I took a quick look at the code and it looks like it doesn't do much. It mainly supports whitelist and blacklist of IP addresses. Although it may not be so strong that you succeed, you will probably be better off doing this query analysis in the Rack middleware, that is, before it even gets into Rails request processing.
That being said, I do not like the fact that it will synchronize every 5 minutes DURING the processing of this request. That is, it blocks the current request when it re-synchronizes its set of rules and lists. This means that you are at the mercy of the Detrusion.com team to maintain your site / API. Therefore, when they go down, you go down.
Although this is not the case in real time, I would feel more comfortable so that the update process is not connected. Perhaps you are storing the rules / lists in a flat file or local database (Redis will be perfect) that you load when the application starts. Then you have a frequent cron that reloads the ruleset from Detrusion and writes it locally.
Something like that. Just something to reverse the request processing from the Detrusion API check.