eaglercraft/eaglercraft-1.5
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'main' of https://github.com/LAX1DUDE/eaglercraft

Browse Source
This commit is contained in:
LAX1DUDE 2022-07-10 01:13:16 -07:00
commit 31fc3b88d1
2 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
README.md
View File

@ -148,7 +148,18 @@ origin_blacklist_simple_whitelist:
origin_blacklist_block_offline_download: true origin_blacklist_block_offline_download: true
``` ```
**To use IP bans and rate limiting, enable** `forward_ip` **and pass a X-Real-IP header from your proxy to the bungeecord's websocket port** ### To stop people from using bookmarklets to load a client from a different URL onto your official URL via XXS, add these headers to NGINX:
```
add_header X-Frame-Options "SAMEORIGIN";
add_header Referrer-Policy "strict-origin";
add_header X-XSS-Protection "1; mode=block";
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' 'unsafe-inline' data: blob:; connect-src 'self' ws: wss:; upgrade-insecure-requests";
```
(not fully tested, excuse the scroll bar)
### To use IP bans and rate limiting, enable `forward_ip` and pass a X-Real-IP header from your proxy to the bungeecord's websocket port
Nginx example: add `proxy_set_header X-Real-IP $remote_addr` to your proxy configuration Nginx example: add `proxy_set_header X-Real-IP $remote_addr` to your proxy configuration

5
stable-download/origin_blacklist.txt
View File

@ -22,6 +22,11 @@
.*gitpod\.io$ .*gitpod\.io$
.*gsucks\.repl\.co$ .*gsucks\.repl\.co$
.*builders.tools\.tk$ .*builders.tools\.tk$
.*lapx\..*$
# block ambiguous domains (excuse the regex skill issues)
^(?!g\.eags\.us).*eags\.us$
^(?!g\.lax1dude\.net).*lax1dude\.net$
# replit-wildcard: .*repl(it)?\..{1,5}$ # replit-wildcard: .*repl(it)?\..{1,5}$