2
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 02 May 2025
2 points (100.0% liked)
Cybersecurity
2 readers
40 users here now
An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!
Rules
Community Rules
- Be kind
- Limit promotional activities
- Non-cybersecurity posts should be redirected to other communities within infosec.pub.
founded 2 years ago
MODERATORS
We need mod_Anubis directly added to Nginx or Apache with configuration options like allowing or blocking specific URLs, IPs, CIDRs, or even data center ranges like AWS. additionally, customization for traps and stuff like that. Freeloader AI companies abuse open-source projects, small businesses, blogs, forums, and artists without giving back to communities or individuals. They are making billions while people are left with server bandwidth bills.
@nixCraft@mastodon.social I'd love this. My apache/fail2ban config is just chasing its tail since the IP addresses keep moving. I block every IP I find and get new ones the next day.
@nixCraft@mastodon.social the JWT should be validated in the reverse proxy. Anubis would be a perfect authorization endpoint to point to when required. But I think the logic should be present in more server side frameworks. PHP for the masses, container image for classic anubis and embeddable libraries for rust or java services…
@nixCraft@mastodon.social I wonder if @CrowdSec@infosec.exchange would be helpful in this case.
@nixCraft@mastodon.social There exists https://github.com/simon987/ngx_http_js_challenge_module, a mod for Nginx that works similar to Anubis.
@nixCraft@mastodon.social I would love to see an haproxy module