Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cmd/anubis: Give admin-configured failures an "error code" to give to the admins so that genuine users can figure out what went wrong #695

Closed
Xe opened this issue Mar 17, 2025 · 1 comment · Fixed by #696
Closed

cmd/anubis: Give admin-configured failures an "error code" to give to the admins so that genuine users can figure out what went wrong #695

Xe opened this issue Mar 17, 2025 · 1 comment · Fixed by #696

Comments

@Xe
Copy link
Owner

Xe commented Mar 17, 2025

Ref gitlab.gnome.org/Infrastructure/Infrastructure/-/issues/1921

Maybe this can be implemented by filtering for explicit deny rules and printing a sha256sum of the rule name/regex on application launch so admins can look at the logs and figure out why legit user traffic is failing. It needs to be a hash in order to avoid leaking info to bad actors.
@Xe
Copy link
Owner Author

Xe commented Mar 17, 2025

Image

Hacked this up before bed, when Anubis starts up it dumps things to stdout like this:

Rule error IDs:
* amazonbot: 43d21d695d7e7ddf00a97868e9b04ab88f9c6013915531a76081d4f7422a7b96
* us-artificial-intelligence-scraper: 45f2f04635a931264788bb18e68dc50cb9e5e4e3f8ce720c94d5b94c7c2e78d0
* lightpanda: d8a40eef3b9431679ef3463c67aad15edfc974f502772b9d156de3b9363392a5
* headless-chrome: bacf8917032e5a7dfd6df88403e7faaff0c6095a40cca4c422c8489b9332811e
* headless-chromium: 408358af6afdc916ebadd8ba75db5278e4905193b530062660786a10c1b97024

Hopefully this should be enough to figure it out.

Xe added a commit that referenced this issue Mar 17, 2025
@Xe
cmd/anubis: add rule hashes for admin-configured denials
879a035 
Closes #695

Signed-off-by: Xe Iaso <[email protected]>
@Xe Xe mentioned this issue Mar 17, 2025
Merged
@Xe Xe closed this as completed in #696 Mar 17, 2025
@Xe Xe closed this as completed in 2859f03 Mar 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

cmd/anubis: add rule hashes for admin-configured denials Xe/x
1 participant
@Xe