Cavemanon/haproxy-protection
9
Fork 0
mirror of https://gitgud.io/fatchan/haproxy-protection.git synced 2025-05-09 02:05:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
60 Commits 2 Branches 1 Tag
9787471004ead268261f23c88e138c1b3d6e1aee
Commit Graph

60 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Thomas Lynch
9787471004 use POST for hcaptcha submission instead of get, since their docs says get is not supported even if it works 2021-12-30 23:50:25 +11:00
Thomas Lynch
2fbba3c8f8 haproxy 2.5 docker 2021-12-30 17:42:24 +11:00
Thomas Lynch
7e2e8d6de3 remove debug template page 2021-12-30 01:41:48 +11:00
Thomas Lynch
83cecb6a18 fhdr for user-agent 2021-12-30 01:25:25 +11:00
Thomas Lynch
ba2880a1d5 dont run setup_servers without the env vars 2021-12-30 00:24:49 +11:00
Thomas Lynch
7de768d731 /cdn-cgi/trace test 2021-12-30 00:13:14 +11:00
Thomas Lynch
e9111471b7 add simple cache and x-cache info header for example/testing 2021-12-28 01:25:15 +11:00
Thomas Lynch
6e32998426 remove unused import 2021-12-28 01:17:59 +11:00
Thomas Lynch
06b28c8650 add dataplaneapi for --save-map-files, and bugfix some small things. custom domain/backendip working pretty well now 2021-12-27 20:42:27 +11:00
Thomas Lynch
9557c06aa1 update, dynamic backends based on hostname ,can be updated live control panel/management socket 2021-12-26 23:56:15 +11:00
Thomas Lynch
6f52ee8977 improved, now handles domain OR path protection with 0, 1, 2 setting for none, pow, captcha 
global override does POW only (for now --or can be easily changed for captcha+pow) until i make that customisable level too
no more confusing inverted map
use maps correctly as k:v
cleaned up some stuff
added comments
 2021-12-04 21:42:27 +11:00
Thomas Lynch
e6ed817746 update gitignore 2021-12-01 14:00:07 +11:00
Thomas Lynch
727bca1623 close #2 2021-12-01 13:59:14 +11:00
Thomas Lynch
2b0b15781e fix useragent bug in utils due to not using req_fhdr instead of req_hdr http://cbonte.github.io/haproxy-dconv/2.4/configuration.html\#7.3.6-req.fhdr close #3 2021-12-01 13:55:05 +11:00
Thomas Lynch
bc55ce5a93 reduce concurrency of client check again to max 4 thread 2021-12-01 13:54:21 +11:00
Thomas Lynch
b21cc9e90d expose port 80 in docker-compsoe example 2021-12-01 13:53:56 +11:00
Thomas Lynch
54be416a39 add crypto.subtle check for lokinet and idiots using non-tor browser for .onion 2021-11-30 02:27:19 +11:00
Thomas Lynch
876d0835bc change script threads to hardwareconcurrency/2 instead of -1, because it can still cause browsers to be sluggish or crash moreso on powerful machines 2021-11-27 01:02:37 +11:00
Thomas Lynch
6d9ec35d9d readme improvement 2021-11-26 17:19:12 +11:00
Thomas Lynch
e651d25dbb remove unnecessary layer of tcp mode for stripping proxy, works just fine without it 2021-11-26 14:43:43 +11:00
Thomas Lynch
c03a16214b close #5 2021-11-26 00:48:50 +11:00
Thomas Lynch
bec6bddf40 close #4 2021-11-26 00:27:47 +11:00
Thomas Lynch
7b11645190 samesite strict and secure in hcaptcha script set-cookie 2021-11-25 18:31:22 +11:00
Thomas Lynch
c16a554754 charset=utf8 to some service repsonses, "ray id" show in captcha page 2021-11-25 18:20:31 +11:00
Thomas Lynch
