Ahoy
Rack::Attack
Our great sponsors
Ahoy | Rack::Attack | |
---|---|---|
15 | 13 | |
4,061 | 5,467 | |
- | 0.5% | |
7.5 | 7.1 | |
2 days ago | 19 days ago | |
Ruby | Ruby | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Ahoy
-
Ahoy Captain: a full-featured, mountable analytics dashboard
A full-featured, mountable analytics dashboard for your Rails app, which is a blatant rip-off of heavily inspired by Plausible Analytics, powered by Ahoy. Open source, though lots of changing parts: https://github.com/joshmn/ahoy_captain
-
Best rails tools to automatically handle logging of things like all a user's actions, or changes to a record in a module - primarily for audit purposes.
For logging which functions were used you can use ahoy
-
How would you build an audit log in Rails for a high-throughput API?
Ahoy may be worth a try https://github.com/ankane/ahoy
-
Italian watchdog bans use of Google Analytics
I've slowly started ripping Google Analytics out of my Rails projects and replacing it with https://github.com/ankane/ahoy.
It's so much better! I can just use SQL to see what's going in and not get overwhelmed with 100's of visualizations and complicated dashboards.
-
Cookie-based tracking is dead
I did server-side tracking test in a rails app, where I implemented a tracking gem called ahoy and blazer for visualization. It is very easy to set up, but a bit hard to use. Blazer can do a very basic visualization of the data if you know your SQL queries.
-
Rails application boilerplate for fast MVP development
ahoy, ahoy_email and blazer for business intelligence
-
Active Analytics Ruby Gem
This gem could be considered as a new alternative to Ahoy https://github.com/ankane/ahoy
-
The Ruby Unbundled Series: Track How Customers Use New Features
After starting Rails and logging in, we can use Blazer to see our user metrics. Browse to our mount point, which on my development environment is at http://localhost:3000/blazer. Querying the ahoy_visits table shows us relevant information about the user and their session. We can also save this query as a shortcut to run it again later. After browsing to the page twice, I ran the following query on the events table. It gave the following results. Note that both events come from the same visit, which is equivalent to a session. We have seen how to track events on the server-side. Now let's look at how to accomplish this from the frontend in Javascript. To do this, we need to enable the Ahoy api in the config/initializers/ahoy.rb file, as shown below. Note that Ahoy also supports geocoding so that you can see where your users are located. We will not explore that feature in this article, but it is a nice capability from a metrics perspective.
- Simple and Free Web Analytics
Rack::Attack
-
Rails Authentication for Compliance
The first line of defense should be to put rate-limiting on your login endpoints. rack-attack can help with that. I recommend to limit the login attempts to 5 per minute for a username and block the IP for 30 minutes. You should also limit the number of login attempts from the same IP address, but this needs to be adjusted to the application you are working on, because if it is a tool used in classrooms, it might be legit to have 50 logins within a few minutes from the same IP. (I have a few post written about rack-attack)
-
4 Essential Security Tools To Level Up Your Rails Security
Rack::Attack
- Huginn’s IP keeps getting blocked by Kickstarter
-
10 things I add to every Rails app
The final gem I like to include in all projects is rack-attack. This is a rate limiting tool which is great for throttling dangerous actions in your app to prevent bot attacks or other malicious users.
-
Rails application boilerplate for fast MVP development
rack-attack to prevent bruteforce and DDoS attacks
-
What is happening once you launch and open a Rails app to the real, wild web
https://github.com/rack/rack-attack#fail2ban
It's entirely normal and expected. If your site gets any traction, volume and sophistication of probing will only increase. I recommend starting by setting up Rack Attack (https://github.com/rack/rack-attack), that will help you block the bad actors for awhile, if the volume gets high enough you'll want to start blocking traffic upstream in reverse proxy or load balancing layer, depending on architecture.
What are some alternatives?
Impressionist - Rails Plugin that tracks impressions and page views
Metasploit - Metasploit Framework
Rack::Protection - NOTE: This project has been merged upstream to sinatra/sinatra
Legato - Google Analytics Reporting API Client for Ruby
active_analytics - First-party, privacy-focused traffic analytics for Ruby on Rails applications.
Staccato - Ruby library to perform server-side tracking into the official Google Analytics Measurement Protocol
rspec-rails - RSpec for Rails 6+
Gabba - Simple way to send server-side notifications to Google Analytics
Analytical
Rack::UTF8Sanitizer - Rack::UTF8Sanitizer is a Rack middleware which cleans up invalid UTF8 characters in request URI and headers.
The Chartable Ruby gem - A lightweight and database-level Ruby library to transform any Active Record query into analytics hash ready for use with any chart library.
BeEF - The Browser Exploitation Framework Project