b63daef8e1
readme fix, improve, remove old shit cli and interaction diagram
2022-01-02 16:52:45 +11:00
52da926ed2
set ssl verify none on template servers
...
make trace for debug plain for no xss and add ms to timestamp
2022-01-02 01:31:21 +11:00
9787471004
use POST for hcaptcha submission instead of get, since their docs says get is not supported even if it works
2021-12-30 23:50:25 +11:00
2fbba3c8f8
haproxy 2.5 docker
2021-12-30 17:42:24 +11:00
7e2e8d6de3
remove debug template page
2021-12-30 01:41:48 +11:00
83cecb6a18
fhdr for user-agent
2021-12-30 01:25:25 +11:00
ba2880a1d5
dont run setup_servers without the env vars
2021-12-30 00:24:49 +11:00
7de768d731
/cdn-cgi/trace test
2021-12-30 00:13:14 +11:00
e9111471b7
add simple cache and x-cache info header for example/testing
2021-12-28 01:25:15 +11:00
6e32998426
remove unused import
2021-12-28 01:17:59 +11:00
06b28c8650
add dataplaneapi for --save-map-files, and bugfix some small things. custom domain/backendip working pretty well now
2021-12-27 20:42:27 +11:00
9557c06aa1
update, dynamic backends based on hostname ,can be updated live control panel/management socket
2021-12-26 23:56:15 +11:00
6f52ee8977
improved, now handles domain OR path protection with 0, 1, 2 setting for none, pow, captcha
...
global override does POW only (for now --or can be easily changed for captcha+pow) until i make that customisable level too
no more confusing inverted map
use maps correctly as k:v
cleaned up some stuff
added comments
2021-12-04 21:42:27 +11:00
e6ed817746
update gitignore
2021-12-01 14:00:07 +11:00
727bca1623
close #2
2021-12-01 13:59:14 +11:00
2b0b15781e
fix useragent bug in utils due to not using req_fhdr instead of req_hdr http://cbonte.github.io/haproxy-dconv/2.4/configuration.html\#7.3.6-req.fhdr close #3
2021-12-01 13:55:05 +11:00
bc55ce5a93
reduce concurrency of client check again to max 4 thread
2021-12-01 13:54:21 +11:00
b21cc9e90d
expose port 80 in docker-compsoe example
2021-12-01 13:53:56 +11:00
54be416a39
add crypto.subtle check for lokinet and idiots using non-tor browser for .onion
2021-11-30 02:27:19 +11:00
876d0835bc
change script threads to hardwareconcurrency/2 instead of -1, because it can still cause browsers to be sluggish or crash moreso on powerful machines
2021-11-27 01:02:37 +11:00
6d9ec35d9d
readme improvement
2021-11-26 17:19:12 +11:00
e651d25dbb
remove unnecessary layer of tcp mode for stripping proxy, works just fine without it
2021-11-26 14:43:43 +11:00
c03a16214b
close #5
2021-11-26 00:48:50 +11:00
bec6bddf40
close #4
2021-11-26 00:27:47 +11:00
7b11645190
samesite strict and secure in hcaptcha script set-cookie
2021-11-25 18:31:22 +11:00
c16a554754
charset=utf8 to some service repsonses, "ray id" show in captcha page
2021-11-25 18:20:31 +11:00
85b0d6cd52
cli add nocaptcha list
2021-11-25 18:18:16 +11:00
a854ed9822
samesite and secure to pow cookie, fix broken legacy method, and share setTimeout method
2021-11-25 18:17:03 +11:00
48382434c4
change haproxy pathing from /usr/share/etc to /etc
2021-11-25 18:16:07 +11:00
0a6b21f93b
add "domain mode <domain>" to toggle domain in nocaptcha map, and add nocaptcha status in "domain status <domain>" close #1
2021-11-24 22:14:26 +11:00
5a4a02beba
switch 2 maps, one for ddos enabled, the other to disable captcha leaving only POW
...
minor change script messages
todo: update CLI to allow changing
2021-11-24 19:37:56 +11:00
5e04ebd962
fix footer overflow
2021-11-24 13:24:51 +11:00
508e45ae9c
change path for scripts
2021-11-24 12:09:38 +11:00
e6db267f5e
readme updates
2021-11-24 06:23:18 +11:00
77ad645815
visual tweaks and minor script improvement
2021-11-24 06:02:39 +11:00
9f26e53798
combine POW and captcha into one
2021-11-24 05:23:33 +11:00
5c7e796440
remove now unused and unnecessary resolving and hostname functions
2021-11-24 01:10:44 +11:00
0c0fa22d6f
change cookie to not expire instead of client-controlled expiry (duh)
...
use bucket duration as part of secret generation
xxh32 -> xxh64
2021-11-24 01:09:11 +11:00
f7f6ecd276
gitignore docker-compose, remove some unnecessary comments, change cookie name
2021-11-24 00:46:44 +11:00
6400d98975
make the useragent header fetch properly
...
add a salt to the generate_secret function -- that was kinda important right? lol
just pass through to `end` if not POST or GET
make it not use calls to hostname and dig in lua scripts, use haproxy backend resolving instead
improve the template a lot and make it theme-matched to my site and similar to ngx_http_js_challenge robot page
fix various bugs
2021-11-24 00:34:41 +11:00
7a1a91f0e8
feat: add per-user cookie generation
2021-06-14 23:00:04 +03:00
26ae929644
refactor: get rid of luarocks completely, better exceptions handling
2021-06-14 01:21:38 +03:00
aafc04c6a1
docs: add installation instructions
2021-06-12 20:38:20 +03:00
a1b93bf80a
docs: tic lua deps
2021-06-12 00:57:13 +03:00
ff669a9e64
refactor: organize lua dependencies
2021-06-12 00:55:15 +03:00
55ad0713bb
docs: add license file
2021-06-11 22:41:11 +03:00
30b2d4ed91
lint: make ddos-cli shellcheck-compliant
2021-06-11 22:36:15 +03:00
d4483fe161
docs: add to-do list
2021-06-11 22:25:19 +03:00
a4b4e84544
feat: added CLI to manage ddos protection system
2021-06-11 22:14:43 +03:00
fc978cbca6
docs: added interaction diagram
2021-06-11 22:11:10 +03:00
