This forum securiity rules ruin forum&program usage experince

Post a reply


In an effort to prevent automatic submissions, we require that you complete the following challenge.
Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :| :mrgreen: :geek: :ugeek: :arrow: :angel: :clap: :crazy: :eh: :lolno: :problem: :shh: :shifty: :sick: :silent: :think: :thumbup: :thumbdown: :salute: :wave: :wtf: :yawn: :facepalm: :bravo: :dance: :beard: :morebeard: :xmas: :HeHe: :trollface: :cookie: :rainbow: :monkeysee: :monkeysay: :happybday: :headwall: :offtopic: :superhappy: :terms: :beer:
View more smilies

BBCode is ON
[img] is OFF
[flash] is OFF
[url] is ON
Smilies are ON

Topic review
   

Expand view Topic review: This forum securiity rules ruin forum&program usage experince

Re: This forum securiity rules ruin forum&program usage experince

Post by jeeswg » 05 Apr 2019, 19:52

and the old archived forum maybe

Re: This forum securiity rules ruin forum&program usage experince

Post by swagfag » 05 Apr 2019, 17:05

and if feasible whitelist the docs too

Re: This forum securiity rules ruin forum&program usage experince

Post by lexikos » 05 Apr 2019, 16:20

tank, you should add rules to exclude version.txt (and perhaps the main download links) from captcha.
Selectively disable the challenge page
If you would like to selectively disable the Cloudflare challenge page for a specific path, you can create a page rule and add a setting to turn Security Level for the matching URL to Essentially Off
Source: How do I turn off the Cloudflare Captcha (challenge page)? – Cloudflare Support

Re: This forum securiity rules ruin forum&program usage experince

Post by uname » 05 Apr 2019, 13:36

many (if not most users) don't see captchas
So this was just a "discrimination by IP subnet".
Back in 2015 they completely banned my ISP /19 subnet by /16 (if not /9) global ban rule.

Well, what can I say…

Whitelist power!

Re: This forum securiity rules ruin forum&program usage experince

Post by gregster » 05 Apr 2019, 12:54

uname wrote:
05 Apr 2019, 12:45
tank wrote:
05 Apr 2019, 11:43
I have whitelisted your last used IP try now
Now it works (obviously)
But 99.99% AHK users still unable to use default installer properly.
I doubt that this is true - many (if not most users) don't see captchas, afaik. But there seem to be some factors that trigger specific rules.
Especially for new users and older users with low post count/low activity in the last months, the likelihood is higher. At least, this is what I gathered from looking at the recent feedback... I personally haven't seen a captcha once (without being explicitly whitelisted - at least that I know of.)

Re: This forum securiity rules ruin forum&program usage experince

Post by uname » 05 Apr 2019, 12:45

tank wrote:
05 Apr 2019, 11:43
I have whitelisted your last used IP try now
Now it works (obviously)
But 99.99% AHK users still unable to use default installer properly.

Re: This forum securiity rules ruin forum&program usage experince

Post by tank » 05 Apr 2019, 11:43

uname wrote:
05 Apr 2019, 11:19
My IE and Edge cache are cleared.
Thats how
I have whitelisted your last used IP try now

Re: This forum securiity rules ruin forum&program usage experince

Post by uname » 05 Apr 2019, 11:19

tank wrote:
05 Apr 2019, 11:07
hmmm maybe you're on win 10
i just tried that isolated code and got a secure channel error
when i edited and tried the following it works

Code: Select all

        whr := ComObjCreate("MSXML2.XMLHTTP.6.0")
        whr.Open("GET", "https://www.autohotkey.com/download/1.1/version.txt", false)
        whr.Send()
        ;;whr.WaitForResponse()
        latestVersion := whr.responseText
        MsgBox % latestVersion
How am I suppose to clear WinHttp.WinHttpRequest.5.1 cache?
My IE and Edge cache are cleared.

Each request to https://www.autohotkey.com/download/1.1/version.txt has captcha validation.
It's not a cached page with captcha, it's a solid new page with new Cloudfare Ray ID.

Your suggested code also returns text from the captcha page.
Maybe you should remove yourself from whitelist and try to operate as a normal user? Have you tried? It's an awesome experience, all the captchas and validations on each step. Would recommend.

Re: This forum securiity rules ruin forum&program usage experince

Post by tank » 05 Apr 2019, 11:07

hmmm maybe you're on win 10
i just tried that isolated code and got a secure channel error
when i edited and tried the following it works

Code: Select all

        whr := ComObjCreate("MSXML2.XMLHTTP.6.0")
        whr.Open("GET", "https://www.autohotkey.com/download/1.1/version.txt", false)
        whr.Send()
        ;;whr.WaitForResponse()
        latestVersion := whr.responseText
        MsgBox % latestVersion

Re: This forum securiity rules ruin forum&program usage experince

Post by tank » 05 Apr 2019, 10:44

uname wrote:
05 Apr 2019, 09:00
always a captcha request on that URL
So you did or did not clear your cache?

Re: This forum securiity rules ruin forum&program usage experince

Post by swagfag » 05 Apr 2019, 10:21

cloudflare is turned on for every www.autohotkey.com page and cant be isolated to just www.autohotkey.com/boards apparently

Re: This forum securiity rules ruin forum&program usage experince

Post by uname » 05 Apr 2019, 09:00

tank wrote:
02 Apr 2019, 17:55
you may need to clear your cache
Installer.ahk used for the program updates using

Code: Select all

    try {
        whr := ComObjCreate("WinHttp.WinHttpRequest.5.1")
        whr.Open("GET", "https://autohotkey.com/download/1.1/version.txt", true)
        whr.Send()
        whr.WaitForResponse()
        latestVersion := whr.responseText
    }
And there is always a captcha request on that URL so version check request always fails.
Is it suppose to work like that? Is it a privilege to use autoupdate?

Re: This forum securiity rules ruin forum&program usage experince

Post by tank » 02 Apr 2019, 17:55

you may need to clear your cache

Re: This forum securiity rules ruin forum&program usage experince

Post by uname » 02 Apr 2019, 17:06

Still doesn't work for me.
Attachments
Untitled.png
Untitled.png (14.63 KiB) Viewed 1134 times

Re: This forum securiity rules ruin forum&program usage experince

Post by tank » 02 Apr 2019, 09:03

OK the update problem should be resolved

Re: This forum securiity rules ruin forum&program usage experince

Post by tank » 02 Apr 2019, 08:26

As to images you are free to upload and attach images directly on this forum
This is the first time i am hearing about broken updates. I will dig into it tonight.
This is not a government you have no rights. It is a privilege to use this forum. You may speak only as freely as allowed.
By the way if you PM me your static IP i may be willing to try and white-list you

This forum securiity rules ruin forum&program usage experince

Post by uname » 02 Apr 2019, 07:05

Yea, I know you're affected by some botnet attack.
I think the way you've trying to counteract this is at least annoying an prehaps even wrong.
I'm using static IP and Firefox 66.0.2 with default security settings yet I have to bypass cloudflare captcha each time I open the forum despite having the same cookies set.
Autohotkey installer unable to check for updates with that paranoid security level:
Image
Look, your forum software broke the link to absolutely legit image hosting.
Each my forum message taking premoderation. You literally forbidding me speak freely. WTF?

Top