https://github.com/ryanccn/heimdallr
A minimal, privacy-friendly reverse proxy that separates humans from bots using PoW challenges
https://github.com/ryanccn/heimdallr
cloudflare cloudflare-workers hono proof-of-work security
Last synced: 3 months ago
JSON representation
A minimal, privacy-friendly reverse proxy that separates humans from bots using PoW challenges
- Host: GitHub
- URL: https://github.com/ryanccn/heimdallr
- Owner: ryanccn
- License: agpl-3.0
- Created: 2025-03-22T08:03:34.000Z (3 months ago)
- Default Branch: main
- Last Pushed: 2025-03-22T09:22:51.000Z (3 months ago)
- Last Synced: 2025-03-22T10:25:19.722Z (3 months ago)
- Topics: cloudflare, cloudflare-workers, hono, proof-of-work, security
- Language: TypeScript
- Homepage:
- Size: 57.6 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Heimdallr
Heimdallr is a modern, minimal, and privacy-friendly reverse proxy that separates the humans from the bots through proof-of-work challenges, running on [Cloudflare Workers](https://workers.cloudflare.com/).
Heimdallr was inspired by [Anubis](https://github.com/TecharoHQ/anubis). Heimdallr has a more minimalistic user interface and is optimized for reduced data storage/transfer and faster attestation verification, while Anubis is a more advanced and configurable solution.
## Configuration
`JWT_SECRET` is a required secret variable that is used for signing the [JSON Web Tokens](https://en.wikipedia.org/wiki/JSON_Web_Token) stored with clients. This should be set to a lengthy, securely generated random string.
Options such as the challenge difficulty, attestation cookie name, and attestation cookie max age can be configured as well by setting variables on the Cloudflare Worker; see `src/env.ts`.
When deployed, Heimdallr should be configured with [routes](https://developers.cloudflare.com/workers/configuration/routing/routes/), so that it can intercept requests from clients to the origin.