LBRYCommunity/spee.ch
1
0
Fork 0
Code Issues 95 Pull requests 2 Projects Releases 4 Packages Wiki Activity

Temporary anti-spam solution

Browse source
This commit is contained in:
Shawn 2018-10-18 12:05:01 -05:00
parent a8eed2f4a2
commit 001b81b457
2 changed files with 43 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
server/index.js
View file

@ -71,6 +71,15 @@ function Server () {
// trust the proxy to get ip address for us // trust the proxy to get ip address for us
app.enable('trust proxy'); app.enable('trust proxy');
app.use((req, res, next) => {
if(req.get('User-Agent') === 'Mozilla/5.0 (Windows NT 5.1; rv:14.0) Gecko/20120405 Firefox/14.0a1') {
res.status(403).send('<h1>Forbidden</h1>If you are seeing this by mistake, please contact us using <a href="https://chat.lbry.io/">https://chat.lbry.io/</a>');
res.end();
} else {
next();
}
});
// set HTTP headers to protect against well-known web vulnerabilties // set HTTP headers to protect against well-known web vulnerabilties
app.use(helmet()); app.use(helmet());

35
server/routes/api/index.js
View file

@ -21,6 +21,39 @@ const getTorList = require('../../controllers/api/tor');
const getBlockedList = require('../../controllers/api/blocked'); const getBlockedList = require('../../controllers/api/blocked');
const getOEmbedData = require('../../controllers/api/oEmbed'); const getOEmbedData = require('../../controllers/api/oEmbed');
const forbiddenMessage = '<h1>Forbidden</h1>If you are seeing this by mistake, please contact us using <a href="https://chat.lbry.io/">https://chat.lbry.io/</a>';
let ipCounts = {};
let blockedAddresses = [];
const autoblockPublishMiddleware = (req, res, next) => {
let ip = (req.headers['x-forwarded-for'] || req.connection.remoteAddress).split(/,\s?/);
if(blockedAddresses.indexOf(ip) !== -1) {
res.status(403).send(forbiddenMessage);
res.end();
return;
}
let count = ipCounts[ip] = (ipCounts[ip] || 0) + 1;
setTimeout(() => {
ipCounts[ip]--;
if(ipCounts[ip] === 0) {
delete ipCounts[ip];
}
}, 600000 /* 10 minute retainer */)
if(count === 10) {
blockedAddresses.push(ip);
res.status(403).send(forbiddenMessage);
res.end();
} else {
next();
}
}
module.exports = { module.exports = {
// homepage routes // homepage routes
'/api/homepage/data/channels': { controller: [ torCheckMiddleware, channelData ] }, '/api/homepage/data/channels': { controller: [ torCheckMiddleware, channelData ] },
@ -37,7 +70,7 @@ module.exports = {
'/api/claim/get/:name/:claimId': { controller: [ torCheckMiddleware, claimGet ] }, '/api/claim/get/:name/:claimId': { controller: [ torCheckMiddleware, claimGet ] },
'/api/claim/list/:name': { controller: [ torCheckMiddleware, claimList ] }, '/api/claim/list/:name': { controller: [ torCheckMiddleware, claimList ] },
'/api/claim/long-id': { method: 'post', controller: [ torCheckMiddleware, claimLongId ] }, // note: should be a 'get' '/api/claim/long-id': { method: 'post', controller: [ torCheckMiddleware, claimLongId ] }, // note: should be a 'get'
'/api/claim/publish': { method: 'post', controller: [ torCheckMiddleware, multipartMiddleware, claimPublish ] }, '/api/claim/publish': { method: 'post', controller: [ torCheckMiddleware, autoblockPublishMiddleware, multipartMiddleware, claimPublish ] },
'/api/claim/resolve/:name/:claimId': { controller: [ torCheckMiddleware, claimResolve ] }, '/api/claim/resolve/:name/:claimId': { controller: [ torCheckMiddleware, claimResolve ] },
'/api/claim/short-id/:longId/:name': { controller: [ torCheckMiddleware, claimShortId ] }, '/api/claim/short-id/:longId/:name': { controller: [ torCheckMiddleware, claimShortId ] },
// file routes // file routes