Class: Rails::Guarddog::Checkers::RateLimitChecker

Inherits:
BaseChecker
  • Object
show all
Defined in:
lib/rails/guarddog/checkers/rate_limit_checker.rb

Instance Attribute Summary

Attributes inherited from BaseChecker

#findings

Instance Method Summary collapse

Methods inherited from BaseChecker

#initialize

Constructor Details

This class inherits a constructor from Rails::Guarddog::Checkers::BaseChecker

Instance Method Details

#runObject 



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
 
# File 'lib/rails/guarddog/checkers/rate_limit_checker.rb', line 5

def run
  config_file = File.join(@root, 'config/initializers/rack_attack.rb')
  
  if !File.exist?(config_file)
    add_finding(
      severity: :medium,
      message: "Rate limiting not configured: rack_attack.rb missing",
      file: config_file,
      line: 1,
      remediation: "Create config/initializers/rack_attack.rb with rate limiting rules"
    )
  else
    content = File.read(config_file)
    unless content.include?('throttle') && (content.include?('login') || content.include?('api'))
      add_finding(
        severity: :medium,
        message: "Rate limiting rules not configured for critical endpoints",
        file: config_file,
        line: 1,
        remediation: "Add throttle rules for /login, /api/auth, /password_reset"
      )
    end
  end
  findings
end