implement SSL check for botretards

author: lolcat <will@lolcat.ca> 2024-08-09 10:06:08 -0400
committer: lolcat <will@lolcat.ca> 2024-08-09 10:06:08 -0400
commit: 883a650f846af7ac60d358d772aa22cbf89fd807 (patch)
tree: 3e6e1f78c01860a0a2a6dd7883d494aa1d7f8d44 /data/config.php
parent: fbac3eeb8dedb961f55983f02d3c3a84ab0e7327 (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/data/config.php b/data/config.php
index cba8b66..0d44c19 100644
--- a/data/config.php
+++ b/data/config.php
@@ -63,6 +63,14 @@ class config{
 		//"via"
 	];
 	
+	// Block SSL ciphers used by CLI tools used for botting
+	// Basically a primitive version of Cloudflare's browser integrity check
+	// ** If curl can still access the site (with spoofed headers), please make sure you use the new apache2 config **
+	// https://git.lolcat.ca/lolcat/4get/docs/apache2.md
+	const DISALLOWED_SSL = [
+		// "TLS_AES_256_GCM_SHA384" // used by WGET and CURL
+	];
+	
 	// Maximal number of searches per captcha key/pass issued. Counter gets
 	// reset on every APCU cache clear (should happen once a day).
 	// Only useful when BOT_PROTECTION is NOT set to 0
@@ -111,7 +119,7 @@ class config{
 	
 	// Default user agent to use for scraper requests. Sometimes ignored to get specific webpages
 	// Changing this might break things.
-	const USER_AGENT = "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0";
+	const USER_AGENT = "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:129.0) Gecko/20100101 Firefox/129.0";
 	
 	// Proxy pool assignments for each scraper
 	// false = Use server's raw IP
author	lolcat <will@lolcat.ca>	2024-08-09 10:06:08 -0400
committer	lolcat <will@lolcat.ca>	2024-08-09 10:06:08 -0400
commit	883a650f846af7ac60d358d772aa22cbf89fd807 (patch)
tree	3e6e1f78c01860a0a2a6dd7883d494aa1d7f8d44 /data/config.php
parent	fbac3eeb8dedb961f55983f02d3c3a84ab0e7327 (diff)