{"id":18004030,"url":"https://github.com/simon987/ngx_http_js_challenge_module","last_synced_at":"2025-03-26T10:31:03.536Z","repository":{"id":40598824,"uuid":"244179087","full_name":"simon987/ngx_http_js_challenge_module","owner":"simon987","description":"Simple javascript proof-of-work based access for Nginx with virtually no overhead. (Similar to Cloudflare's anti-DDoS feature)","archived":false,"fork":false,"pushed_at":"2023-03-17T12:53:45.000Z","size":182,"stargazers_count":51,"open_issues_count":8,"forks_count":22,"subscribers_count":6,"default_branch":"master","last_synced_at":"2023-09-08T02:56:13.602Z","etag":null,"topics":["anti-ddos","nginx","proof-of-work"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/simon987.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-03-01T16:01:14.000Z","updated_at":"2023-07-16T11:10:27.000Z","dependencies_parsed_at":"2023-01-22T22:00:45.740Z","dependency_job_id":null,"html_url":"https://github.com/simon987/ngx_http_js_challenge_module","commit_stats":null,"previous_names":[],"tags_count":0,"template":null,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simon987%2Fngx_http_js_challenge_module","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simon987%2Fngx_http_js_challenge_module/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simon987%2Fngx_http_js_challenge_module/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simon987%2Fngx_http_js_challenge_module/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/simon987","download_url":"https://codeload.github.com/simon987/ngx_http_js_challenge_module/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":222137914,"owners_count":16937415,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["anti-ddos","nginx","proof-of-work"],"created_at":"2024-10-30T00:13:13.539Z","updated_at":"2024-10-30T00:13:14.172Z","avatar_url":"https://github.com/simon987.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n## ngx_http_js_challenge_module\n\n![GitHub](https://img.shields.io/github/license/simon987/ngx_http_js_challenge_module.svg)\n[![CodeFactor](https://www.codefactor.io/repository/github/simon987/ngx_http_js_challenge_module/badge)](https://www.codefactor.io/repository/github/simon987/ngx_http_js_challenge_module)\n\n\n[Demo website](https://ngx-js-demo.simon987.net/)\n\nSimple javascript proof-of-work based access for Nginx with virtually no overhead.\n\nEasy installation: just add `load_module /path/to/ngx_http_js_challenge_module.so;` to your\n`nginx.conf` file and follow the [configuration instructions](#configuration).\n\n\u003cp align=\"center\"\u003e\n  \u003cimg width=\"600px\" src=\"throughput.png\"/\u003e\n\u003c/p\u003e\n\n### Configuration\n\n**Simple configuration**\n```nginx\nserver {\n    js_challenge on;\n    js_challenge_secret \"change me!\";\n\n    # ...\n}\n```\n\n\n**Advanced configuration**\n```nginx\nserver {\n    js_challenge on;\n    js_challenge_secret \"change me!\";\n    js_challenge_html /path/to/body.html;\n    js_challenge_bucket_duration 3600;\n    js_challenge_title \"Verifying your browser...\";\n\n    location /static {\n        js_challenge off;\n        alias /static_files/;\n    }\n\n    location /sensitive {\n        js_challenge_bucket_duration 600;\n        #...\n    }\n\n    #...\n}\n```\n\n* `js_challenge on|off` Toggle javascript challenges for this config block\n* `js_challenge_secret \"secret\"` Secret for generating the challenges. DEFAULT: \"changeme\"\n* `js_challenge_html \"/path/to/file.html\"` Path to html file to be inserted in the `\u003cbody\u003e` tag of the interstitial page\n* `js_challenge_title \"title\"` Will be inserted in the `\u003ctitle\u003e` tag of the interstitial page. DEFAULT: \"Verifying your browser...\"\n* `js_challenge_bucket_duration time` Interval to prompt js challenge, in seconds. DEFAULT: 3600\n\n### Installation\n\n1. Add `load_module ngx_http_js_challenge_module.so;` to `/etc/nginx/nginx.conf`\n1. Reload `nginx -s reload`\n\n### Build from source\n\nThese steps have to be performed on machine with compatible configuration (same nginx, glibc, openssl version etc.)\n\n1. Install dependencies\n    ```bash\n    apt install libperl-dev libgeoip-dev libgd-dev libxslt1-dev libpcre3-dev\n    ```\n2. Download nginx tarball corresponding to your current version (Check with `nginx -v`)\n    ```bash\n   wget https://nginx.org/download/nginx-1.16.1.tar.gz\n   tar -xzf nginx-1.16.1.tar.gz\n   export NGINX_PATH=$(pwd)/nginx-1.16.1/\n    ```\n3. Compile the module\n    ```bash\n    git clone https://github.com/simon987/ngx_http_js_challenge_module\n    cd ngx_http_js_challenge_module\n    ./build.sh\n    ```\n4. The dynamic module can be found at `${NGINX_PATH}/objs/ngx_http_js_challenge_module.so`\n\n\n\n### Known limitations / TODO\n\n* Users with cookies disabled will be stuck in an infinite refresh loop (TODO: redirect with a known query param, if no cookie is specified but the query arg is set, display an error page)\n* If nginx is behind a reverse proxy/load balancer, the same challenge will be sent to different users and/or the response cookie will be invalidated when the user is re-routed to another server. (TODO: use the x-real-ip header when available) \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimon987%2Fngx_http_js_challenge_module","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsimon987%2Fngx_http_js_challenge_module","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimon987%2Fngx_http_js_challenge_module/lists"}