Cavemanon/haproxy-protection
8
Fork 0
mirror of https://gitgud.io/fatchan/haproxy-protection.git synced 2025-05-09 02:05:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
279 Commits 2 Branches 1 Tag
842df64c5eeb261b9869f66da13fb861bf5cb0d3
Commit Graph

279 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Thomas Lynch
fb69c46574 Floor remaining time, remove . 2022-10-02 22:15:06 +11:00
Thomas Lynch
4dd6eec87e Show pow speed, and estimate remaining time 2022-10-02 22:11:38 +11:00
Thomas Lynch
f285934bf1 Remove unused sha script 2022-10-02 06:19:32 +00:00
Thomas Lynch
33a1aa02a9 Merge branch 'master' into kikeflare 2022-10-02 06:18:26 +00:00
Thomas Lynch
64e26f65b5 - Add ability to communicate with Tor control port and close circuits. Can be called from lua or as a http-request lua... call to do it based off an ACL. close #16 
- Make POW checked before captcha in POST handler, since they both must be submittedin captcha mode, we don't want to send POST to /siteverify if they didnt even solve the POW

Other:
- Change (improve) split util to leave empty table entries for repeated delimiters
- Minor frontend script bugfix so error messages display properly in captcha mode
- Wrap submit button of noscript pow form to next line
 2022-10-02 04:57:59 +11:00
Thomas Lynch
55eb293675 Merge branch 'master' into kikeflare 2022-10-01 05:53:17 +00:00
Thomas Lynch
eb1dc3e378 Slightly change/improve max used cpu threads, and make tor use all that it has 2022-10-01 15:43:14 +10:00
Thomas Lynch
efe430cf3b Add check for Webassembly support, and error if unsupported 
Improve errors for 400/500 and failed but check post
Remove spinner when inserting error
 2022-10-01 15:36:15 +10:00
Thomas Lynch
eede92d47d Allow a bit better granularity for the difficulty. Recommend an "easier" challenge in terms of memory and iterations, but higher diff. 
Make failed request for captcha/bot form show a little error text.
Make CHALLENGE_INCLUDES_IP "1" = on, anything else = off instead of needing to be unset.
 2022-10-01 15:33:48 +10:00
Thomas Lynch
e7e5d718a3 Merge branch 'master' into kikeflare 2022-09-29 13:14:09 +00:00
Thomas Lynch
434756a7a1 If this fixes what I think it fixes, ill eat my fucking shoe 2022-09-29 21:54:58 +10:00
Thomas Lynch
b43d207847 Make cookie apply to all subdomains 2022-09-28 00:41:04 +10:00
Thomas Lynch
4716cf1be2 Improve & cleanup README, docker-compose, haproxy config argon2 2022-09-25 22:54:51 +10:00
Thomas Lynch
1a1faf9e03 Merge branch 'argon2' into kikeflare 2022-09-25 04:38:02 +00:00
Thomas Lynch
84fe5037b9 Make the staggered start work properly 2022-09-25 14:34:21 +10:00
Thomas Lynch
4806dea4fc Merge branch 'argon2' into kikeflare 2022-09-24 14:57:05 +00:00
Thomas Lynch
a6b6bc1510 word-break:break-all on header which can contain long domain name 2022-09-25 00:40:52 +10:00
Thomas Lynch
fe972b0868 Remove unused times variable 2022-09-24 23:11:05 +10:00
Thomas Lynch
a50b35b65d argon2 implementation 
- memory and time params customisable as well as "difficulty", default 1 iteration, 6000KB, 3 difficulty.
- updated the noscript bash method to work with argon2
- works in webworkers or main thread, capped at 8 threads (doesn't seem to crash firefox anymore -- we could go higher)
 2022-09-24 22:56:55 +10:00
Thomas Lynch
ea3f8bf291 Small docker improvement for better testing/development (no more 503) 2022-09-23 00:41:33 +10:00
Thomas Lynch
d019440bc0 Move POW proof checking to POST and sign a cookie there, kinda like captcha flow, so we can do a more intensive one without it happening on every request. We just check the hmac now. 
Still TODO actually converting it to argon, but should be straightforward from this point.
Another advantage of making POW check use POST is a better noscript experience. We now provide a box and "submit" button, so they don't have to mess with setting a cookie.
