Cavemanon/haproxy-protection
8
Fork 0
mirror of https://gitgud.io/fatchan/haproxy-protection.git synced 2025-05-09 02:05:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

combine POW and captcha into one

Browse Source
This commit is contained in:
Thomas Lynch
2021-11-24 05:17:06 +11:00
parent 5c7e796440
commit 9f26e53798
10 changed files with 3088 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
haproxy/haproxy.cfg
View File

@ -15,13 +15,19 @@ frontend http-in
bind *:80
acl ddos_mode_enabled hdr_cnt(xr3la1rfFc) eq 0
acl domain_under_ddos hdr(host) -i -f /usr/local/etc/haproxy/domains_under_ddos.txt
acl pow_passed var(txn.pow_passed) -m bool
acl captcha_passed var(txn.captcha_passed) -m bool
acl on_captcha_url path -m beg /bot-check
acl is_excluded path_end -i .js .ico
use_backend servers if is_excluded
http-request use-service lua.hcaptcha-view if on_captcha_url
http-request lua.hcaptcha-redirect if !on_captcha_url ddos_mode_enabled OR domain_under_ddos
http-request redirect location /bot-check?%[capture.req.uri] code 302 if !captcha_passed !on_captcha_url ddos_mode_enabled OR domain_under_ddos
http-request use-service lua.hcaptcha-view if on_captcha_url !is_excluded
http-request lua.hcaptcha-check if !is_excluded !on_captcha_url ddos_mode_enabled
http-request lua.pow-check if !is_excluded !on_captcha_url ddos_mode_enabled
http-request redirect location /bot-check?%[capture.req.uri] code 302 if !captcha_passed !on_captcha_url ddos_mode_enabled !is_excluded OR !pow_passed !on_captcha_url ddos_mode_enabled !is_excluded
default_backend servers