mirror of
https://github.com/TecharoHQ/anubis.git
synced 2026-04-24 00:56:39 +00:00
fix(honeypot): remove DoS vector
Using the User-Agent as a filtering vector for the honeypot maze was a decent idea, however in practice it can become a DoS vector by a malicious client adding a lot of points to Google Chrome's User-Agent string. In practice it also seems that the worst offenders use vanilla Google Chrome User-Agent strings as well, meaning that this backfires horribly. Gotta crack a few eggs to make omlettes. Closes: #1580 Signed-off-by: Xe Iaso <me@xeiaso.net>
This commit is contained in:
Xe Iaso
@@ -190,14 +190,6 @@ func New(opts Options) (*Server, error) {
|
||||
},
|
||||
Name: "honeypot/network",
|
||||
},
|
||||
policy.Bot{
|
||||
Rules: mazeGen.CheckUA(),
|
||||
Action: config.RuleWeigh,
|
||||
Weight: &config.Weight{
|
||||
Adjust: 30,
|
||||
},
|
||||
Name: "honeypot/user-agent",
|
||||
},
|
||||
)
|
||||
} else {
|
||||
result.logger.Error("can't init honeypot subsystem", "err", err)
|
||||
|
||||
Reference in New Issue
Block a user