Comment on Anubis is awesome and I want to talk aout it

SmokeyDope@piefed.social ⁨19⁩ ⁨hours⁩ ago

Theres a compute option that doesnt require javascript. Its on site owners to configure IMO, though you can make the argument its not default I guess.

https://anubis.techaro.lol/docs/admin/configuration/challenges/metarefresh

From docs on Meta Refresh Method

Meta Refresh (No JavaScript)

The metarefresh challenge sends a browser a much simpler challenge that makes it refresh the page after a set period of time. This enables clients to pass challenges without executing JavaScript.

To use it in your Anubis configuration:

# Generic catchall rule
- name: generic-browser
  user_agent_regex: >-
    Mozilla|Opera
  action: CHALLENGE
  challenge:
    difficulty: 1 # Number of seconds to wait before refreshing the page
    algorithm: metarefresh # Specify a non-JS challenge method

This is not enabled by default while this method is tested and its false positive rate is ascertained. Many modern scrapers use headless Google Chrome, so this will have a much higher false positive rate.

source

Sort:hotnew top

z3rOR0ne@lemmy.ml ⁨14⁩ ⁨hours⁩ ago
Yeah I actually use the noscript extension and i refuse to just whitelist certain sites unless I’m very certain I trust them.

I run into Anubis checks all the time and while I appreciate the software, having to consistently temporarily whitelist these sites does get cumbersome at times. I hope they make this noJS implementation the default soon.

source
- Prathas@lemmy.zip ⁨2⁩ ⁨hours⁩ ago
  Wait, you keep temporarily allowing then over and over again? Why temporary?
  
  source
Dojan@pawb.social ⁨14⁩ ⁨hours⁩ ago
This is news to me! Thanks for enlightening me!

source