Join Log in
Score:0
schube avatar Server

Reverse Proxy (NGinx) with captcha

es flag
schube

I am trying to prevent some brute force attacks on an web app by having a captcha before the login page.

The application itself is not modifiable by me, so I cannot change the login form.

I could put something like Authelia in front of the web app, but this would be total overkill. I don't need 2FA, just a simple captcha will do.

I read some entries here and on the web about testcookie-nginx-module but this seems to be very old and not really maintained. Also, I would have to compile the module and include it into NGinx, what I try to avoid. Some other posts are 8-14 years old... I was not able to find an up-to-date post or project.

I am looking for some project (docker based would be ideal) and include it as a 3rd party app to my setup (just like Authelia).

It is hard to believe that there is no such project. Does anyone know something? Preferable open-source.

Thank you, schube

360
0 + 2
JoelCrypto avatar
th flag
JoelCrypto
CAN you use JWT for instance if captcha is correct?
0
Reply
schube avatar
es flag
schube
Hi! I don't really understand the question. I GUESS some captcha service would place a cookie and then in NGinx I would check if the cookie exists. If yes, fine, if not, redirect to the captcha service. At least, that is how I think it would work. I don't know how a JWT would help here. The point is, I cannot modify the existing webapp, so I only have the tools NGinx provides. (The existing webapp uses JWT btw.) Thank you!
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.