Commit Graph

Select branches

Hide Pull Requests

dev-varnish

develop

master

argon2

Mono Color

• 533137128d Slight tweak, move mode earlier, fix indent master Thomas Lynch 2025-05-05 20:00:05 +10:00
• db27a4d4f7 Add more protection modes with optionals for bfp (and todo other suspicious characteristics) Thomas Lynch 2025-05-04 19:53:52 +10:00
• 6cc115c7bf Update robot text to more correctly say ip/country/network blocked Thomas Lynch 2025-04-09 20:21:26 +10:00
• 12fc3eb926 Fix blank lang_json when varnish is up but backend in servers/* is 503 or empty list Thomas Lynch 2025-04-09 20:05:25 +10:00
• 70a96bf854 change custom value name in challenge interpolation, anticipate config value in the settings map for toggling Thomas Lynch 2025-04-06 11:03:56 +10:00
• e34c5b60d9 remove l4 observe Thomas Lynch 2025-04-04 18:00:50 +11:00
• 6193a56500 increase healthcheck inter and add inter to dynamic servers on init Thomas Lynch 2025-04-03 20:37:32 +11:00
• e59c9c558f disable dataplaneapi using inotify Thomas Lynch 2025-04-02 19:29:50 +11:00
• a958e0f7c6 Incorporate custom example value into cookie Thomas Lynch 2025-04-02 19:29:28 +11:00
• 68621ecf8e set the log format first, +Q vars still show up Thomas Lynch 2025-03-31 23:52:47 +11:00
• 9107985f44 Add lfp mapping and include in log line as an example Thomas Lynch 2025-03-31 23:47:02 +11:00
• 455612e998 Add custom tfp example for writing custom case scripts, todo make not apply only to captcha Thomas Lynch 2025-03-31 23:39:27 +11:00
• 241c04a1b2 Add health check setup in server registration Add observe layer4 inter to default server line Fix 3rd nginx and update docker-compose Remove x-haproxy-cn header fetch because it only needs to be a static fetch of haproxy_cn, since the logic overwrite it to be equivalent Thomas Lynch 2025-03-28 21:26:28 +11:00
• 566762d608 Improve backend geo routing to avoid going to further backend for non matching user and proxy cn Thomas Lynch 2025-03-19 21:10:25 +11:00
• fca0eb03b8 Fix the fetch context in server selection not having txn.cdn available, pull from header directly instead Thomas Lynch 2025-03-17 19:06:28 +11:00
• a65d7b90d1 update example maps Thomas Lynch 2025-03-16 23:03:50 +11:00
• 842df64c5e Update haproxy dockerfile for newer lua and fix ca-certificate installation Add verify_none option in server registration (for development testing of SSL backends) Thomas Lynch 2025-03-16 22:49:00 +11:00
• fdbd19ba30 Remove debug prints Thomas Lynch 2025-03-16 15:57:56 +11:00
• 30eb129bd8 Push ssl testing Thomas Lynch 2025-03-16 15:55:49 +11:00
• 488eb02210 Fix some issues with runtime socket because geo server splitting used invalid character Add additional challenge, not enabled yet Thomas Lynch 2025-03-16 14:08:19 +11:00
• a259d5189f varnish tweaks Thomas Lynch 2025-03-15 17:34:29 +11:00
• 6f10291892 First iteration of working geo routing Thomas Lynch 2025-03-15 17:31:20 +11:00
• 84ddfbc719 Add geo routing to different backends for same domain Thomas Lynch 2025-03-15 12:45:22 +11:00
• c0a2f77f8b Read from ddos_config table to determine if nojs script should be shown (allowing to be disabled per domain or path Thomas Lynch 2025-03-09 21:31:15 +11:00
• 63a6933aa4 Update challenge.js to try/catch each attempt at clearing subdomain cookies to ignore "rejected for domain" errors Thomas Lynch 2025-01-25 10:12:00 +11:00
• 2011f60377 Fix some variables to be local scope instead of globals Thomas Lynch 2025-01-19 00:23:23 +11:00
• 413deac66b Change bot-check cookie to Lax because that only breaks cross-site navigations without providing any real securit ybenefit Thomas Lynch 2024-12-08 12:41:53 +11:00
• 923957d0e7 Change variable to table map name, for checking against whitelist for admin bypass Thomas Lynch 2024-11-30 03:55:25 +11:00
• ba05a88ca8 Allow admin accounts whitelists to bypass for all domains even if not matching in domtoacc map Thomas Lynch 2024-11-29 15:22:08 +11:00
• bbec69b89b Remove redundant and fix forwarded IP in varnish config Skip unnecessary methods in haproxy instead of giving extra work to varnish (kept the check in vcl) Thomas Lynch 2024-11-29 15:19:11 +11:00
