Last active
August 29, 2015 14:24
-
-
Save sfan5/e6924e581f98c62a809d to your computer and use it in GitHub Desktop.
Use CloudFlare ddos-protected sites from other programs (by going through nginx)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
What you need: | |
* nginx | |
* dependencies to build CutyCapt (http://cutycapt.sourceforge.net/) | |
Steps: | |
* build CutyCapt with CutyCapt.patch applied and copy the executable somewhere | |
* install nginx and edit the config as outlined in nginx.conf | |
* change the paths to nginx, the nginx config and the patched cutycapt in renewcf.sh | |
* start nginx | |
* ensure that renewcf.sh runs every 55 minutes | |
* http://yourdomain.com/some_path/ now points to https://cf-ddos-protected-site.example.com/ | |
* e.g. http://yourdomain.com/some_path/blog/2015/07/14/foobar -> https://cf-ddos-protected-site.example.com/blog/2015/07/14/foobar |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff -u -r CutyCapt.orig/CutyCapt.cpp CutyCapt/CutyCapt.cpp | |
--- CutyCapt.orig/CutyCapt.cpp 2015-07-09 19:40:34.311891000 +0200 | |
+++ CutyCapt/CutyCapt.cpp 2015-07-09 21:35:36.077458663 +0200 | |
@@ -27,15 +27,12 @@ | |
#include <QtWebKit> | |
#include <QtGui> | |
#include <QSvgGenerator> | |
- | |
-#if QT_VERSION < 0x050000 | |
#include <QPrinter> | |
-#endif | |
- | |
#include <QTimer> | |
#include <QByteArray> | |
#include <QNetworkRequest> | |
#include <QNetworkProxy> | |
+#include <iostream> | |
#include "CutyCapt.hpp" | |
#if QT_VERSION >= 0x040600 && 0 | |
@@ -76,6 +73,8 @@ | |
{ CutyCapt::OtherFormat, "", "" } | |
}; | |
+const char *argUrl = NULL; | |
+ | |
QString | |
CutyPage::chooseFile(QWebFrame* /*frame*/, const QString& /*suggestedFile*/) { | |
return QString::null; | |
@@ -270,6 +269,18 @@ | |
mPage->setViewportSize( mainFrame->contentsSize() ); | |
+ QUrl url = QUrl::fromEncoded(argUrl); | |
+ QString ua = mPage->userAgentForUrl(url); | |
+ std::cout << "proxy_set_header User-Agent \"" << ua.toStdString() << "\";" << std::endl; | |
+ QList<QNetworkCookie> cl = mPage->networkAccessManager()->cookieJar()->cookiesForUrl(url); | |
+ std::cout << "proxy_set_header Cookie \""; | |
+ for(QList<QNetworkCookie>::const_iterator ci = cl.cbegin(); ci != cl.cend(); ci++) { | |
+ std::cout << ci->toRawForm(QNetworkCookie::NameAndValueOnly).constData(); | |
+ if(*ci != cl.last()) | |
+ std::cout << "; "; | |
+ } | |
+ std::cout << "\";" << std::endl; | |
+ | |
switch (mFormat) { | |
case SvgFormat: { | |
QSvgGenerator svg; | |
@@ -408,7 +419,7 @@ | |
int argVerbosity = 0; | |
int argSmooth = 0; | |
- const char* argUrl = NULL; | |
+ //const char* argUrl = NULL; | |
const char* argUserStyle = NULL; | |
const char* argUserStylePath = NULL; | |
const char* argUserStyleString = NULL; | |
@@ -705,6 +716,9 @@ | |
SLOT(JavaScriptWindowObjectCleared())); | |
#endif | |
+ QNetworkCookieJar *jar = new QNetworkCookieJar(); | |
+ page.networkAccessManager()->setCookieJar(jar); | |
+ | |
app.connect(page.networkAccessManager(), | |
SIGNAL(sslErrors(QNetworkReply*, QList<QSslError>)), | |
&main, | |
diff -u -r CutyCapt.orig/CutyCapt.hpp CutyCapt/CutyCapt.hpp | |
--- CutyCapt.orig/CutyCapt.hpp 2015-07-09 19:40:34.311891000 +0200 | |
+++ CutyCapt/CutyCapt.hpp 2015-07-09 21:18:40.880361201 +0200 | |
@@ -15,6 +15,7 @@ | |
void setPrintAlerts(bool printAlerts); | |
void setCutyCapt(CutyCapt* cutyCapt); | |
QString getAlertString(); | |
+ QString userAgentForUrl(const QUrl& url) const; | |
protected: | |
QString chooseFile(QWebFrame *frame, const QString& suggestedFile); | |
@@ -22,7 +23,6 @@ | |
bool javaScriptPrompt(QWebFrame* frame, const QString& msg, const QString& defaultValue, QString* result); | |
void javaScriptAlert(QWebFrame* frame, const QString& msg); | |
bool javaScriptConfirm(QWebFrame* frame, const QString& msg); | |
- QString userAgentForUrl(const QUrl& url) const; | |
QString mUserAgent; | |
QString mAlertString; | |
bool mPrintAlerts; | |
diff -u -r CutyCapt.orig/CutyCapt.pro CutyCapt/CutyCapt.pro | |
--- CutyCapt.orig/CutyCapt.pro 2015-07-09 19:40:34.311891000 +0200 | |
+++ CutyCapt/CutyCapt.pro 2015-07-09 20:53:49.227671076 +0200 | |
@@ -4,7 +4,7 @@ | |
CONFIG += qt console | |
greaterThan(QT_MAJOR_VERSION, 4): { | |
- QT += webkitwidgets | |
+ QT += webkitwidgets printsupport | |
} | |
contains(CONFIG, static): { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[...] | |
http { | |
[...] | |
server { | |
[...] | |
location /some_path/ { | |
proxy_pass https://cf-ddos-protected-site.example.com/; | |
proxy_ssl_server_name on; | |
proxy_http_version 1.1; | |
include cloudflare.conf; | |
} | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# renews cloudflare anti-ddos cookies (they expire every hour) | |
function renew { | |
echo "Renewing CF cookies for $1" | |
/path/to/patched/cutycapt \ | |
"--url=$1" --out=/dev/null \ | |
--out-format=png --delay=5000 > "/path/to/nginx/conf/$2" | |
} | |
renew "https://cf-ddos-protected-site.example.com/" "cloudflare.conf" | |
/path/to/nginx -s reload | |
echo "done." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment