From 3b56350121998abb249f14a45c656c2655d6344e Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Sat, 24 Sep 2016 13:53:54 +0200
Subject: [PATCH] Fix #6 - Rate limit GET reqs to 300/5min, POST to 100/5min

---
 config/initializers/rack-attack.rb | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/config/initializers/rack-attack.rb b/config/initializers/rack-attack.rb
index 15fc6b351d..fb447685bf 100644
--- a/config/initializers/rack-attack.rb
+++ b/config/initializers/rack-attack.rb
@@ -1,5 +1,9 @@
 class Rack::Attack
-  throttle('req/ip', limit: 300, period: 5.minutes) do |req|
-    req.ip
+  throttle('get-req/ip', limit: 300, period: 5.minutes) do |req|
+    req.ip if req.get?
+  end
+
+  throttle('post-req/ip', limit: 100, period: 5.minutes) do |req|
+    req.ip if req.post?
   end
 end