Skip to content

v4.4.10

Latest
Latest
Compare
Choose a tag to compare
@srappel srappel released this 16 Jun 17:00
v4.4.10
640bb60
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

AGSL GeoDiscovery v4.4.10

Add Turnstile Bot Protection with bot_challenge_page

This PR integrates the bot_challenge_page gem to mitigate scraping and bot traffic against GeoDiscovery's catalog.

Summary

  • Added bot_challenge_page and rack-attack to the Gemfile
  • Configured bot challenge in ApplicationController
  • Mounted the engine and challenge route in routes.rb
  • Created initializer to:
    • Enable Turnstile using ENV-based keys
    • Rate-limit CatalogController#index
    • Exempt facet JS requests and safelisted IPs
  • Added Universities of Wisconsin IP ranges to config.yml (currently unused as being set by .env for now)
  • Updated Capistrano config to symlink .env.production from shared/ instead of copying the example file

This work aligns with work implemented by Stanford. It helps prevent abusive traffic while allowing campus networks and public search engines to browse without unnecessary friction.

Assets 2
Loading