Thomas Lynch
9478892614
Allow proper ssl verification for backends (With a privately managed CA of course)
1 year ago
Thomas Lynch
521e4ab335
not bold h3, hide generic favicon, white bg instead off offwhite
1 year ago
Thomas Lynch
5b98b5b15c
simple redirect map
1 year ago
Thomas Lynch
4c97df8fb1
test ssl verify none to backends
1 year ago
Thomas Lynch
174e1a8234
Center errors because they dont have the same body layout as maintenance/bot-check
1 year ago
Thomas Lynch
ed75048f73
finally make the errors reusable and templated
1 year ago
Thomas Lynch
8dc0aef924
Merge branch 'master' into kikeflare
1 year ago
Thomas Lynch
3cc7482084
Fully convert to data plane api
...
Change global ACL to a map to realtime update with data plane api
Change how on setartup servers are registered in lua
1 year ago
Thomas Lynch
ee25821dfe
Merge branch 'master' into kikeflare
1 year ago
Thomas Lynch
9f95f1c9ac
update maintenance template style
1 year ago
Thomas Lynch
4aad3a5e8e
Merge branch 'master' into kikeflare
1 year ago
Thomas Lynch
5e9ac793f0
update images, make animated
...
update email in license, duh
1 year ago
Thomas Lynch
80e966b6d4
Revert to 3 dots loader and adjust page style slightly
1 year ago
Thomas Lynch
87f66479d8
- Change to using domain instead of resolving, because cloudflare blocked this even with the host header, and haproxy 2.7 appears to no longer need this 'hack'
...
- Fix issue with matched_expiry being 0 and breaking captcha cookie
- Spacing
1 year ago
Thomas Lynch
5a15eddc4a
rename
1 year ago
Thomas Lynch
52ddc455c9
Merge branch 'next' into 'master'
...
'next' into master
Closes #21 , #18 , and #20
See merge request fatchan/haproxy-protection!3
1 year ago
Thomas Lynch
875e9e5edd
Add back dataplaneapi in anticipation of using it to control haproxy rather than haproxy-sdk runtime socket
1 year ago
Thomas Lynch
8e673aaf3f
Merge branch 'next' into kikeflare
1 year ago
Thomas Lynch
4e3beaf66d
use 2 threads at least
1 year ago
Thomas Lynch
d1adb677ba
fix footerlogo path
1 year ago
Thomas Lynch
0b648a3ce3
maintenance page fix
1 year ago
Thomas Lynch
12ff24e2d5
Merge branch 'next' into kikeflare
1 year ago
Thomas Lynch
608a7bc9ef
Update README & LICENSE, definitely belong here now :^)
1 year ago
Thomas Lynch
f231b86544
Ability to choose between sha256 or argon2 with env var close #21
1 year ago
Thomas Lynch
2089d790a2
update INSTALLATION.md
1 year ago
Thomas Lynch
eb92f6c31b
Add back dummy time, shorter (3000ms)
1 year ago
Thomas Lynch
ef938270d8
update docker-compose with correct argon2 envs
1 year ago
Thomas Lynch
9531049aa9
Update haproxy config, scripts & docker-compose to use simpler mroe organised files layout
...
Make cookies sent from captcha/pow response be httponly
1 year ago
Thomas Lynch
9f4c8e8fbb
increase the throttle from 100 -> 1 back to 10 to prevent crashing
1 year ago
Thomas Lynch
1612e342ee
rename BUCKET_DURATION since its now an expiry time
1 year ago
Thomas Lynch
6e5cf2af31
Make cookie expiry based on issued expiry date from challenge date instead of all expiring on bucket.
...
Fixes potential issue of challenges being incorrect if solved right on the bucket change
Allows to solve a challenge at any time (even in the background) and not see the challenge page twice in a small period
Allows for backend to make dynamic expiry of tokens e.g make tor tokens or based on IP reputation not last as long (not implemented atm)
Close #20
1 year ago
Thomas Lynch
a303689641
Close #18 make answers and redirect calls shared between tabs with localstorage to not solve and submit answer multiple times when opening multiple tabs/bookmarks, etc
1 year ago
Thomas Lynch
08a966c121
Reorganise, move code to not be split between haproxy and src folder
1 year ago
Thomas Lynch
0d56079960
Rename POW vars to separately argon_ for argon2 stuff, improve readme and split out INSTALLATION into separate file
1 year ago
Thomas Lynch
4637df4745
add missing basedflare paths to worker and challenge includes
1 year ago
Thomas Lynch
16767e0a97
Add updated maintenance.html with template vars for lf-file
1 year ago
Thomas Lynch
45bc67fae4
Move everything under paths like /.basedflare/ instead of putting stuff in paths where it might conflict
...
Move templates to own file instead of in main lua script
Rename some stuff from "hcatpcha" to more correct "captcha" and "bot-check" because we no longer only have hcaptcha
Clean some code and add a few comments
1 year ago
Thomas Lynch
43297c931a
Merge branch 'master' into kikeflare
1 year ago
Thomas Lynch
1c6504e83e
use lua-load-per-thread as per https://cbonte.github.io/haproxy-dconv/2.6/configuration.html\#3.1-lua-load because we don't have any cross request/thread global vars to worry about
1 year ago
Thomas Lynch
b593be8627
Add some reasonable limits to cookie parsing, reduce impact of possible attack
1 year ago
Thomas Lynch
9f290e97f2
Merge branch 'master' into kikeflare
2 years ago
Thomas Lynch
9c17d5b8fc
update url lib, change default settings
2 years ago
Thomas Lynch
434586c657
Merge branch 'master' into kikeflare
2 years ago
Thomas Lynch
d61f320ba9
Dont show negative seconds
2 years ago
Thomas Lynch
c61dd4caa2
No need to div/multiply
2 years ago
Thomas Lynch
fb69c46574
Floor remaining time, remove .
2 years ago
Thomas Lynch
4dd6eec87e
Show pow speed, and estimate remaining time
2 years ago
Thomas Lynch
f285934bf1
Remove unused sha script
2 years ago
Thomas Lynch
33a1aa02a9
Merge branch 'master' into kikeflare
2 years ago
Thomas Lynch
64e26f65b5
- Add ability to communicate with Tor control port and close circuits. Can be called from lua or as a http-request lua... call to do it based off an ACL. close #16
...
- Make POW checked before captcha in POST handler, since they both must be submittedin captcha mode, we don't want to send POST to /siteverify if they didnt even solve the POW
Other:
- Change (improve) split util to leave empty table entries for repeated delimiters
- Minor frontend script bugfix so error messages display properly in captcha mode
- Wrap submit button of noscript pow form to next line
2 years ago