Ensure that the internal IP addresses are never blocked by Rack::Attack.

Description

If we fail to unmask the remote IP for a request, the front end servers will pass the internal network’s address (10.0.0.0/8) to the unicorns. We want to add the internal IP address to Rack::Attack’s safe list to ensure these requests aren’t blocked.

Activity

Show:
Sarken
December 20, 2019, 9:58 PM

This will be hot fixed on 0.9.267, but deployed in 0.9.268.

Sarken
December 21, 2019, 2:49 AM

james_ 18:20

I am undoing the hot fix as I am seeing to many

I think I will need to use a lambda and step over that error

if I am right.

Sarken
December 23, 2019, 2:32 AM
Edited

The follow up was hot fixed on production on December 21.

james_
January 8, 2020, 10:17 PM

I am happy with this.

DeployedToBeta

Assignee

james_

Reporter

james_

Roadmap

Misc

Priority

Highest

Affects versions

Fix versions

Components

BackEnd

Difficulty

Medium

Milestone

Internal 0.9
Configure