7ea0fe7dc8
improve check for captcha map fetches by domain and domain+path.
...
old code was just dumb, dunno what i was thinking.
now domain+path takes priority and can be lower or hight level, not just higher level than domain only.
2022-01-19 23:15:18 +11:00
e406ac46ca
Merge branch 'lua-httpclient-test'
2022-01-19 18:09:30 +11:00
d38713b4cb
haproxy snapshot fixes bug, and use url biuld query to make body for hcaptcha post
2022-01-19 18:01:08 +11:00
5007106c3a
space to 4 tabs
2022-01-03 01:16:46 +11:00
c2be84c4f8
body not sending, needs fix
2021-12-31 00:28:56 +11:00
9787471004
use POST for hcaptcha submission instead of get, since their docs says get is not supported even if it works
2021-12-30 23:50:25 +11:00
ba2880a1d5
dont run setup_servers without the env vars
2021-12-30 00:24:49 +11:00
6e32998426
remove unused import
2021-12-28 01:17:59 +11:00
06b28c8650
add dataplaneapi for --save-map-files, and bugfix some small things. custom domain/backendip working pretty well now
2021-12-27 20:42:27 +11:00
9557c06aa1
update, dynamic backends based on hostname ,can be updated live control panel/management socket
2021-12-26 23:56:15 +11:00
6f52ee8977
improved, now handles domain OR path protection with 0, 1, 2 setting for none, pow, captcha
...
global override does POW only (for now --or can be easily changed for captcha+pow) until i make that customisable level too
no more confusing inverted map
use maps correctly as k:v
cleaned up some stuff
added comments
2021-12-04 21:42:27 +11:00
c03a16214b
close #5
2021-11-26 00:48:50 +11:00
7b11645190
samesite strict and secure in hcaptcha script set-cookie
2021-11-25 18:31:22 +11:00
c16a554754
charset=utf8 to some service repsonses, "ray id" show in captcha page
2021-11-25 18:20:31 +11:00
48382434c4
change haproxy pathing from /usr/share/etc to /etc
2021-11-25 18:16:07 +11:00
5a4a02beba
switch 2 maps, one for ddos enabled, the other to disable captcha leaving only POW
...
minor change script messages
todo: update CLI to allow changing
2021-11-24 19:37:56 +11:00
5e04ebd962
fix footer overflow
2021-11-24 13:24:51 +11:00
508e45ae9c
change path for scripts
2021-11-24 12:09:38 +11:00
77ad645815
visual tweaks and minor script improvement
2021-11-24 06:02:39 +11:00
9f26e53798
combine POW and captcha into one
2021-11-24 05:23:33 +11:00
0c0fa22d6f
change cookie to not expire instead of client-controlled expiry (duh)
...
use bucket duration as part of secret generation
xxh32 -> xxh64
2021-11-24 01:09:11 +11:00
f7f6ecd276
gitignore docker-compose, remove some unnecessary comments, change cookie name
2021-11-24 00:46:44 +11:00
6400d98975
make the useragent header fetch properly
...
add a salt to the generate_secret function -- that was kinda important right? lol
just pass through to `end` if not POST or GET
make it not use calls to hostname and dig in lua scripts, use haproxy backend resolving instead
improve the template a lot and make it theme-matched to my site and similar to ngx_http_js_challenge robot page
fix various bugs
2021-11-24 00:34:41 +11:00
7a1a91f0e8
feat: add per-user cookie generation
2021-06-14 23:00:04 +03:00
26ae929644
refactor: get rid of luarocks completely, better exceptions handling
2021-06-14 01:21:38 +03:00
ff669a9e64
refactor: organize lua dependencies
2021-06-12 00:55:15 +03:00
ae2564d4db
refactor: remove ratelimiting functionality,
...
add on-demand global / per-domain ddos protection enabling
add automatic redirect from captcha page back to the requested source
prettify the captcha page
2021-06-10 23:08:45 +03:00