85b0d6cd52 cli add nocaptcha list 2021-11-25 18:18:16 +11:00
Thomas Lynch
a854ed9822 samesite and secure to pow cookie, fix broken legacy method, and share setTimeout method 2021-11-25 18:17:03 +11:00
Thomas Lynch
48382434c4 change haproxy pathing from /usr/share/etc to /etc 2021-11-25 18:16:07 +11:00
Thomas Lynch
0a6b21f93b add "domain mode <domain>" to toggle domain in nocaptcha map, and add nocaptcha status in "domain status <domain>" close #1 2021-11-24 22:14:26 +11:00
Thomas Lynch
5a4a02beba switch 2 maps, one for ddos enabled, the other to disable captcha leaving only POW 
minor change script messages
todo: update CLI to allow changing
 2021-11-24 19:37:56 +11:00
Thomas Lynch
5e04ebd962 fix footer overflow 2021-11-24 13:24:51 +11:00
Thomas Lynch
508e45ae9c change path for scripts 2021-11-24 12:09:38 +11:00
Thomas Lynch
e6db267f5e readme updates 2021-11-24 06:23:18 +11:00
Thomas Lynch
77ad645815 visual tweaks and minor script improvement 2021-11-24 06:02:39 +11:00
Thomas Lynch
9f26e53798 combine POW and captcha into one 2021-11-24 05:23:33 +11:00
Thomas Lynch
5c7e796440 remove now unused and unnecessary resolving and hostname functions 2021-11-24 01:10:44 +11:00
Thomas Lynch
0c0fa22d6f change cookie to not expire instead of client-controlled expiry (duh) 
use bucket duration as part of secret generation
xxh32 -> xxh64
 2021-11-24 01:09:11 +11:00
Thomas Lynch
f7f6ecd276 gitignore docker-compose, remove some unnecessary comments, change cookie name 2021-11-24 00:46:44 +11:00
Thomas Lynch
6400d98975 make the useragent header fetch properly 
add a salt to the generate_secret function -- that was kinda important right? lol
just pass through to `end` if not POST or GET
make it not use calls to hostname and dig in lua scripts, use haproxy backend resolving instead
improve the template a lot and make it theme-matched to my site and similar to ngx_http_js_challenge robot page
fix various bugs
 2021-11-24 00:34:41 +11:00
Eugene Prodan
7a1a91f0e8 feat: add per-user cookie generation 2021-06-14 23:00:04 +03:00
Eugene Prodan
26ae929644 refactor: get rid of luarocks completely, better exceptions handling 2021-06-14 01:21:38 +03:00
Eugene Prodan
aafc04c6a1 docs: add installation instructions 2021-06-12 20:38:20 +03:00
Eugene Prodan
a1b93bf80a docs: tic lua deps 2021-06-12 00:57:13 +03:00
Eugene Prodan
ff669a9e64 refactor: organize lua dependencies 2021-06-12 00:55:15 +03:00
Eugene Prodan
55ad0713bb docs: add license file 2021-06-11 22:41:11 +03:00
Eugene Prodan
30b2d4ed91 lint: make ddos-cli shellcheck-compliant 2021-06-11 22:36:15 +03:00
Eugene Prodan
d4483fe161 docs: add to-do list 2021-06-11 22:25:19 +03:00
Eugene Prodan
a4b4e84544 feat: added CLI to manage ddos protection system 2021-06-11 22:14:43 +03:00
Eugene Prodan
fc978cbca6 docs: added interaction diagram 2021-06-11 22:11:10 +03:00
Eugene Prodan
ae2564d4db refactor: remove ratelimiting functionality, 
add on-demand global / per-domain ddos protection enabling
add automatic redirect from captcha page back to the requested source
prettify the captcha page
 2021-06-10 23:08:45 +03:00
Eugene Prodan
d2137f445e feat: add functionality to check if a domain is ratelimited 2021-06-08 23:11:21 +03:00