If we fail to unmask the remote IP for a request, the front end servers will pass the internal network’s address (10.0.0.0/8) to the unicorns. We want to add the internal IP address to Rack::Attack’s safe list to ensure these requests aren’t blocked.
This will be hot fixed on 0.9.267, but deployed in 0.9.268.
I am undoing the hot fix as I am seeing to many
I think I will need to use a lambda and step over that error
if I am right.
The follow up was hot fixed on production on December 21.
I am happy with this.