Tidy up homepage and navigation

2025-11-09 20:58:13 +11:00
parent c9e2992fe0
commit 1f4428348d
56 changed files with 2822 additions and 955 deletions
--- a/app/jobs/generate_waf_rules_job.rb
+++ b/app/jobs/generate_waf_rules_job.rb
@@ -3,21 +3,20 @@
 class GenerateWafRulesJob < ApplicationJob
  queue_as :waf_rules

-  def perform(project_id:, event_id:)
-    project = Project.find(project_id)
+  def perform(event_id:)
    event = Event.find(event_id)

    # Only analyze blocked events for rule generation
    return unless event.blocked?

    # Generate different types of rules based on patterns
-    generate_ip_rules(project, event)
-    generate_path_rules(project, event)
-    generate_user_agent_rules(project, event)
-    generate_parameter_rules(project, event)
+    generate_ip_rules(event)
+    generate_path_rules(event)
+    generate_user_agent_rules(event)
+    generate_parameter_rules(event)

-    # Notify project of new rules
-    project.broadcast_rules_refresh
+    # Broadcast rule updates globally
+    ActionCable.server.broadcast("rules", { type: "refresh" })

  rescue => e
    Rails.logger.error "Error generating WAF rules: #{e.message}"
@@ -26,30 +25,23 @@ class GenerateWafRulesJob < ApplicationJob

  private

-  def generate_ip_rules(project, event)
+  def generate_ip_rules(event)
    return unless event.ip_address.present?

    # Check if this IP has multiple violations
-    violation_count = project.events
+    violation_count = Event
      .by_ip(event.ip_address)
      .blocked
      .where(timestamp: 24.hours.ago..Time.current)
      .count

-    # Auto-block IPs with 10+ violations in 24 hours
-    if violation_count >= 10 && !project.blocked_ips.include?(event.ip_address)
-      project.add_ip_rule(
-        event.ip_address,
-        'block',
-        expires_at: 7.days.from_now,
-        reason: "Auto-generated: #{violation_count} violations in 24 hours"
-      )
-
-      Rails.logger.info "Auto-blocked IP #{event.ip_address} for project #{project.slug}"
+    # Log high-violation IPs - no automatic blocking without projects
+    if violation_count >= 10
+      Rails.logger.info "IP with high violation count: #{event.ip_address} (#{violation_count} violations in 24 hours)"
    end
  end

-  def generate_path_rules(project, event)
+  def generate_path_rules(event)
    return unless event.request_path.present?

    # Look for repeated attack patterns on specific paths
@@ -65,7 +57,7 @@ class GenerateWafRulesJob < ApplicationJob
    end
  end

-  def generate_user_agent_rules(project, event)
+  def generate_user_agent_rules(event)
    return unless event.user_agent.present?

    # Look for malicious user agents
@@ -81,7 +73,7 @@ class GenerateWafRulesJob < ApplicationJob
    end
  end

-  def generate_parameter_rules(project, event)
+  def generate_parameter_rules(event)
    params = event.query_params
    return unless params.present?