rejetto forum

reCAPTCHA for hfs?

qnkov · 7 · 3484

0 Members and 1 Guest are viewing this topic.

Offline qnkov

  • Occasional poster
  • *
    • Posts: 3
    • View Profile
Hi guys, i have friend with HFS, but he complains  about alot of bots spamming there. Is there a way to add those auto recaptcha, when you open the page, to be checked? Or something which u need to click so you can view the site? Does it work on HFS servers?


Offline rejetto

  • Administrator
  • Tireless poster
  • *****
    • Posts: 13515
    • View Profile
surely there is a way to do that, but i have no recipe.
i'm not sure if also cloudflare can help you with that.
one thing that can stop a lot of unwanted traffic (and i use it) is to have a domain (even a free dynamic dns service), and then stop requests that are done with just the ip.


Offline qnkov

  • Occasional poster
  • *
    • Posts: 3
    • View Profile

I'm using my ftp via subdomain, like ftp.mydomain.com ... but it can be open by my IP adress to? Can you tell me how can i forbid my ftp to be open by my IP, only by my subdomain? thanks.


Offline LeoNeeson

  • Tireless poster
  • ****
    • Posts: 843
  • Status: On hiatus (sporadically here)
    • View Profile
    • twitter.com/LeoNeeson
I'm using my ftp via subdomain, like ftp.mydomain.com ... but it can be open by my IP adress to? Can you tell me how can i forbid my ftp to be open by my IP, only by my subdomain? thanks.
What FTP server are you using?...
You have to configure this on your FTP server (in case they offer that option). This has nothing to do with HFS. If this were about HFS, I would recommend using Nginx as 'transparent proxy' to intercept connections between clients and the server (to block direct 'IP access', and allow 'Hostname' access). But Nginx doesn't support proxying to FTP servers, so you could try routing your FTP server through STunnel (on Windows), or HAProxy (on Linux). HAProxy can be run on Windows with a special Cygwin build (but all this it's untested by me). Sadly, that's all I can help you (configuration of all this is complex, and you need to know what you are doing, since requires some networking knowledge).
Hope it helps,
Leo.-
HFS in Spanish (HFS en Español) / How to compile HFS (Tutorial)
» Currently taking a break, until HFS v2.4 get his stable version.


Offline qnkov

  • Occasional poster
  • *
    • Posts: 3
    • View Profile
I'm using Latest version: 2.3m, using my own computer as server.


Offline LeoNeeson

  • Tireless poster
  • ****
    • Posts: 843
  • Status: On hiatus (sporadically here)
    • View Profile
    • twitter.com/LeoNeeson
I'm using Latest version: 2.3m, using my own computer as server.
You could try this...
Press ALT+F6 inside HFS, and then paste any of this:
(choose only one of the following options, testing one by one)

Option #1
Quote
[+request]
{.if|{.!=|%host%|test.mydomain.com.}|{:{.disconnect.}:}.}

Option #2
Quote
[+request]
{.if not|{.or|{.pos|test.mydomain.com|{.header|host.}.}.}|{:{.disconnect.}:}.}

Option #3
Quote
[+request]
{.disconnection reason|Forbidden|if={.not|{.pos|test.mydomain.com|{.header|host.}.}/not.}.}

Replace the text marked in red (test.mydomain.com) with the "subdomain.domain.com" you are using with HFS (this is only an example). Better code or corrections are welcome. This event script is untested (please report back if it works or not, and which option worked better).
HFS in Spanish (HFS en Español) / How to compile HFS (Tutorial)
» Currently taking a break, until HFS v2.4 get his stable version.


Offline rejetto

  • Administrator
  • Tireless poster
  • *****
    • Posts: 13515
    • View Profile
cool, Leo!
this is how it is done with HFS 3 instead: you put this line in "server code"

exports.middleware = ctx => ctx.host === 'mydomain.com' || ctx.socket.destroy()

i'm considering to offer this as an option