Class: Aikido::Zen::AttackWave::Detector

Inherits:

Object

Object
Aikido::Zen::AttackWave::Detector

show all

Defined in:: lib/aikido/zen/attack_wave.rb

Instance Method Summary collapse

#attack_wave?(context) ⇒ Boolean
#initialize(config: Aikido::Zen.config, clock: nil) ⇒ Detector constructor

A new instance of Detector.

Constructor Details

#initialize(config: Aikido::Zen.config, clock: nil) ⇒ `Detector`

Returns a new instance of Detector.

# File 'lib/aikido/zen/attack_wave.rb', line 9

def initialize(config: Aikido::Zen.config, clock: nil)
  @config = config

  @event_times = Cache.new(@config.attack_wave_max_cache_entries, ttl: @config.attack_wave_min_time_between_events, clock: clock)

  @request_counts = Cache.new(@config.attack_wave_max_cache_entries, 0, ttl: @config.attack_wave_min_time_between_requests, clock: clock)
end

Instance Method Details

#attack_wave?(context) ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/aikido/zen/attack_wave.rb', line 17

def attack_wave?(context)
  client_ip = context.request.client_ip

  return false unless client_ip

  return false if @event_times[client_ip]

  return false unless AttackWave::Helpers.web_scanner?(context)

  request_count = @request_counts[client_ip] += 1

  return false if request_count < @config.attack_wave_threshold

  @event_times[client_ip] = Time.now.utc

  true
end

Class: Aikido::Zen::AttackWave::Detector

Instance Method Summary collapse

Constructor Details

#initialize(config: Aikido::Zen.config, clock: nil) ⇒ Detector

Instance Method Details

#attack_wave?(context) ⇒ Boolean

#initialize(config: Aikido::Zen.config, clock: nil) ⇒ `Detector`

#attack_wave?(context) ⇒ `Boolean`