533137128d
Slight tweak, move mode earlier, fix indent
2025-05-05 20:00:05 +10:00
db27a4d4f7
Add more protection modes with optionals for bfp (and todo other suspicious characteristics)
2025-05-04 19:54:08 +10:00
6cc115c7bf
Update robot text to more correctly say ip/country/network blocked
2025-04-09 20:21:26 +10:00
12fc3eb926
Fix blank lang_json when varnish is up but backend in servers/* is 503 or empty list
2025-04-09 20:05:25 +10:00
70a96bf854
change custom value name in challenge interpolation, anticipate config value in the settings map for toggling
2025-04-06 11:03:56 +10:00
e34c5b60d9
remove l4 observe
2025-04-04 18:00:50 +11:00
6193a56500
increase healthcheck inter and add inter to dynamic servers on init
2025-04-03 20:37:32 +11:00
e59c9c558f
disable dataplaneapi using inotify
2025-04-02 19:29:50 +11:00
a958e0f7c6
Incorporate custom example value into cookie
2025-04-02 19:29:28 +11:00
68621ecf8e
set the log format first, +Q vars still show up
2025-03-31 23:53:09 +11:00
9107985f44
Add lfp mapping and include in log line as an example
2025-03-31 23:47:02 +11:00
455612e998
Add custom tfp example for writing custom case scripts, todo make not apply only to captcha
2025-03-31 23:39:27 +11:00
241c04a1b2
Add health check setup in server registration
...
Add observe layer4 inter to default server line
Fix 3rd nginx and update docker-compose
Remove x-haproxy-cn header fetch because it only needs to be a static fetch of haproxy_cn, since the logic overwrite it to be equivalent
2025-03-28 21:27:21 +11:00
566762d608
Improve backend geo routing to avoid going to further backend for non matching user and proxy cn
2025-03-19 21:10:25 +11:00
fca0eb03b8
Fix the fetch context in server selection not having txn.cdn available, pull from header directly instead
2025-03-17 19:06:28 +11:00
a65d7b90d1
update example maps
2025-03-16 23:03:50 +11:00
842df64c5e
Update haproxy dockerfile for newer lua and fix ca-certificate installation
...
Add verify_none option in server registration (for development testing of SSL backends)
2025-03-16 22:49:00 +11:00
fdbd19ba30
Remove debug prints
2025-03-16 15:57:56 +11:00
30eb129bd8
Push ssl testing
2025-03-16 15:55:49 +11:00
488eb02210
Fix some issues with runtime socket because geo server splitting used invalid character
...
Add additional challenge, not enabled yet
2025-03-16 14:08:39 +11:00
a259d5189f
varnish tweaks
2025-03-15 17:34:29 +11:00
6f10291892
First iteration of working geo routing
2025-03-15 17:31:20 +11:00
84ddfbc719
Add geo routing to different backends for same domain
2025-03-15 12:45:22 +11:00
c0a2f77f8b
Read from ddos_config table to determine if nojs script should be shown (allowing to be disabled per domain or path
2025-03-09 23:06:59 +11:00
63a6933aa4
Update challenge.js to try/catch each attempt at clearing subdomain cookies to ignore "rejected for domain" errors
2025-01-25 10:12:00 +11:00
2011f60377
Fix some variables to be local scope instead of globals
2025-01-19 00:23:23 +11:00
413deac66b
Change bot-check cookie to Lax because that only breaks cross-site navigations without providing any real securit ybenefit
2024-12-08 12:41:53 +11:00
923957d0e7
Change variable to table map name, for checking against whitelist for admin bypass
2024-11-30 03:55:40 +11:00
ba05a88ca8
Allow admin accounts whitelists to bypass for all domains even if not matching in domtoacc map
2024-11-29 15:22:08 +11:00
bbec69b89b
Remove redundant and fix forwarded IP in varnish config
...
Skip unnecessary methods in haproxy instead of giving extra work to varnish (kept the check in vcl)
2024-11-29 15:19:11 +11:00
2261c2432f
Update varnish with critical transit_buffer option
2024-11-21 22:12:28 +11:00
d0b21d4ce1
Fix BANing
2024-11-13 21:25:58 +11:00
f2ad095874
Add suppoer for handling BAN requests
2024-11-13 21:08:23 +11:00
174609313f
Update handling for cookies/authed requests
2024-11-13 16:38:34 +11:00
83c2b397e8
fix max-age parsing, remove some varnish ehaders
2024-11-13 16:15:40 +11:00
0016aa5204
Clean up some sockets locations
...
Remove vcl_init for secret initialisation
2024-11-13 14:20:50 +11:00
bd8079743f
add header restriction to cache purging
2024-11-12 20:33:04 +11:00
ad659aa1c5
server name typo
2024-11-12 20:00:14 +11:00
f233c1f06d
Switch to unix sockets for varnish<->haproxy comms
...
Remove some cruft from old caching
2024-11-12 19:58:38 +11:00
0d5e39cad1
Implement varnish for caching alongside haproxy, remove using internal haproxy cache
2024-11-12 18:41:02 +11:00
6643e3f7db
default to empty string if nil map lookup in css map
2024-10-21 18:14:53 +11:00
f6e1adf1c5
clear css map
2024-10-21 18:11:28 +11:00
7e44a236a1
Add the custom css map (for bot-check page so far)
2024-10-21 00:07:03 +11:00
f9a3798edb
Escape first %s in string format, no need to template in %s...
2024-09-17 21:15:59 +10:00
89ff3637d4
Add an optional USE_INTER_FONT to insert inter css tags and extra css for font
...
Separate css out into variable to template into body template with first stage template compile
2024-09-17 21:15:04 +10:00
c2074eec5f
Precompute captcha section on startup since its based on (what) an ENV
...
Remove unused captcha_backend_name and captcha backend in config, not needed since haproxy 2.7
2024-09-16 22:30:00 +10:00
601a2b3989
Merge branch 'dev-wl'
2024-09-16 21:13:21 +10:00
45f81f96ae
Optimizations, remove a call to string.format, remove an if in else/if for deciding pow and/or captcha check
2024-09-16 21:00:20 +10:00
ab841ef752
Fix the removed return from commenting out updateElem, undoes unnecessary buggy check from previous commit
2024-08-18 19:57:20 +10:00
90df19cbed
Update challenge to skip undefined worker answers
2024-08-18 19:51:38 +10:00