• 2261c2432f Update varnish with critical transit_buffer option Thomas Lynch 2024-11-21 22:12:28 +11:00
• d0b21d4ce1 Fix BANing dev-varnish Thomas Lynch 2024-11-13 21:25:58 +11:00
• f2ad095874 Add suppoer for handling BAN requests Thomas Lynch 2024-11-13 21:08:23 +11:00
• 174609313f Update handling for cookies/authed requests Thomas Lynch 2024-11-13 16:38:34 +11:00
• 83c2b397e8 fix max-age parsing, remove some varnish ehaders Thomas Lynch 2024-11-13 16:15:40 +11:00
• 0016aa5204 Clean up some sockets locations Remove vcl_init for secret initialisation Thomas Lynch 2024-11-13 14:20:50 +11:00
• bd8079743f add header restriction to cache purging Thomas Lynch 2024-11-12 20:33:04 +11:00
• ad659aa1c5 server name typo Thomas Lynch 2024-11-12 20:00:14 +11:00
• f233c1f06d Switch to unix sockets for varnish<->haproxy comms Remove some cruft from old caching Thomas Lynch 2024-11-12 19:58:38 +11:00
• 0d5e39cad1 Implement varnish for caching alongside haproxy, remove using internal haproxy cache Thomas Lynch 2024-11-12 18:41:02 +11:00
• 6643e3f7db default to empty string if nil map lookup in css map Thomas Lynch 2024-10-21 18:14:53 +11:00
• f6e1adf1c5 clear css map Thomas Lynch 2024-10-21 18:11:28 +11:00
• 7e44a236a1 Add the custom css map (for bot-check page so far) Thomas Lynch 2024-10-21 00:07:03 +11:00
• f9a3798edb Escape first %s in string format, no need to template in %s... Thomas Lynch 2024-09-17 21:15:59 +10:00
• 89ff3637d4 Add an optional USE_INTER_FONT to insert inter css tags and extra css for font Separate css out into variable to template into body template with first stage template compile Thomas Lynch 2024-09-17 21:15:04 +10:00
• c2074eec5f Precompute captcha section on startup since its based on (what) an ENV Remove unused captcha_backend_name and captcha backend in config, not needed since haproxy 2.7 Thomas Lynch 2024-09-16 22:27:52 +10:00
• 601a2b3989 Merge branch 'dev-wl' Thomas Lynch 2024-09-16 21:13:21 +10:00
• 45f81f96ae Optimizations, remove a call to string.format, remove an if in else/if for deciding pow and/or captcha check Thomas Lynch 2024-09-16 21:00:20 +10:00
• ab841ef752 Fix the removed return from commenting out updateElem, undoes unnecessary buggy check from previous commit Thomas Lynch 2024-08-18 19:57:20 +10:00
• 90df19cbed Update challenge to skip undefined worker answers Thomas Lynch 2024-08-18 19:51:38 +10:00
• f1d827f3b3 Improve red class, make not fullwidth and left aligned text Thomas Lynch 2024-08-15 23:06:22 +10:00
• 51e5f82d68 Update challenge.min.js Thomas Lynch 2024-08-15 22:57:12 +10:00
• 7ab93e33e7 minify bot check page css Thomas Lynch 2024-08-15 22:56:30 +10:00
• c29a14ffd8 Remove updateelem calls to hide some unnecessary messages in frontend scripts Update spacing of some elements on bot check page Thomas Lynch 2024-08-15 22:50:29 +10:00
• ba62d322a4 Update bot-check page styling Thomas Lynch 2024-08-15 22:45:17 +10:00
• a0ff482b17 Cleanup server registration and fix for Haproxy 3.0 because newline delimited commands are rejected. Now must be separated by semicolon. develop Thomas Lynch 2024-07-11 21:10:03 +10:00
• f7dc984d60 Testing new ACLs for query string Thomas Lynch 2024-07-11 21:09:24 +10:00
• f6ec537cb0 Test another stick table, track req.query Thomas Lynch 2024-07-07 23:03:04 +10:00
• 53a679fc76 add missing global configs for master-worker mode and crt base Thomas Lynch 2024-06-30 22:36:54 +10:00
• 5e60a42383 Bump haproxy to 3.0 in docker build Thomas Lynch 2024-06-11 15:23:33 +10:00
• 2920f11ffa ditto of jschan repo change Thomas Lynch 2024-06-07 16:23:40 +10:00
• 25f702d157 Add ACL so alt-svc header is only sent when geo continent not matching server env Thomas Lynch 2024-01-28 17:43:56 +11:00
• 5a0b3bfabc Browser compatibility improvements. Tweak arguments of translate function, and try/catch navigator.hardwareconcurency Thomas Lynch 2024-01-20 20:32:29 +11:00
• aec1aac1b9 do "www" unconditionally, for now Thomas Lynch 2023-12-15 20:32:38 +11:00
• 33f9e76c4f Set cookie expiry properly instead of lasting forever Thomas Lynch 2023-12-15 00:02:23 +11:00
