No DDoS protection

[gameFace22]

There is no DDoS protection in the sites which are hosted with GG. To test, https://github.com/grafov/hulk/blob/master/hulk.py

[pwnfoo]

I'll work on this :)

[rohitpaulk]

@gameFace22 - What kind of protection are you thinking of? Wouldn't such logic be external to the application code?

[sarupbanskota]

@rohitpaulk while I felt the same way (it seems more like an infra concern that OpenShift's interface with Ruby should deal with), I came across this https://github.com/kickstarter/rack-attack after some looking around.

@sachinkamath if you're taking them up, just remember to work off a separate security feature branch. We're likely to add some work to the project in the next few days, so we wouldn't want to lose direction :)

@gameFace22, thanks for pointing these out and keep 'em coming!

[pwnfoo]

We can probably cut down the number of page requests from a specific IP using this gem. The source code is here. Correct me if I'm wrong.