Is it possible to activate before Rails' force_ssl?

[dogweather]

Rack Attack works great with Rails. I'm finding, though, that I'm responding to most attack requests twice: first, my rails stack redirects it to https, then Rack Attack denies it.

So, with config.force_ssl = true in Rails, would there be a way for Rack Attack to filter first, before any redirects to https? Maybe setting it up lower in the stack? I'd like to clean up my logs, and also not spend time on these (known) attack requests.