From now on, the code will no longer report WAF violations originating from your IP address
This commit is contained in:
Sefinek
parent
0070379c5c
commit
b59265218d
5 changed files with 47 additions and 11 deletions
23
index.js
23
index.js
|
|
@ -1,14 +1,14 @@
|
|||
require('dotenv').config();
|
||||
|
||||
const axios = require('axios');
|
||||
const { axios, moduleVersion } = require('./services/axios.js');
|
||||
const PAYLOAD = require('./scripts/payload.js');
|
||||
const generateComment = require('./scripts/generateComment.js');
|
||||
const isImageRequest = require('./scripts/isImageRequest.js');
|
||||
const headers = require('./scripts/headers.js');
|
||||
const { logToCSV, readReportedIPs, wasImageRequestLogged } = require('./scripts/csv.js');
|
||||
const formatDelay = require('./scripts/formatDelay.js');
|
||||
const clientIp = require('./scripts/clientIp.js');
|
||||
const log = require('./scripts/log.js');
|
||||
const { version } = require('./package.json');
|
||||
|
||||
const MAIN_DELAY = process.env.NODE_ENV === 'production'
|
||||
? 3 * 60 * 60 * 1000
|
||||
|
|
@ -20,13 +20,13 @@ const MAX_URL_LENGTH = 2000;
|
|||
|
||||
const fetchBlockedIPs = async () => {
|
||||
try {
|
||||
const res = await axios.post('https://api.cloudflare.com/client/v4/graphql', PAYLOAD(), { headers: headers.CLOUDFLARE });
|
||||
if (res.data?.data) {
|
||||
const events = res.data.data.viewer.zones[0].firewallEventsAdaptive;
|
||||
const { data, status } = await axios.post('https://api.cloudflare.com/client/v4/graphql', PAYLOAD(), { headers: headers.CLOUDFLARE });
|
||||
const events = data?.data?.viewer?.zones[0]?.firewallEventsAdaptive;
|
||||
if (events) {
|
||||
log('info', `Fetched ${events.length} events from Cloudflare`);
|
||||
return events;
|
||||
} else {
|
||||
log('error', `Failed to retrieve data from Cloudflare. Status: ${res.status}`, res.data?.errors);
|
||||
log('error', `Failed to retrieve data from Cloudflare. Status: ${status}`, data?.errors);
|
||||
return null;
|
||||
}
|
||||
} catch (err) {
|
||||
|
|
@ -54,6 +54,12 @@ const reportIP = async (event, url, country, cycleErrorCounts) => {
|
|||
return false;
|
||||
}
|
||||
|
||||
if (event.clientIP === clientIp.address) {
|
||||
logToCSV(event.rayName, event.clientIP, url, 'Your IP address', country);
|
||||
log('warn', `Your IP address (${event.clientIP}) was unexpectedly received from Cloudflare. URI: ${url}; Ignoring...`);
|
||||
return false;
|
||||
}
|
||||
|
||||
if (url.length > MAX_URL_LENGTH) {
|
||||
logToCSV(event.rayName, event.clientIP, url, 'Failed - URL too long', country);
|
||||
log('log', `URL too long ${event.clientIP}; URI: ${url};`);
|
||||
|
|
@ -94,11 +100,12 @@ const reportIP = async (event, url, country, cycleErrorCounts) => {
|
|||
}
|
||||
}
|
||||
|
||||
log('info', 'Starting IP reporting process...');
|
||||
log('info', 'Starting, please wait...');
|
||||
await clientIp.fetchIPAddress();
|
||||
let cycleId = 1;
|
||||
|
||||
while (true) {
|
||||
log('info', `===================== New Reporting Cycle (v${version}) =====================`);
|
||||
log('info', `===================== New Reporting Cycle (v${moduleVersion}) =====================`);
|
||||
|
||||
const blockedIPEvents = await fetchBlockedIPs();
|
||||
if (!blockedIPEvents) {
|
||||
|
|
|
|||
4
package-lock.json
generated
4
package-lock.json
generated
|
|
@ -1,11 +1,11 @@
|
|||
{
|
||||
"name": "cf-waf-abuseipdb",
|
||||
"name": "cf-waf-to-abuseipdb",
|
||||
"version": "1.0.1",
|
||||
"lockfileVersion": 3,
|
||||
"requires": true,
|
||||
"packages": {
|
||||
"": {
|
||||
"name": "cf-waf-abuseipdb",
|
||||
"name": "cf-waf-to-abuseipdb",
|
||||
"version": "1.0.1",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
{
|
||||
"name": "cf-waf-abuseipdb",
|
||||
"name": "cf-waf-to-abuseipdb",
|
||||
"version": "1.0.1",
|
||||
"description": "A Node.js project that enables automatic reporting of incidents detected by Cloudflare WAF to the AbuseIPDB database.",
|
||||
"keywords": [
|
||||
|
|
|
|||
22
scripts/clientIp.js
Normal file
22
scripts/clientIp.js
Normal file
|
|
@ -0,0 +1,22 @@
|
|||
const { axios } = require('../services/axios.js');
|
||||
const log = require('./log.js');
|
||||
|
||||
let address = null; // Holds the IP address
|
||||
const refreshInterval = 360000; // 6 minutes
|
||||
|
||||
const fetchIPAddress = async () => {
|
||||
try {
|
||||
const { data } = await axios.get('https://api.sefinek.net/api/v2/ip');
|
||||
if (data?.success) {
|
||||
address = data.message;
|
||||
} else {
|
||||
log('error', 'Failed to retrieve your IP');
|
||||
}
|
||||
} catch (err) {
|
||||
log('error', `Error fetching your IP: ${err.message}`);
|
||||
}
|
||||
};
|
||||
|
||||
setInterval(fetchIPAddress, refreshInterval);
|
||||
|
||||
module.exports = { fetchIPAddress, address };
|
||||
7
services/axios.js
Normal file
7
services/axios.js
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
const axios = require('axios');
|
||||
const { version } = require('../package.json');
|
||||
|
||||
axios.defaults.headers.common['User-Agent'] = `Mozilla/5.0 (compatible; CF-WAF-AbuseIPDB/${version}; +https://github.com/sefinek24/Node-Cloudflare-WAF-AbuseIPDB)`;
|
||||
axios.defaults.timeout = 20000;
|
||||
|
||||
module.exports = { axios, moduleVersion: version };
|
||||
Loading…
Add table
Reference in a new issue