fatchan
/
haproxy-protection
mirror of https://gitgud.io/fatchan/haproxy-protection.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
HAProxy configuration and lua scripts implementing a challenge-response page where visitors solve a captcha and/or proof-of-work (cpu intensive) task. Intended to stop bots, spam, ddos, etc.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
48 Commits
1 Branch
1 Tag
1.4 MiB
 
 
 
 
Tag: Branch: Tree: 727bca1623
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '727bca1623'
${ noResults }
haproxy-protection/src/libs/utils.lua

28 lines
849 B
Raw Blame History

local _M = {}
local sha = require("sha")
local secret_bucket_duration = tonumber(os.getenv("BUCKET_DURATION"))
function _M.generate_secret(context, salt, is_applet, iterations)
local start_sec = core.now()['sec']
local bucket = start_sec - (start_sec % secret_bucket_duration)
local ip = context.sf:src()
local user_agent = ""
if is_applet == true then
user_agent = context.headers['user-agent'] or {}
user_agent = user_agent[0]
else
--note req_fhdr not req_hdr otherwise commas in useragent become a delimiter
user_agent = context.sf:req_fhdr('user-agent')
end
if iterations == nil then
--hcaptcha secret is just this
return context.sc:xxh32(salt .. bucket .. ip .. user_agent)
else
--POW secret adds the iteration number by the user
return sha.sha1(salt .. bucket .. ip .. user_agent .. iterations)
end
end
return _M