Cavemanon/haproxy-protection
8
Fork 0
mirror of https://gitgud.io/fatchan/haproxy-protection.git synced 2025-05-09 02:05:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
290 Commits 2 Branches 1 Tag
e34c5b60d971e399a3e53a5e38f5b7749e643e6c
Commit Graph

150 Commits

Author SHA1 Message Date
Thomas Lynch
8b361f89c5 Image on bot-check adn css tweak, change footers to basedflare link in template, maintenance, bot-check 2023-04-10 17:48:44 +10:00
Thomas Lynch
e46b223759 add x-country code in cgi template.txt 2023-04-08 00:16:31 +10:00
Thomas Lynch
40da57544a Support multiple backends per domain with the help of some lua 2023-04-06 22:40:03 +10:00
Thomas Lynch
3e75fafd38 update cgi/trace template 2023-03-23 01:09:56 +11:00
Thomas Lynch
94567f69ff Improve appearance and affordance of challenge pages with some template and js tweaks 2023-03-19 13:07:41 +11:00
Thomas Lynch
9478892614 Allow proper ssl verification for backends (With a privately managed CA of course) 2023-03-18 15:21:21 +11:00
Thomas Lynch
521e4ab335 not bold h3, hide generic favicon, white bg instead off offwhite 2023-03-06 19:47:50 +11:00
Thomas Lynch
5b98b5b15c simple redirect map 2023-03-04 20:18:54 +11:00
Thomas Lynch
174e1a8234 Center errors because they dont have the same body layout as maintenance/bot-check 2023-02-18 17:37:48 +11:00
Thomas Lynch
ed75048f73 finally make the errors reusable and templated 2023-02-18 17:34:10 +11:00
Thomas Lynch
8dc0aef924 Merge branch 'master' into kikeflare 2023-02-18 15:15:01 +11:00
Thomas Lynch
3cc7482084 Fully convert to data plane api 
Change global ACL to a map to realtime update with data plane api
Change how on setartup servers are registered in lua
 2023-02-18 15:14:40 +11:00
Thomas Lynch
ee25821dfe Merge branch 'master' into kikeflare 2023-02-14 01:05:52 +11:00
Thomas Lynch
9f95f1c9ac update maintenance template style 2023-02-14 01:05:22 +11:00
Thomas Lynch
4aad3a5e8e Merge branch 'master' into kikeflare 2023-02-14 00:56:39 +11:00
Thomas Lynch
875e9e5edd Add back dataplaneapi in anticipation of using it to control haproxy rather than haproxy-sdk runtime socket 2023-02-12 13:17:03 +11:00
Thomas Lynch
d1adb677ba fix footerlogo path 2023-02-12 09:04:16 +11:00
Thomas Lynch
0b648a3ce3 maintenance page fix 2023-02-12 00:34:09 +11:00
Thomas Lynch
12ff24e2d5 Merge branch 'next' into kikeflare 2023-02-11 23:50:35 +11:00
Thomas Lynch
9531049aa9 Update haproxy config, scripts & docker-compose to use simpler mroe organised files layout 
Make cookies sent from captcha/pow response be httponly
 2023-02-11 21:39:38 +11:00
Thomas Lynch
1612e342ee rename BUCKET_DURATION since its now an expiry time 2023-02-11 21:05:10 +11:00
Thomas Lynch
08a966c121 Reorganise, move code to not be split between haproxy and src folder 2023-02-11 15:06:35 +11:00
Thomas Lynch
4637df4745 add missing basedflare paths to worker and challenge includes 2023-02-11 14:22:34 +11:00
Thomas Lynch
16767e0a97 Add updated maintenance.html with template vars for lf-file 2023-02-11 14:18:36 +11:00
Thomas Lynch
45bc67fae4 Move everything under paths like /.basedflare/ instead of putting stuff in paths where it might conflict 
Move templates to own file instead of in main lua script
Rename some stuff from "hcatpcha" to more correct "captcha" and "bot-check" because we no longer only have hcaptcha
Clean some code and add a few comments
 2023-02-11 14:16:51 +11:00
Thomas Lynch
43297c931a Merge branch 'master' into kikeflare 2023-01-06 19:14:21 +11:00
Thomas Lynch
1c6504e83e use lua-load-per-thread as per https://cbonte.github.io/haproxy-dconv/2.6/configuration.html\#3.1-lua-load because we don't have any cross request/thread global vars to worry about 2023-01-06 19:04:02 +11:00
Thomas Lynch
434586c657 Merge branch 'master' into kikeflare 2022-10-02 21:39:45 +00:00
Thomas Lynch
d61f320ba9 Dont show negative seconds 2022-10-03 08:36:30 +11:00
Thomas Lynch
c61dd4caa2 No need to div/multiply 2022-10-03 08:36:10 +11:00
Thomas Lynch
fb69c46574 Floor remaining time, remove . 2022-10-02 22:15:06 +11:00
Thomas Lynch
4dd6eec87e Show pow speed, and estimate remaining time 2022-10-02 22:11:38 +11:00
Thomas Lynch
f285934bf1 Remove unused sha script 2022-10-02 06:19:32 +00:00
Thomas Lynch
33a1aa02a9 Merge branch 'master' into kikeflare 2022-10-02 06:18:26 +00:00
Thomas Lynch
64e26f65b5 - Add ability to communicate with Tor control port and close circuits. Can be called from lua or as a http-request lua... call to do it based off an ACL. close #16 
- Make POW checked before captcha in POST handler, since they both must be submittedin captcha mode, we don't want to send POST to /siteverify if they didnt even solve the POW

