82668768d0
🔒 Implement comprehensive security and DDoS protection
...
### Security Features:
- **Rate Limiting**: Redis-based IP tracking with configurable limits
- General: 100 requests/minute (5min block)
- Upload: 10 requests/5min (10min block)
- Auth: 20 requests/15min (30min block)
- **Request Validation**: Path length, header count, suspicious patterns
- **Attack Detection**: Admin paths, script injections, bot patterns
- **Enhanced JWT**: Format validation, length checks, character filtering
- **IP Tracking**: X-Forwarded-For and X-Real-IP support
### Security Headers:
- X-Content-Type-Options: nosniff
- X-Frame-Options: DENY
- X-XSS-Protection: 1; mode=block
- Content-Security-Policy with strict rules
- Strict-Transport-Security with includeSubDomains
### CORS Hardening:
- Limited to specific domains: discours.io, new.discours.io
- Restricted methods: GET, POST, OPTIONS only
- Essential headers only
### Infrastructure:
- Security middleware for all requests
- Local cache + Redis for performance
- Comprehensive logging and monitoring
- Progressive blocking for repeat offenders
### Documentation:
- Complete security guide (docs/security.md)
- Configuration examples
- Incident response procedures
- Monitoring recommendations
Version bump to 0.6.0 for major security enhancement.
2025-09-02 11:40:43 +03:00
d3bee5144f
🧹 Remove unused legacy modules and functions
...
- Deleted quota.rs module (quota management not needed via HTTP)
- Removed legacy get_id_by_token GraphQL function
- Removed unused set_user_quota and increase_user_quota methods
- Cleaned up unused imports and legacy structs
- Simplified handlers/mod.rs to only expose universal_handler
Architecture now focused on core functionality:
- GET / (user info)
- GET /<filename> (file serving)
- POST / (file upload)
2025-09-02 11:27:48 +03:00
6c03863a86
🔒 Fix Let's Encrypt ACME challenge for SSL certificates
...
- Add .well-known/ path exclusion in proxy_handler
- Prevent quoter from intercepting ACME challenge requests
- Fix CI/CD build without sudo access
- Add comprehensive SSL troubleshooting documentation
Resolves: SSL certificate generation failure for files.dscrs.site
2025-09-02 11:09:52 +03:00
8483938220
build-reconfig3
CI / test (push) Failing after 21m52s
Deploy / deploy (push) Has been skipped
CI / lint (push) Successful in 22s
2025-09-02 11:04:27 +03:00
7497b8c426
build-reconfig2
Deploy / deploy (push) Has been skipped
CI / test (push) Failing after 20s
CI / lint (push) Successful in 7m1s
2025-09-02 10:46:51 +03:00
5329752735
ci-refresh
Deploy / deploy (push) Has been skipped
CI / lint (push) Successful in 6m37s
CI / test (push) Failing after 13m16s
2025-09-02 09:13:08 +03:00
b1270c5cb6
build-reconfig
Deploy / deploy (push) Has been skipped
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
2025-09-02 09:09:34 +03:00
1aace5fd19
clipped2
Deploy / deploy (push) Has been skipped
CI / lint (push) Successful in 7m32s
CI / test (push) Failing after 13m4s
2025-09-01 23:33:27 +03:00
eaa99108a9
clipped
Deploy / deploy (push) Has been skipped
CI / lint (push) Failing after 7m29s
CI / test (push) Failing after 12m41s
2025-09-01 23:08:38 +03:00
112f102bb5
fmt
Deploy / deploy (push) Has been skipped
CI / lint (push) Failing after 7m37s
CI / test (push) Has been cancelled
2025-09-01 22:58:03 +03:00
d6b286f478
0.5.1
Deploy / deploy (push) Has been skipped
CI / lint (push) Failing after 7s
CI / test (push) Has been cancelled
