Not working in production (memcache via dalli)

[2called-chaos]

I think I'm missing something important. On our staging server (default cache) rack attack is working properly as well as in development. In production however we use the "mem_cache_store" via dalli.

We use the cache method in our views a lot and from that I can tell that caching is performed and persistent. Rack attack however doesn't work (none of the rules). The Fail2Ban rule does block the request but does not ban the IP.

This is our environment:

rack-attack (4.1.0)
dalli (2.7.2)

# production env
config.cache_store = :mem_cache_store

# rack attack config
unless Rails.env.test?
  Rack::Attack.throttle('account public post throttle', limit: 15, period: 10.minutes) do |req|
    req.ip if req.post? && %w[/account/login /account/password].include?(req.path)
  end
end

Rack::Attack.blacklist('fail2ban pentesters') do |req|
  # Substitute Fail2Ban with Allow2Ban to allow these requests until limit reached.
  Rack::Attack::Fail2Ban.filter(req.ip, maxretry: 3, findtime: 15.minutes, bantime: 30.minutes) do
    # The count for the IP is incremented if the return value is truthy.
    [
      CGI.unescape(req.query_string).include?("/etc/passwd"),
      CGI.unescape(req.query_string).include?("../.."),
    ].any?{|s| s }
  end
end

Any ideas what I may have missed here?

[ktheory]

config.cache_store = :mem_cache_store

That seems unusual. With the Dalli memcache library, it's conventional to use

config.cache_store = :dalli_store

It's probably simple change (and performance win) to use :dalli_store in your app. :mem_cache_store is untested with Rack::Attack. If you'd like to add support, I'd welcome a PR. But try :dalli_store first. :smile:

[2called-chaos]

Thank you very much, it was indeed that setting. Curiously the app refused to start without dalli even though :mem_cache_store was given.