Feature request: set $Roboo_challenge_hash_input

Question

Feature request: set $Roboo_challenge_hash_input

valintinr opened this issue 10 years ago · comments

Valentyn Rosavitskyi commented 10 years ago

Hello,
As I saw in sources cookie value is based on $remote_addr only.
Can we get "set $Roboo_challenge_hash_input" for prevent issues behind NAT users (actually we already have client with similar issues but now Im not sured abut this).
In perl Roboo we using next:

set $Roboo_challenge_hash_input $remote_addr$http_user_agent;

Paul Yang · Answer 1 · Tue Nov 04 2014 13:06:14 GMT+0800 (China Standard Time)

OK, this is considerable

Paul Yang · Answer 2 · Tue Nov 04 2014 21:35:07 GMT+0800 (China Standard Time)

@valintinr , a new directive 'robot_mitigation_hash_input' is supported now, refer to this commit: 98c9450

Valentyn Rosavitskyi · Answer 3 · Tue Nov 04 2014 23:48:23 GMT+0800 (China Standard Time)

Perfect.
Thank you!!!