2025-09-01 22:52:33 +03:00
6c3262edbe
simpler-auth+no-overlay
Deploy / deploy (push) Has been skipped
CI / lint (push) Failing after 8s
CI / test (push) Failing after 3m57s
2025-09-01 20:36:15 +03:00
a44bf3302b
test-fix
Deploy / deploy (push) Has been skipped
CI / test (push) Successful in 6m50s
CI / lint (push) Failing after 1m5s
2025-08-12 15:59:51 +03:00
4a174bd2cb
0.3.0-less-expect
Deploy / deploy (push) Has been skipped
CI / test (push) Failing after 1m23s
CI / lint (push) Failing after 55s
2025-08-12 14:48:59 +03:00
31053db4a2
clippy-fixes
Deploy / deploy (push) Has been skipped
CI / lint (push) Failing after 1m53s
CI / test (push) Failing after 1m58s
2025-08-12 14:13:35 +03:00
a4c2825f8a
coverage-fmt-fix
Deploy / deploy (push) Has been skipped
CI / test (push) Failing after 9m39s
CI / lint (push) Failing after 1m54s
2025-08-12 13:52:05 +03:00
44323d2d9c
ci
CI / lint (push) Failing after 1m5s
Deploy / deploy (push) Has been skipped
CI / test (push) Successful in 9m11s
2025-08-02 00:39:05 +03:00
ea92a376ed
docs
CI / test (push) Failing after 4m0s
CI / lint (push) Failing after 4s
CI / deploy (push) Has been skipped
2025-08-02 00:18:09 +03:00
adda2b30f9
less-config
deploy / deploy (push) Successful in 38s
2025-06-03 00:35:32 +03:00
6b6128a614
nginx-improved
deploy / deploy (push) Successful in 37s
2025-06-03 00:34:12 +03:00
520eb0ab4e
lognginx-fix
deploy / deploy (push) Failing after 32s
2025-06-03 00:28:52 +03:00
30000a4803
0.1.1-cors-internal
deploy / deploy (push) Failing after 33s
2025-06-02 22:20:37 +03:00
0982dff45b
heic-bypass
deploy / deploy (push) Failing after 5s
2024-11-13 12:03:32 +03:00
d0e70a7783
certrs
deploy / deploy (push) Failing after 5s
2024-11-13 11:42:39 +03:00
b471c66209
noheic-convertion
deploy / deploy (push) Failing after 5s
2024-11-13 11:32:50 +03:00
566379042d
heic-sys3
2024-11-13 11:26:30 +03:00
acbe5be8aa
heic-sys2
2024-11-13 11:18:59 +03:00
bc14d86018
heic-sys
deploy / deploy (push) Failing after 6s
2024-11-13 11:14:53 +03:00
fb1541f8e3
heic-clang-debian-pkg-config
deploy / deploy (push) Failing after 3m9s
2024-11-13 10:46:44 +03:00
3906695fcc
heic-clang-debian4
2024-11-13 10:41:13 +03:00
c069ea0456
heic-clang-debian3
2024-11-13 10:38:50 +03:00
558bcfc69b
heic-clang-debian2
2024-11-13 10:32:40 +03:00
ab98010224
heic-clang-debian
deploy / deploy (push) Failing after 5s
2024-11-13 10:31:24 +03:00
012678a8a7
heic-clang
deploy / deploy (push) Failing after 5s
2024-11-13 10:24:50 +03:00
955033561f
heic2
2024-11-13 09:31:26 +03:00
72c8250818
heic
deploy / deploy (push) Failing after 5s
2024-11-13 09:24:10 +03:00
455d66cfb2
alpine5
2024-11-13 09:20:56 +03:00
f26220f587
alpine4
2024-11-13 09:20:15 +03:00
1c1576106f
alpine3
2024-11-13 09:18:41 +03:00
7ea15a78de
alpine2
2024-11-13 09:16:22 +03:00
cab36bea24
alpine
2024-11-13 09:14:28 +03:00
344c24730c
slim-buster5
2024-11-13 09:13:01 +03:00
ed9313ff9f
slim-buster4
2024-11-13 09:11:17 +03:00
7f13e55472
slim-buster3
2024-11-13 09:10:53 +03:00
956468b0c8
slim-buster2
2024-11-13 09:08:34 +03:00
2979146b34
slim-buster
deploy / deploy (push) Failing after 5s
2024-11-13 09:05:33 +03:00
b173a52cf4
convert-jpeg
deploy / deploy (push) Failing after 6s
2024-11-13 09:00:11 +03:00
dc543af525
libheif-add
deploy / deploy (push) Failing after 6s
2024-11-13 08:56:18 +03:00
be8c03eb11
quota-rollback+logs
deploy / deploy (push) Failing after 5s
2024-11-12 12:29:19 +03:00
8cba92529e
check-both2
2024-11-12 12:13:15 +03:00
