Cavemanon/Nginx-Lua-Anti-DDoS
8
Fork 0
mirror of https://github.com/C0nw0nk/Nginx-Lua-Anti-DDoS.git synced 2023-12-14 04:31:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update anti_ddos_challenge.lua

Browse Source 
Improve security on header making it unique to each individual client/user that visits the website.
This commit is contained in:
C0nw0nk
2019-08-25 23:50:50 +01:00
committed by GitHub
parent 1596b5c177
commit 655b82f49c
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lua/anti_ddos_challenge.lua
View File

@ -231,8 +231,8 @@ end
local answer = calculate_signature(remote_addr) --create our encrypted unique identification for the user visiting the website.
if x_auth_header == 2 then --GET request
x_auth_header_name = calculate_signature(os.date("%Y%m%d",os.time()-24*60*60)):gsub("_","") --make the header todays date encrypted so every 24 hours this will change and can't be guessed by bots gsub because header bug with underscores so underscore needs to be removed
if x_auth_header == 2 then --if x-auth-header is dynamic
x_auth_header_name = calculate_signature(remote_addr .. os.date("%Y%m%d",os.time()-24*60*60)):gsub("_","") --make the header unique to the client and for todays date encrypted so every 24 hours this will change and can't be guessed by bots gsub because header bug with underscores so underscore needs to be removed
end
--[[