Session Cookie implementation

QuiteAFancyEmerald / Holy-Unblocker

Holy Unblocker LTS is a web proxy service that helps you access websites that may be blocked by your network or policy extensions all within your browser with no download or setup. It does this securely and with additional privacy features. This repository is for Holy Unblocker LTS; specifically for the v6.x.x versions. (Star if you fork it!!)⚡

https://holyunblocker.org

GNU Affero General Public License v3.0

450 stars 2.71k forks source link

Session Cookie implementation #152

Closed wapfalls closed 3 years ago

wapfalls commented 3 years ago

How do I add a bot protection like below that works with the subdomains like (cdn.holyubofficial.net)

I understand that it works based on session cookie, can you please help me with an example to implement this.

Thanks.

easella commented 3 years ago

here is an example in php: https://replit.com/@awdrgyjil1234/HardtofindUtterQuotes#index.php

QuiteAFancyEmerald commented 3 years ago

@wapfalls What web server are you using? Huge sorry for the delay

wapfalls commented 3 years ago

@wapfalls What web server are you using? Huge sorry for the delay

Am using Nginx

QuiteAFancyEmerald commented 3 years ago

Perfect :D

You can either use a map directive or merely add this under a location block.

location / {
      ...

      # Cookie Authentication
      if ($http_cookie !~* '__cor_auth=1') {
          return 401;
      }
  }

Lastly if you wish to go further you may also ratelimit any malicious or unwanted user agents using this: https://stackoverflow.com/questions/19337662/blocking-all-bots-except-a-few-with-nginx/24820722#24820722

Credits to Divide and Duce for this.

vackyton commented 3 years ago

why is dis still open?

wapfalls commented 3 years ago

@QuiteAFancyEmerald Thank you so much for the response. I will give it a try! :)