JoshS/Cloudflare-WAF-To-AbuseIPDB
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Some fixes

Browse source
This commit is contained in:
Sefinek 2024-09-05 19:33:38 +02:00
parent 44e3d34677
commit f1093fc562
4 changed files with 17 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
.env.default
View file

@ -1,12 +1,13 @@
# production or development
NODE_ENV=
NODE_ENV=production
# Cloudflare
# Cloudflare (https://dash.cloudflare.com/profile/api-tokens)
CLOUDFLARE_EMAIL=
CLOUDFLARE_ZONE_ID=
# https://dash.cloudflare.com/profile/api-tokens
CLOUDFLARE_API_KEY=
# https://www.abuseipdb.com/account/api
# AbuseIPDB (https://www.abuseipdb.com/account/api)
ABUSEIPDB_API_KEY=
# API key for api.sefinek.net. Contact me to get it and contribute to the https://github.com/sefinek24/malicious-ip-addresses list.
SEFINEK_API_SECRET=

9
config.js
View file

@ -17,13 +17,10 @@ const SUCCESS_COOLDOWN_MS = 2 * 1000; // 2s
// This ensures that WAF violations originating from your IP address are not reported to AbuseIPDB.
const IP_REFRESH_INTERVAL = 9 * 60 * 1000; // 9m
// Report IP addresses to api.sefinek.net to support the development of the repository: https://github.com/sefinek24/malicious-ip-addresses.
// Report IP addresses to api.sefinek.net to support the development of the repository: https://github.com/sefinek24/malicious-ip-addresses
const REPORT_TO_SEFINEK_API = true;
// API key for api.sefinek.net. Contact me to get it and contribute to the sefinek24/malicious-ip-addresses list.
const SEFINEK_API_SECRET = 'keyboardcat';
// How often should logs (reported_ips.csv) be analyzed and sent to Sefinek API?
const SEFINEK_API_INTERVAL = process.env.NODE_ENV === 'production' ? 60 * 60 * 1000 : 2 * 1000;
const SEFINEK_API_INTERVAL = process.env.NODE_ENV === 'production' ? 60 * 60 * 1000 : 4 * 1000;
module.exports = { CYCLE_INTERVAL, REPORTED_IP_COOLDOWN_MS, MAX_URL_LENGTH, SUCCESS_COOLDOWN_MS, IP_REFRESH_INTERVAL, REPORT_TO_SEFINEK_API, SEFINEK_API_SECRET, SEFINEK_API_INTERVAL };
module.exports = { CYCLE_INTERVAL, REPORTED_IP_COOLDOWN_MS, MAX_URL_LENGTH, SUCCESS_COOLDOWN_MS, IP_REFRESH_INTERVAL, REPORT_TO_SEFINEK_API, SEFINEK_API_INTERVAL };

2
index.js
View file

@ -1,7 +1,7 @@
require('dotenv').config();
const { axios, moduleVersion } = require('./services/axios.js');
const { CYCLE_INTERVAL, REPORTED_IP_COOLDOWN_MS, MAX_URL_LENGTH, SUCCESS_COOLDOWN_MS, IP_REFRESH_INTERVAL, REPORT_TO_SEFINEK_API, SEFINEK_API_SECRET, SEFINEK_API_INTERVAL } = require('./config.js');
const { CYCLE_INTERVAL, REPORTED_IP_COOLDOWN_MS, MAX_URL_LENGTH, SUCCESS_COOLDOWN_MS, SEFINEK_API_INTERVAL } = require('./config.js');
const PAYLOAD = require('./scripts/payload.js');
const generateComment = require('./scripts/generateComment.js');
const SefinekAPI = require('./scripts/sefinekAPI.js');

7
scripts/sefinekAPI.js
View file

@ -9,14 +9,13 @@ module.exports = async () => {
if (reportedIPs.length === 0) return log('info', 'No IPs with action "Reported" and SefinekAPI false to send to Sefinek API');
const uniqueLogs = reportedIPs.reduce((acc, ip) => {
if (!acc.seen.has(ip.ip)) {
if (acc.seen.has(ip.ip)) return acc;
acc.seen.add(ip.ip);
acc.logs.push(ip);
}
return acc;
}, { seen: new Set(), logs: [] }).logs;
if (uniqueLogs.length === 0) return log('info', 'No unique IPs to send to Sefinek API');
if (!uniqueLogs?.length) return log('info', 'No unique IPs to send to Sefinek API');
try {
const res = await axios.post(SEFINEK_API_URL, {
@ -28,6 +27,8 @@ module.exports = async () => {
action: ip.action,
country: ip.country
}))
}, {
headers: { 'Authorization': process.env.SEFINEK_API_SECRET }
});
log('info', `Successfully sent ${res.data.count} logs to Sefinek API. Status: ${res.status}`);