added logging to fail2ban server

559e3273 · Dominik Hebeler · 2ba80f66 · 559e3273 · 559e3273 · 559e3273
Commit 559e3273 authored Dec 22, 2020 by Dominik Hebeler
--- a/app/Http/Controllers/HumanVerification.php
+++ b/app/Http/Controllers/HumanVerification.php
@@ -90,6 +90,30 @@ class HumanVerification extends Controller

    }

+    public static function logCaptcha(Request $request){
+        $fail2banEnabled = config("metager.metager.fail2ban_enabled");
+        if(empty($fail2banEnabled) || !$fail2banEnabled || !env("fail2banurl", false) || !env("fail2banuser") || !env("fail2banpassword")){
+            return;
+        }
+
+        // Submit fetch job to worker
+        $mission = [
+                "resulthash" => "captcha",
+                "url" => env("fail2banurl") . "/captcha/",
+                "useragent" => "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:81.0) Gecko/20100101 Firefox/81.0",
+                "username" => env("fail2banuser"),
+                "password" => env("fail2banpassword"),
+                "headers" => [
+                    "ip" => $request->ip()
+                ],
+                "cacheDuration" => 0,
+                "name" => "Captcha",
+            ];
+        $mission = json_encode($mission);
+        Redis::rpush(\App\MetaGer::FETCHQUEUE_KEY, $mission);
+
+    }
+
    public static function remove(Request $request)
    {
        if (!$request->has('mm')) {

--- a/app/Http/Middleware/HumanVerification.php
+++ b/app/Http/Middleware/HumanVerification.php
@@ -46,7 +46,7 @@ class HumanVerification
             * If someone that uses a bot finds this out we
             * might have to change it at some point.
             */
-            if ($request->filled('appversion') || !env('BOT_PROTECTION', false) || app('App\Models\Key')->getStatus()) {
+            if (!env('BOT_PROTECTION', false) || app('App\Models\Key')->getStatus()) {
                $update = false;
                return $next($request);
            }
@@ -103,6 +103,7 @@ class HumanVerification

            # If the user is locked we will force a Captcha validation
            if ($user["locked"]) {
+                \App\Http\Controllers\HumanVerification::logCaptcha($request);
                return redirect()->route('captcha', ["id" => $id, "uid" => $uid, "url" => url()->full()]);
            }


--- a/config/metager/metager.php
+++ b/config/metager/metager.php
 <?php

 return [
-    "browserverification_enabled" => true,
+    "browserverification_enabled" => false,
    "browserverification_whitelist" => [
        "w3m\/",
    ],
+    "fail2ban_enabled" => true,
 ];