The algorithm is based on the fact that every browser will accept cookie and load the external CSS that you included in your HTML page so in case of a basic bot it won't simply process the cookie or/and load that external CSS file because it does not process the HTML code.
-
Copy the
example.tomltoconfig.toml. -
Modify the setting
TARGETin theconfig.tomlto the URL where your application is listening to. For example if your application reachable onhttp://127.0.0.1:8080just set127.0.0.1:8080in the setting. -
Modify the setting
JAIL_PATHin theconfig.tomlto an empty directory that you created for the application. -
On your main webserver (nginx, apache, caddy,...) when you will proxy the
antibot-proxyapplication you will also need to pass the IP address of the client to the application (with theX-Real-IPheader). Here is how to do it on:
- Apache:
RemoteIPHeader X-Real-IP- NGINX:
proxy_set_header X-Real-IP $remote_addr;- Caddy:
transparentNote: You may consult the documentation of your webserver for further details about proxying an application.
COOKIE_NAME: The name of the cookie that will be used for checking if the client can handle the cookie.ENDPOINT_NAME: The name of the CSS file that will be used for checking if the client can process the HTML code.JAIL_PATH: The path to the directory where the banned IP will be stored. Optionally to be used with the ipfilter plugin of Caddy.MAX_RETRY: The number of retries allowed for the client before getting banned.PORT: The port of which the proxy application will listen to.TARGET: The URL of the application to proxy/protect.TIMEOUT_LOAD: The time before the program consider that the client failed to reach the CSS file.WHITELIST: The IP that you want to be whitelisted.WHITELIST_PAGES: Pages to whitelist from the blocked page for bots.
You just need to add this block to your Caddyfile:
ipfilter / {
rule block
prefix_dir JAIL_PATH
}and change JAIL_PATH with the value of JAIL_PATH that you have previously defined in the config.toml file.