Cavemanon/Nginx-Lua-Anti-DDoS
8
Fork 0
mirror of https://github.com/C0nw0nk/Nginx-Lua-Anti-DDoS.git synced 2023-12-14 04:31:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update anti_ddos_challenge.lua

Browse Source 
Fix expire_time description to show correct default time of 1 day.

Fix cookie bug when Javascript was setting a cookie it was setting a cookie of 'now' instead of the set config of expire_time into the future when the cookie should expire.

Added the challenge cookie to the headers set by grant_access function to update the cookie set by Javascript since the time stamp on the cookie would be out of sync with the other cookies otherwise this was all cookies will be updated and set/kept with the same time stamps.
This commit is contained in:
C0nw0nk
2019-08-25 21:00:22 +01:00
committed by GitHub
parent d8b3a4b1a9
commit cabdbaa093
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lua/anti_ddos_challenge.lua
View File

@ -76,7 +76,7 @@ One month: 2628000
One year: 31536000
Ten years: 315360000
]]
local expire_time = 86400--2592000 -- +1 month 30 days
local expire_time = 86400 --One day
--[[
The type of javascript based pingback authentication method to use if it should be GET or POST or can switch between both making it as dynamic as possible.
@ -252,6 +252,7 @@ local function grant_access()
--ngx.log(ngx.ERR, "x-auth-answer result | "..req_headers["x-auth-answer"]) --output x-auth-answer to log
if req_headers["x-auth-answer"] == JavascriptPuzzleVars_answer then --if the answer header provided by the browser Javascript matches what our Javascript puzzle answer should be
ngx.header["Set-Cookie"] = { --set our cookies granting the user temporary access to the website
challenge.."="..cookie_value.."; path=/; domain=." .. domain .. "; expires=" .. ngx.cookie_time(currenttime+expire_time) .. "; Max-Age=" .. expire_time .. ";", --apply our uid cookie incase javascript setting this cookies time stamp correctly has issues
cookie_name_start_date.."="..ngx.cookie_time(currenttime).."; path=/; domain=." .. domain .. "; expires=" .. ngx.cookie_time(currenttime+expire_time) .. "; Max-Age=" .. expire_time .. ";", --start date cookie
cookie_name_end_date.."="..ngx.cookie_time(currenttime+expire_time).."; path=/; domain=." .. domain .. "; expires=" .. ngx.cookie_time(currenttime+expire_time) .. "; Max-Age=" .. expire_time .. ";", --end date cookie
cookie_name_encrypted_start_and_end_date.."="..calculate_signature(remote_addr .. ngx.cookie_time(currenttime) .. ngx.cookie_time(currenttime+expire_time) ).."; path=/; domain=." .. domain .. "; expires=" .. ngx.cookie_time(currenttime+expire_time) .. "; Max-Age=" .. expire_time .. ";", --start and end date combined to unique id
@ -354,7 +355,7 @@ local javascript_anti_ddos = [[
var time = now.getTime();
time += 300 * 1000;
now.setTime(time);
document.cookie = ']] .. challenge .. [[=]] .. answer .. [[' + '; expires=' + now.toUTCString() + '; domain=.]] .. domain .. [[; path=/';
document.cookie = ']] .. challenge .. [[=]] .. answer .. [[' + '; expires=' + ']] .. ngx.cookie_time(currenttime+expire_time) .. [[' + '; domain=.]] .. domain .. [[; path=/';
//javascript puzzle for browser to figure out to get answer
]] .. JavascriptVars_opening .. [[
]] .. JavascriptPuzzleVariable .. [[