Other:
- Change (improve) split util to leave empty table entries for repeated delimiters
- Minor frontend script bugfix so error messages display properly in captcha mode
- Wrap submit button of noscript pow form to next line
 2022-10-02 04:57:59 +11:00
Thomas Lynch
55eb293675 Merge branch 'master' into kikeflare 2022-10-01 05:53:17 +00:00
Thomas Lynch
eb1dc3e378 Slightly change/improve max used cpu threads, and make tor use all that it has 2022-10-01 15:43:14 +10:00
Thomas Lynch
efe430cf3b Add check for Webassembly support, and error if unsupported 
Improve errors for 400/500 and failed but check post
Remove spinner when inserting error
 2022-10-01 15:36:15 +10:00
Thomas Lynch
eede92d47d Allow a bit better granularity for the difficulty. Recommend an "easier" challenge in terms of memory and iterations, but higher diff. 
Make failed request for captcha/bot form show a little error text.
Make CHALLENGE_INCLUDES_IP "1" = on, anything else = off instead of needing to be unset.
 2022-10-01 15:33:48 +10:00
Thomas Lynch
e7e5d718a3 Merge branch 'master' into kikeflare 2022-09-29 13:14:09 +00:00
Thomas Lynch
4716cf1be2 Improve & cleanup README, docker-compose, haproxy config 2022-09-25 22:54:51 +10:00
Thomas Lynch
1a1faf9e03 Merge branch 'argon2' into kikeflare 2022-09-25 04:38:02 +00:00
Thomas Lynch
84fe5037b9 Make the staggered start work properly 2022-09-25 14:34:21 +10:00
Thomas Lynch
4806dea4fc Merge branch 'argon2' into kikeflare 2022-09-24 14:57:05 +00:00
Thomas Lynch
fe972b0868 Remove unused times variable 2022-09-24 23:11:05 +10:00
Thomas Lynch
a50b35b65d argon2 implementation 
- memory and time params customisable as well as "difficulty", default 1 iteration, 6000KB, 3 difficulty.
- updated the noscript bash method to work with argon2
- works in webworkers or main thread, capped at 8 threads (doesn't seem to crash firefox anymore -- we could go higher)
 2022-09-24 22:56:55 +10:00
Thomas Lynch
ea3f8bf291 Small docker improvement for better testing/development (no more 503) 2022-09-23 00:41:33 +10:00
Thomas Lynch
d019440bc0 Move POW proof checking to POST and sign a cookie there, kinda like captcha flow, so we can do a more intensive one without it happening on every request. We just check the hmac now. 
Still TODO actually converting it to argon, but should be straightforward from this point.
Another advantage of making POW check use POST is a better noscript experience. We now provide a box and "submit" button, so they don't have to mess with setting a cookie.
 2022-09-23 00:26:20 +10:00
Thomas Lynch
7eaa1d7ac0 Merge branch 'master' into kikeflare 2022-09-21 13:37:56 +00:00
Thomas Lynch
521f9742c1 revert back to 2 thread max again because turns out firefox didnt get better, just tor limits to 1 thread anyway 2022-09-21 21:32:33 +10:00