"Beskar is a Rails engine that fills that gap with layered protection: WAF that detects vulnerability scanning patterns (WordPress, config files, path traversal) Impossible travel detection using geolocation and Haversine calculations Smart rate limiting that identifies attack patterns (brute force, credential stuffing, distributed attacks) Risk-based account locking with automatic responses Persistent IP banning with escalating durations Installation is deliberately simple - drop it in your Gemfile, run the installer, add one line to your User model. Runs in monitor-only mode by default so you can tune thresholds before blocking real traffic."
"Named after Mandalorian armor because security should come in layers. Installation is deliberately simple - drop it in your Gemfile, run the installer, add one line to your User model. Runs in monitor-only mode by default so you can tune thresholds before blocking real traffic. Full disclosure: mostly vibe-coded, currently running in monitor mode on my own app because I'm not quite paranoid enough to trust my own paranoia gem in full blocking mode yet. Open source, MIT licensed."
Beskar provides layered Rails security beyond basic authentication, combining a web application firewall, geolocation-based impossible-travel detection, smart rate limiting, risk-based account locking, and persistent IP banning. The WAF detects scanning patterns such as WordPress probes, config file requests, and path traversal attempts. Geolocation uses Haversine calculations to flag implausible logins. Rate limiting distinguishes brute-force, credential-stuffing, and distributed attacks. Account responses scale by risk, including automatic locks. Installation requires adding the gem, running an installer, and annotating the User model; default monitor-only mode enables threshold tuning before active blocking. The project is open source under the MIT license.
Read at Rubyflow
Unable to calculate read time
Collection
[
|
...
]