simon987/ngx_http_js_challenge_module
1
0
Fork 0
mirror of https://github.com/simon987/ngx_http_js_challenge_module.git synced 2025-10-24 18:06:52 +00:00
Code Issues Projects Releases Wiki Activity
47 Commits 1 Branch 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
simon987 da6852df41
Merge pull request #25 from bnchdan/master 
fix html page
2023-03-17 08:53:45 -04:00
.gitignore
Embed SHA1
2020-03-28 10:48:11 -04:00
build.sh
Embed SHA1 (for real this time)
2020-05-07 20:15:06 -04:00
config
Update readme & quick cleanup
2020-03-02 09:00:33 -05:00
LICENSE
Configuration options, tweak challenge, update readme
2020-03-02 15:47:34 -05:00
ngx_http_js_challenge.c
set *(conf->html+ret) to '\0';
2023-03-17 08:11:11 +02:00
README.md
Update README.md
2020-05-29 18:56:30 -04:00
throughput.png
Update readme & quick cleanup
2020-03-02 09:00:33 -05:00

README.md

ngx_http_js_challenge_module

GitHub CodeFactor

Demo website

Simple javascript proof-of-work based access for Nginx with virtually no overhead.

Easy installation: just add load_module /path/to/ngx_http_js_challenge_module.so; to your nginx.conf file and follow the configuration instructions.

Configuration

Simple configuration

server {
    js_challenge on;
    js_challenge_secret "change me!";

    # ...
}

Advanced configuration

server {
    js_challenge on;
    js_challenge_secret "change me!";
    js_challenge_html /path/to/body.html;
    js_challenge_bucket_duration 3600;
    js_challenge_title "Verifying your browser...";

    location /static {
        js_challenge off;
        alias /static_files/;
    }

    location /sensitive {
        js_challenge_bucket_duration 600;
        #...
    }

    #...
}
  • js_challenge on|off Toggle javascript challenges for this config block
  • js_challenge_secret "secret" Secret for generating the challenges. DEFAULT: "changeme"
  • js_challenge_html "/path/to/file.html" Path to html file to be inserted in the <body> tag of the interstitial page
  • js_challenge_title "title" Will be inserted in the <title> tag of the interstitial page. DEFAULT: "Verifying your browser..."
  • js_challenge_bucket_duration time Interval to prompt js challenge, in seconds. DEFAULT: 3600

Installation

  1. Add load_module ngx_http_js_challenge_module.so; to /etc/nginx/nginx.conf
  2. Reload nginx -s reload

Build from source

These steps have to be performed on machine with compatible configuration (same nginx, glibc, openssl version etc.)

  1. Install dependencies 
    apt install libperl-dev libgeoip-dev libgd-dev libxslt1-dev libpcre3-dev
  2. Download nginx tarball corresponding to your current version (Check with nginx -v) 
    wget https://nginx.org/download/nginx-1.16.1.tar.gz
tar -xzf nginx-1.16.1.tar.gz
export NGINX_PATH=$(pwd)/nginx-1.16.1/
  3. Compile the module 
    git clone https://github.com/simon987/ngx_http_js_challenge_module
cd ngx_http_js_challenge_module
./build.sh
  4. The dynamic module can be found at ${NGINX_PATH}/objs/ngx_http_js_challenge_module.so

Known limitations / TODO

  • Users with cookies disabled will be stuck in an infinite refresh loop (TODO: redirect with a known query param, if no cookie is specified but the query arg is set, display an error page)
  • If nginx is behind a reverse proxy/load balancer, the same challenge will be sent to different users and/or the response cookie will be invalidated when the user is re-routed to another server. (TODO: use the x-real-ip header when available)
Description
No description provided
anti-ddosnginxproof-of-work
Readme GPL-3.0 401 KiB
Languages
C 98%
Shell 2%