e59c9c558f
disable dataplaneapi using inotify
2025-04-02 19:29:50 +11:00
a958e0f7c6
Incorporate custom example value into cookie
2025-04-02 19:29:28 +11:00
68621ecf8e
set the log format first, +Q vars still show up
2025-03-31 23:53:09 +11:00
9107985f44
Add lfp mapping and include in log line as an example
2025-03-31 23:47:02 +11:00
455612e998
Add custom tfp example for writing custom case scripts, todo make not apply only to captcha
2025-03-31 23:39:27 +11:00
241c04a1b2
Add health check setup in server registration
...
Add observe layer4 inter to default server line
Fix 3rd nginx and update docker-compose
Remove x-haproxy-cn header fetch because it only needs to be a static fetch of haproxy_cn, since the logic overwrite it to be equivalent
2025-03-28 21:27:21 +11:00
566762d608
Improve backend geo routing to avoid going to further backend for non matching user and proxy cn
2025-03-19 21:10:25 +11:00
fca0eb03b8
Fix the fetch context in server selection not having txn.cdn available, pull from header directly instead
2025-03-17 19:06:28 +11:00
a65d7b90d1
update example maps
2025-03-16 23:03:50 +11:00
842df64c5e
Update haproxy dockerfile for newer lua and fix ca-certificate installation
...
Add verify_none option in server registration (for development testing of SSL backends)
2025-03-16 22:49:00 +11:00
fdbd19ba30
Remove debug prints
2025-03-16 15:57:56 +11:00
30eb129bd8
Push ssl testing
2025-03-16 15:55:49 +11:00
488eb02210
Fix some issues with runtime socket because geo server splitting used invalid character
...
Add additional challenge, not enabled yet
2025-03-16 14:08:39 +11:00
a259d5189f
varnish tweaks
2025-03-15 17:34:29 +11:00
6f10291892
First iteration of working geo routing
2025-03-15 17:31:20 +11:00
84ddfbc719
Add geo routing to different backends for same domain
2025-03-15 12:45:22 +11:00
c0a2f77f8b
Read from ddos_config table to determine if nojs script should be shown (allowing to be disabled per domain or path
2025-03-09 23:06:59 +11:00
63a6933aa4
Update challenge.js to try/catch each attempt at clearing subdomain cookies to ignore "rejected for domain" errors
2025-01-25 10:12:00 +11:00
2011f60377
Fix some variables to be local scope instead of globals
2025-01-19 00:23:23 +11:00
413deac66b
Change bot-check cookie to Lax because that only breaks cross-site navigations without providing any real securit ybenefit
2024-12-08 12:41:53 +11:00
923957d0e7
Change variable to table map name, for checking against whitelist for admin bypass
2024-11-30 03:55:40 +11:00
ba05a88ca8
Allow admin accounts whitelists to bypass for all domains even if not matching in domtoacc map
2024-11-29 15:22:08 +11:00
bbec69b89b
Remove redundant and fix forwarded IP in varnish config
...
Skip unnecessary methods in haproxy instead of giving extra work to varnish (kept the check in vcl)
2024-11-29 15:19:11 +11:00
2261c2432f
Update varnish with critical transit_buffer option
2024-11-21 22:12:28 +11:00
d0b21d4ce1
Fix BANing
2024-11-13 21:25:58 +11:00
f2ad095874
Add suppoer for handling BAN requests
2024-11-13 21:08:23 +11:00
174609313f
Update handling for cookies/authed requests
2024-11-13 16:38:34 +11:00
83c2b397e8
fix max-age parsing, remove some varnish ehaders
2024-11-13 16:15:40 +11:00
0016aa5204
Clean up some sockets locations
...
Remove vcl_init for secret initialisation
2024-11-13 14:20:50 +11:00
bd8079743f
add header restriction to cache purging
2024-11-12 20:33:04 +11:00
ad659aa1c5
server name typo
2024-11-12 20:00:14 +11:00
f233c1f06d
Switch to unix sockets for varnish<->haproxy comms
...
Remove some cruft from old caching
2024-11-12 19:58:38 +11:00
0d5e39cad1
Implement varnish for caching alongside haproxy, remove using internal haproxy cache
2024-11-12 18:41:02 +11:00
6643e3f7db
default to empty string if nil map lookup in css map
2024-10-21 18:14:53 +11:00
f6e1adf1c5
clear css map
2024-10-21 18:11:28 +11:00
7e44a236a1
Add the custom css map (for bot-check page so far)
2024-10-21 00:07:03 +11:00
f9a3798edb
Escape first %s in string format, no need to template in %s...
2024-09-17 21:15:59 +10:00
89ff3637d4
Add an optional USE_INTER_FONT to insert inter css tags and extra css for font
...
Separate css out into variable to template into body template with first stage template compile
2024-09-17 21:15:04 +10:00
c2074eec5f
Precompute captcha section on startup since its based on (what) an ENV
...
Remove unused captcha_backend_name and captcha backend in config, not needed since haproxy 2.7
2024-09-16 22:30:00 +10:00
601a2b3989
Merge branch 'dev-wl'
2024-09-16 21:13:21 +10:00
45f81f96ae
Optimizations, remove a call to string.format, remove an if in else/if for deciding pow and/or captcha check
2024-09-16 21:00:20 +10:00
ab841ef752
Fix the removed return from commenting out updateElem, undoes unnecessary buggy check from previous commit
2024-08-18 19:57:20 +10:00
90df19cbed
Update challenge to skip undefined worker answers
2024-08-18 19:51:38 +10:00
f1d827f3b3
Improve red class, make not fullwidth and left aligned text
2024-08-15 23:06:22 +10:00
51e5f82d68
Update challenge.min.js
2024-08-15 22:57:12 +10:00
7ab93e33e7
minify bot check page css
2024-08-15 22:56:30 +10:00
c29a14ffd8
Remove updateelem calls to hide some unnecessary messages in frontend scripts
...
Update spacing of some elements on bot check page
2024-08-15 22:50:29 +10:00
ba62d322a4
Update bot-check page styling
2024-08-15 22:45:17 +10:00
a0ff482b17
Cleanup server registration and fix for Haproxy 3.0 because newline delimited commands are rejected. Now must be separated by semicolon.
2024-07-11 21:10:03 +10:00
f7dc984d60
Testing new ACLs for query string
2024-07-11 21:09:24 +10:00
