diff options
| author | lolcat <will@lolcat.ca> | 2024-08-09 10:06:08 -0400 |
|---|---|---|
| committer | lolcat <will@lolcat.ca> | 2024-08-09 10:06:08 -0400 |
| commit | 883a650f846af7ac60d358d772aa22cbf89fd807 (patch) | |
| tree | 3e6e1f78c01860a0a2a6dd7883d494aa1d7f8d44 /lib/frontend.php | |
| parent | fbac3eeb8dedb961f55983f02d3c3a84ab0e7327 (diff) | |
implement SSL check for botretards
Diffstat (limited to 'lib/frontend.php')
| -rw-r--r-- | lib/frontend.php | 22 |
1 files changed, 19 insertions, 3 deletions
diff --git a/lib/frontend.php b/lib/frontend.php index ef55f4d..71ed6d7 100644 --- a/lib/frontend.php +++ b/lib/frontend.php @@ -89,6 +89,7 @@ class frontend{ $user_agent = ""; $bad_header = false; + // block bots that present X-Forwarded-For, Via, etc foreach($headers_raw as $headerkey => $headervalue){ $headerkey = strtolower($headerkey); @@ -106,12 +107,27 @@ class frontend{ } } + // SSL check + $bad_ssl = false; if( + isset($_SERVER["https"]) && + $_SERVER["https"] == "on" && + isset($_SERVER["SSL_CIPHER"]) && + in_array($_SERVER["SSL_CIPHER"], config::FILTERED_HEADER_KEYS) + ){ + + $bad_ssl = true; + } + + if( + $bad_header === true || + $bad_ssl === true || + $user_agent == "" || + // user agent check preg_match( config::HEADER_REGEX, $user_agent - ) || - $bad_header === true + ) ){ // bot detected !! @@ -1306,7 +1322,7 @@ class frontend{ return htmlspecialchars($image); } - return "/proxy?i=" . urlencode($image) . "&s=" . $format; + return "https://4get.ca/proxy?i=" . urlencode($image) . "&s=" . $format; } public function htmlnextpage($gets, $npt, $page){ |