 2022-09-23 00:26:20 +10:00
Thomas Lynch
7eaa1d7ac0 Merge branch 'master' into kikeflare 2022-09-21 13:37:56 +00:00
Thomas Lynch
521f9742c1 revert back to 2 thread max again because turns out firefox didnt get better, just tor limits to 1 thread anyway 2022-09-21 21:32:33 +10:00
Thomas Lynch
614b437667 Add ability to include IPs in challenge hash generation, to lock cookies to IPs (like the pre-sig mode) 2022-09-21 21:31:48 +10:00
Thomas Lynch
20a04f23c2 Change wording for public branch 2022-09-21 19:47:47 +10:00
Thomas Lynch
e1c786a1d7 Add example snippet of how to acl/whitelist stats sockte 2022-09-18 19:01:38 +10:00
Thomas Lynch
ff779c7cce Merge branch 'captcha-auto-submit' into kikeflare 2022-09-17 15:47:29 +00:00
Thomas Lynch
0af1a740ab Make captcha submission automatic and not require clicking a "submit" form button 2022-09-18 01:41:02 +10:00
Thomas Lynch
3f40192d55 Update README with new env vars 
Remove dataplaneapi junk
 2022-09-17 19:22:27 +10:00
Thomas Lynch
349c73ecbf Merge branch 'master' into kikeflare 2022-09-17 09:07:20 +00:00
Thomas Lynch
d115ca6f46 ref #15 2022-09-17 19:06:37 +10:00
Thomas Lynch
244e63eba2 Merge branch 'master' into kikeflare 2022-09-17 08:49:26 +00:00
Thomas Lynch
194c5bb96c Check ssl_fc for whether to set captcha cookie as secure close #15 2022-09-17 18:48:28 +10:00
Thomas Lynch
e9e97a7843 Merge branch 'master' into kikeflare 2022-09-16 18:40:19 +00:00
Thomas Lynch
3f7e48def6 update the nojs terminal script 2022-09-17 04:38:42 +10:00
Thomas Lynch
f6d234ff7d Merge branch 'master' into kikeflare 2022-09-16 18:06:55 +00:00
Thomas Lynch
571d01db27 Merge branch 'master' into kikeflare 2022-09-16 18:04:52 +00:00
Thomas Lynch
207c3af05b Patch some bugs in the updated challenge.js especially related to the fallback mode 2022-09-17 04:04:27 +10:00
Thomas Lynch
598790cb4f - Fix some docker-compose issues close #14 
- Move to new scheme with some hashing, sigs, and a random user key. close #13
- Change to sha256 rather than sha1 (temporary, but i guess its slightly more secure which is nice for now) ref #10
- Change POW output checked value
- Add lib for randombytes, udpate lua sha lib
- Remove outdated difficulty checks in frontend (was hardcoded 0 anyway) and since algo change is coming soon, there is no need to keep it
 2022-09-17 02:45:27 +10:00
Thomas Lynch
7dbc14feb3 remove my grecaptcha secrets (invalidated now thx :^) 2022-09-12 23:43:11 +10:00
Thomas Lynch
0d991770cf google recaptcha v2 support 2022-09-12 23:37:21 +10:00
Thomas Lynch
c9e007639e - Make the "checking your browser for robots" look more like cloudflare 
- Reduce the default concurrency of the frontend script to 2 threads because any higher seems to crash firefox (and its quick enough even with 2 threads anyway)
- Remove the footerlogo from challenge and maintenance page, and update the link
 2022-09-10 08:23:09 +10:00
Thomas Lynch
fa4c437725 New based domain 2022-09-03 14:58:52 +00:00
Thomas Lynch
da82579399 move the improved site title to a separate new section, so now the hcaptcha page has it too 2022-09-03 11:30:04 +00:00
Thomas Lynch
d2c9e1a15f reduce max concurrency to 2 because firefox is such a complete pile of dogshit that cant cope with multithreaded javascript 2022-09-02 14:31:40 +00:00
Thomas Lynch
cc826accf3 style fixes for noscript pow 2022-09-02 14:30:29 +00:00
Thomas Lynch
cf075b9ab2 improve loading page 2022-09-01 11:49:03 +00:00
Thomas Lynch
c6227ab2cf Merge branch 'master' into kikeflare 2022-04-26 07:32:08 +00:00
Thomas Lynch
77518cee69 maintenance mode 2022-04-26 07:30:34 +00:00
Thomas Lynch
5085dd69da Merge branch 'master' into kikeflare 2022-04-26 13:07:48 +10:00