Merge pull request #59 from Wafris/add-time-limit-to-request-processing

Add time limit to request processing
Wafris · Nov 22, 2023 · e1b58a5 · e1b58a5
2 parents d7f67cc + aab9b45
commit e1b58a5
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 7 deletions.
diff --git a/.github/workflows/rails-wafris-client-testing.yml b/.github/workflows/rails-wafris-client-testing.yml
@@ -20,7 +20,6 @@ jobs:
           - 6379:6379
     env:
       RAILS_ENV: test
-      DATABASE_URL: "sqlite3:///tmp/db.sqlite3"
     steps:
       - name: Checkout code
         uses: actions/checkout@v3
@@ -29,9 +28,6 @@ jobs:
         uses: ruby/setup-ruby@55283cc23133118229fd3f97f9336ee23a179fcf # v1.146.0
         with:
           bundler-cache: true
-      # Add or replace database setup steps here
-      - name: Set up database schema
-        run: bin/rails db:schema:load
       # Add or replace test runners here
       - name: Run tests
-        run: bin/rake
+        run: bundle exec rake
diff --git a/docs/wafris-initalizer.md b/docs/wafris-initalizer.md
@@ -27,7 +27,19 @@ end
 
 ## 4. Modify the url to point to your Redis instance
 
-## 5. Manage SSL/TLS Redis connections
+## 5. Add timeout for request processing
+
+In instances where the Redis instance is hitting max memory performance of Wafris can suffer. As an added guard to your applications performance we recommend setting the Redis `timeout` to 250 miliseconds. You can set it to something smaller but you will potentially lose request data in your Redis instance.
+```ruby
+Wafris.configure do |c|
+    c.redis = Redis.new(
+      url: ENV['PUT_YOUR_REDIS_URL_HERE'],
+      timeout: 0.25
+    )
+end
+```
+
+## 6. Manage SSL/TLS Redis connections
 
 If you're using a self-signed certificate or a certificate that is not trusted by the Ruby runtime you'll need to add the following to your initializer:
 
@@ -42,7 +54,7 @@ end
 
 **Note:** this does not disable SSL on the connection (the data is still encrypted in flight), it disables the verfication of the certificate. For instance, Heroku uses a self-signed certificate for their Redis instances and you'll need to add this to your initializer to connect.
 
-## 6. Configure the Redis connection pool
+## 7. Configure the Redis connection pool
 
 By default Wafris will create a connection pool of 10 connections to your Redis instance. If you need to tune this you can add the following to your initializer:
 

diff --git a/lib/wafris/middleware.rb b/lib/wafris/middleware.rb
@@ -34,6 +34,11 @@ def call(env)
         )
         [403, {}, ['Blocked']]
       end
+    rescue Redis::TimeoutError
+      LogSuppressor.puts_log(
+        "[Wafris] Wafris timed out during processing. Request passed without rules check."
+      )
+      @app.call(env)
     rescue StandardError => e
       LogSuppressor.puts_log(
         "[Wafris] Redis connection error: #{e.message}. Request passed without rules check."

diff --git a/test/configuration_test.rb b/test/configuration_test.rb
@@ -35,6 +35,7 @@ module Wafris
       it "sets the waf settings in Redis" do
         redis_mock = Minitest::Mock.new
         redis_mock.expect(:hset, true, ['waf-settings', 'version', Wafris::VERSION, 'client', 'ruby', 'maxmemory', 25])
+        redis_mock.expect(:connection, { host: 'localhost' })
 
         @config.redis = redis_mock
         @config.create_settings