Cavemanon/haproxy-protection
8
Fork 0
mirror of https://gitgud.io/fatchan/haproxy-protection.git synced 2025-05-09 02:05:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add functionality to check if a domain is ratelimited

Browse Source
This commit is contained in:
Eugene Prodan
2021-06-08 23:11:21 +03:00
parent bda2f31996
commit d2137f445e
3 changed files with 23 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
scripts/hcaptcha.lua
View File

@ -7,6 +7,8 @@ local utils = require("utils")
local cookie = require("cookie") local cookie = require("cookie")
local floating_hash = utils.get_floating_hash() local floating_hash = utils.get_floating_hash()
local maximun_requests_per_expire = 5
function hcaptcha.view(applet) function hcaptcha.view(applet)
local hcaptcha_secret = os.getenv("HCAPTCHA_SECRET") local hcaptcha_secret = os.getenv("HCAPTCHA_SECRET")
local hcaptcha_sitekey = os.getenv("HCAPTCHA_SITEKEY") local hcaptcha_sitekey = os.getenv("HCAPTCHA_SITEKEY")
@ -53,17 +55,27 @@ function hcaptcha.view(applet)
end end
function hcaptcha.check_captcha_status(txn) function hcaptcha.check_captcha_status(txn)
print("CAPTCHA STATUS CHECK START") local host = txn.sf:hdr("Host")
local raw_request_cookies = txn.sf:hdr("Cookie") local current_requests_count = client:llen(host)
local parsed_request_cookies = cookie.get_cookie_table(raw_request_cookies)
print("RECEIVED SECRET COOKIE: ", parsed_request_cookies["z_ddos_protection"]) print("CURRENT REQUESTS COUNT: ", current_requests_count)
print("OUR SECRET COOKIE: ", floating_hash) print("MAXIMUM REQUESTS COUNT: ", maximun_requests_per_expire)
if parsed_request_cookies["z_ddos_protection"] == floating_hash then if current_requests_count > maximun_requests_per_expire then
print("CAPTCHA STATUS CHECK SUCCESS") print("CAPTCHA STATUS CHECK START")
local raw_request_cookies = txn.sf:hdr("Cookie")
local parsed_request_cookies = cookie.get_cookie_table(raw_request_cookies)
print("RECEIVED SECRET COOKIE: ", parsed_request_cookies["z_ddos_protection"])
print("OUR SECRET COOKIE: ", floating_hash)
if parsed_request_cookies["z_ddos_protection"] == floating_hash then
print("CAPTCHA STATUS CHECK SUCCESS")
return txn:set_var("txn.captcha_passed", true);
end
print("CAPTCHA STATUS CHECK FINISH")
else
return txn:set_var("txn.captcha_passed", true); return txn:set_var("txn.captcha_passed", true);
end end
print("CAPTCHA STATUS CHECK FINISH")
end end

2
scripts/register.lua
View File

@ -8,4 +8,4 @@ require("test")
core.register_service("hello-world", "http", guard.hello_world) core.register_service("hello-world", "http", guard.hello_world)
core.register_service("hcaptcha-view", "http", hcaptcha.view) core.register_service("hcaptcha-view", "http", hcaptcha.view)
core.register_action("hcaptcha-redirect", { 'http-req', }, hcaptcha.check_captcha_status) core.register_action("hcaptcha-redirect", { 'http-req', }, hcaptcha.check_captcha_status)
core.register_service("ratelimit", "http", test.ratelimit) core.register_action("ratelimit", { 'http-req', }, test.ratelimit)

2
scripts/test.lua
View File

@ -2,7 +2,7 @@ package.path = package.path .. "./?.lua;/usr/local/etc/haproxy/scripts/?.lua"
test = {} test = {}
local redis = require 'redis' local redis = require 'redis'
client = redis.connect('redis', 6379) client = redis.connect('redis', 6379)
local expire_time local expire_time = 120
function test.ratelimit(txn) function test.ratelimit(txn)
local host = txn.sf:hdr("Host") local host = txn.sf:hdr("Host")