d23ee6c897
kikeflare customisation branch
2022-03-15 22:00:02 +11:00
d5a83be478
Change last stage of the noscript command option to bash instead of sh.
...
Even if a lot of distros just symlink sh > bash the script needs to do some substitutions not supported in sh, so it's more correct. Who doesnt have bash these days anyway?
2022-02-20 23:14:39 +11:00
640f80bb56
for noscript users, in pow only mode (not when hcaptcha enabled), the page now includes a small encoded script that will get the correct captcha value. Slower than javascript, but good enough.
2022-02-20 01:01:40 +11:00
1bf8992371
link to repo until new site ready
2022-01-27 22:39:13 +11:00
7ea0fe7dc8
improve check for captcha map fetches by domain and domain+path.
...
old code was just dumb, dunno what i was thinking.
now domain+path takes priority and can be lower or hight level, not just higher level than domain only.
2022-01-19 23:15:18 +11:00
e406ac46ca
Merge branch 'lua-httpclient-test'
2022-01-19 18:09:30 +11:00
d38713b4cb
haproxy snapshot fixes bug, and use url biuld query to make body for hcaptcha post
2022-01-19 18:01:08 +11:00
5007106c3a
space to 4 tabs
2022-01-03 01:16:46 +11:00
b63daef8e1
readme fix, improve, remove old shit cli and interaction diagram
2022-01-02 16:52:45 +11:00
c2be84c4f8
body not sending, needs fix
2021-12-31 00:28:56 +11:00
9787471004
use POST for hcaptcha submission instead of get, since their docs says get is not supported even if it works
2021-12-30 23:50:25 +11:00
ba2880a1d5
dont run setup_servers without the env vars
2021-12-30 00:24:49 +11:00
6e32998426
remove unused import
2021-12-28 01:17:59 +11:00
06b28c8650
add dataplaneapi for --save-map-files, and bugfix some small things. custom domain/backendip working pretty well now
2021-12-27 20:42:27 +11:00
9557c06aa1
update, dynamic backends based on hostname ,can be updated live control panel/management socket
2021-12-26 23:56:15 +11:00
6f52ee8977
improved, now handles domain OR path protection with 0, 1, 2 setting for none, pow, captcha
...
global override does POW only (for now --or can be easily changed for captcha+pow) until i make that customisable level too
no more confusing inverted map
use maps correctly as k:v
cleaned up some stuff
added comments
2021-12-04 21:42:27 +11:00
727bca1623
close #2
2021-12-01 13:59:14 +11:00
2b0b15781e
fix useragent bug in utils due to not using req_fhdr instead of req_hdr http://cbonte.github.io/haproxy-dconv/2.4/configuration.html\#7.3.6-req.fhdr close #3
2021-12-01 13:55:05 +11:00
c03a16214b
close #5
2021-11-26 00:48:50 +11:00
7b11645190
samesite strict and secure in hcaptcha script set-cookie
2021-11-25 18:31:22 +11:00
c16a554754
charset=utf8 to some service repsonses, "ray id" show in captcha page
2021-11-25 18:20:31 +11:00
85b0d6cd52
cli add nocaptcha list
2021-11-25 18:18:16 +11:00
48382434c4
change haproxy pathing from /usr/share/etc to /etc
2021-11-25 18:16:07 +11:00
0a6b21f93b
add "domain mode <domain>" to toggle domain in nocaptcha map, and add nocaptcha status in "domain status <domain>" close #1
2021-11-24 22:14:26 +11:00
5a4a02beba
switch 2 maps, one for ddos enabled, the other to disable captcha leaving only POW
...
minor change script messages
todo: update CLI to allow changing
2021-11-24 19:37:56 +11:00
5e04ebd962
fix footer overflow
2021-11-24 13:24:51 +11:00
508e45ae9c
change path for scripts
2021-11-24 12:09:38 +11:00
77ad645815
visual tweaks and minor script improvement
2021-11-24 06:02:39 +11:00
9f26e53798
combine POW and captcha into one
2021-11-24 05:23:33 +11:00
5c7e796440
remove now unused and unnecessary resolving and hostname functions
2021-11-24 01:10:44 +11:00
0c0fa22d6f
change cookie to not expire instead of client-controlled expiry (duh)
...
use bucket duration as part of secret generation
xxh32 -> xxh64
2021-11-24 01:09:11 +11:00
f7f6ecd276
gitignore docker-compose, remove some unnecessary comments, change cookie name
2021-11-24 00:46:44 +11:00
6400d98975
make the useragent header fetch properly
...
add a salt to the generate_secret function -- that was kinda important right? lol
just pass through to `end` if not POST or GET
make it not use calls to hostname and dig in lua scripts, use haproxy backend resolving instead
improve the template a lot and make it theme-matched to my site and similar to ngx_http_js_challenge robot page
fix various bugs
2021-11-24 00:34:41 +11:00
7a1a91f0e8
feat: add per-user cookie generation
2021-06-14 23:00:04 +03:00
26ae929644
refactor: get rid of luarocks completely, better exceptions handling
2021-06-14 01:21:38 +03:00
ff669a9e64
refactor: organize lua dependencies
2021-06-12 00:55:15 +03:00
30b2d4ed91
lint: make ddos-cli shellcheck-compliant
2021-06-11 22:36:15 +03:00
a4b4e84544
feat: added CLI to manage ddos protection system
2021-06-11 22:14:43 +03:00
ae2564d4db
refactor: remove ratelimiting functionality,
...
add on-demand global / per-domain ddos protection enabling
add automatic redirect from captcha page back to the requested source
prettify the captcha page
2021-06-10 23:08:45 +03:00
