbanAt.(time.Time)) {
w.Header().Set("Retry-After", unbanAt.(time.Time).Format(time.RFC1123)) log.Printf("[RATE-LIMIT] IP %s dropped (banned until %s, path: %s)", ip, unbanAt.(time.Time).Format(time.RFC1123), r.URL.Path)
http.Error(w, "too many requests - temporarily banned", http.StatusForbidden) panic(http.ErrAbortHandler)
return
} }
rl.banned.Delete(ip) rl.banned.Delete(ip)
} }