• 4c473532f6 Set proper expiry date based on ddos config cex or default Thomas Lynch 2023-12-14 23:42:46 +11:00
• 5b709a5819 Update on page challenge to just reload after removing cookies Thomas Lynch 2023-12-14 23:33:23 +11:00
• 7fc5efc82b Fix function name typo Thomas Lynch 2023-12-14 23:28:12 +11:00
• 63b738b9b5 Add another call to clear cookies for domain to fetch error handler Thomas Lynch 2023-12-14 23:25:21 +11:00
• baba0518dd Update minified scripts Thomas Lynch 2023-12-14 23:16:33 +11:00
• b19bd19581 Delete all basedflare cookies for domain when getting "rejected", prevent a bad (or even expired or changed key) cookie from overwriting a valid cookie in the cookie table Thomas Lynch 2023-12-14 23:12:08 +11:00
• 3f1852dd1b Add env var example for maxconn and cache total-max-size Thomas Lynch 2023-10-19 21:34:02 +11:00
• 1dd69fd924 Add geo blocking for country and continent, changes get_ip_var lua script section to use two tables Thomas Lynch 2023-10-15 18:13:52 +11:00
• 2f9823bf51 Adjust lua get_server_names Thomas Lynch 2023-09-18 23:14:32 +10:00
• bf3e2571c1 Run set_lang_json internally on match to blocking map Thomas Lynch 2023-09-10 22:08:57 +10:00
• e36add4ee7 Add asn blocking Thomas Lynch 2023-09-09 21:39:45 +10:00
• 93cac69798 Make blocked and whitelist maps multi tenant Thomas Lynch 2023-09-07 16:47:21 +10:00
• d687e54d17 Test with updated dataplaneapi for map fix and exclusing backends in sync, change to .yml, and empty backends map Thomas Lynch 2023-09-03 01:16:14 +10:00
• 96fef80694 add maps for upcoming vpn and asn handling Thomas Lynch 2023-09-02 22:18:47 +10:00
• 2e2e532ea8 Add some more debug logging to register-servers, found the issue Thomas Lynch 2023-09-02 22:18:04 +10:00
• c28e4d438e Remove unnecessary code in getpath method Thomas Lynch 2023-08-06 19:22:00 +10:00
• a82483224b Fix issue with pplet.qs taking whole query but not parsing the path out of it for the map loopup, caused issues with selecting captcha mode Thomas Lynch 2023-08-06 17:45:52 +10:00
• aee6cf9899 Update minified script Thomas Lynch 2023-07-20 01:14:04 +10:00
• faaf1fb743 Actually fix that Thomas Lynch 2023-07-20 01:11:23 +10:00
• 844cff1baa Don't check for wasm support when using sha256 challenge type Thomas Lynch 2023-07-19 20:55:48 +10:00
• 74ae694669 Update README.md Thomas Lynch 2023-07-17 12:03:06 +00:00
• bdd2213c6b haproxy 2.8 dockerfile, remove testing cert, change ddos map for json testing Thomas Lynch 2023-06-15 22:02:42 +10:00
• eb82a3d391 ne wjson map format for excluding exits Thomas Lynch 2023-06-15 20:52:36 +10:00
• 1df8277ee2 Bugfix to declaration of crawler whitelist map, reduce difficulty for testing Thomas Lynch 2023-06-10 12:51:56 +10:00
• ab5614e702 Revert dockerfile because 2.8 and http/3 still has some issues with lua Thomas Lynch 2023-06-08 00:14:25 +10:00
• b70fd56201 Test with http3 quic and updated dockerfile with haproxy 2.8 Thomas Lynch 2023-06-08 00:00:05 +10:00
• b109e0caf0 Bugfix 400/429 errorfiles Thomas Lynch 2023-06-04 17:05:36 +10:00
• 10c875e689 update config for crawler-whitelist, cleanup a few things in the example Thomas Lynch 2023-06-04 13:04:13 +10:00
• 2ec52e804d update dataplaneapi in Dockerfile for testing Thomas Lynch 2023-06-04 12:52:11 +10:00
• fa4680aaa6 Add translation json_query vars to error pages thanks to @l29utp0 Thomas Lynch 2023-06-04 12:51:34 +10:00
• 22b6b4795e WIP of configurable challenge settings per-domain with a ddos_config map and handling Thomas Lynch 2023-05-21 19:50:38 +10:00
• 14922d7e2f Refactor fetching header for difference between applet and transaction mode. Improve locale_strings map by re json.encode. Add method to put translation jsons into txn var and read with a json_query fetch inside template files not served by a lua view e.g. maintenance page Thomas Lynch 2023-05-21 15:18:32 +10:00
• c93ca7f16c Remove . prefix on cookie domain Thomas Lynch 2023-04-29 23:02:13 +10:00
• 32c5e2dfca Fix using incorrect prompt for noscript sha256 vs argon2 Thomas Lynch 2023-04-29 22:57:34 +10:00
• 35defc8238 update maintenance page to have icon and change title style Thomas Lynch 2023-04-29 19:48:44 +10:00