bump version to 6.1, add #cloudfront? docs

CHANGELOG.md

@@ -3,6 +3,9 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+## [6.1.0]
+- Add cloudflare? method to determine if request passed through CF (https://github.com/modosc/cloudflare-rails/pull/149)
+
 ## [6.0.0] - 2024-06-12
 - Drop support for `rails` version `6.1` and `7.0`, new minimum version is `7.1.0` (https://github.com/modosc/cloudflare-rails/pull/142)
 - Bump minimum ruby version to `3.1.0` in preparation for `rails` version `7.2` (https://github.com/modosc/cloudflare-rails/pull/142)

README.md

@@ -1,5 +1,5 @@
 # CloudflareRails [![Gem Version](https://badge.fury.io/rb/cloudflare-rails.svg)](https://badge.fury.io/rb/cloudflare-rails)
-This gem correctly configures Rails for [CloudFlare](https://www.cloudflare.com) so that `request.remote_ip` / `request.ip` both work correctly.
+This gem correctly configures Rails for [CloudFlare](https://www.cloudflare.com) so that `request.remote_ip` / `request.ip` both work correctly. It also exposes a `#cloudflare?` method on `Rack::Request`.
 
 ## Rails Compatibility
 
@@ -14,7 +14,6 @@ This gem requires `railties`, `activesupport`, and `actionpack` >= `7.1`. For ol
 | 5.1             | 2.0.0                      |
 | 5.0             | 2.0.0                      |
 | 4.2             | 0.1.0                      |
-| -----           | -------                    |
 
 ## Installation
 
@@ -48,13 +47,31 @@ Unfortunately this does not fix `request.ip`. This method comes from the [Rack::
 
 These issues are why this gem patches both `Rack::Request::Helpers` and `ActionDispatch::RemoteIP` rather than using the built-in configuration methods.
 
+## Prerequisites
+You must have a [`cache_store`](https://guides.rubyonrails.org/caching_with_rails.html#configuration) configured in your `rails` application.
+
 ## Usage
-You can configure the HTTP `timeout` and `expires_in` cache parameters inside of your rails config:
+You can configure the HTTP `timeout` and `expires_in` cache parameters inside of your `rails` config:
 ```ruby
 config.cloudflare.expires_in = 12.hours # default value
 config.cloudflare.timeout = 5.seconds # default value
 ```
 
+## Blocking non-Cloudflare traffic
+You can use the `#cloudfront?` method from this gem to block all non-Cloudflare traffic to your application. Here's an example of doing this with [`Rack::Attack`](https://github.com/rack/rack-attack):
+```ruby
+  Rack::Attack.blocklist('CloudFlare WAF bypass') do |req|
+    !req.cloudflare?
+  end
+```
+Note that the request may optionally pass through additional trusted proxies, so it will return true for any of these scenarios:
+
+ * `REMOTE_ADDR: CloudFlare`
+ * `REMOTE_ADDR: trusted_proxy`, `X_HTTP_FORWARDED_FOR: CloudFlare`
+ * `REMOTE_ADDR: trusted_proxy`, `X_HTTP_FORWARDED_FOR: trusted_proxy2,CloudFlare,...`
+
+but it will return false if CloudFlare comes after the trusted prefix of `X-Forwarded-For`.
+
 ## Alternatives
 
 [actionpack-cloudflare](https://github.com/customink/actionpack-cloudflare) simpler approach using the `CF-Connecting-IP` header.

lib/cloudflare_rails/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module CloudflareRails
-  VERSION = '6.0.0'
+  VERSION = '6.1.0'
 end