This forum securiity rules ruin forum&program usage experince

Talk about anything
User avatar
uname
Posts: 18
Joined: 25 Oct 2013, 12:50

This forum securiity rules ruin forum&program usage experince

02 Apr 2019, 07:05

Yea, I know you're affected by some botnet attack.
I think the way you've trying to counteract this is at least annoying an prehaps even wrong.
I'm using static IP and Firefox 66.0.2 with default security settings yet I have to bypass cloudflare captcha each time I open the forum despite having the same cookies set.
Autohotkey installer unable to check for updates with that paranoid security level:
Image
Look, your forum software broke the link to absolutely legit image hosting.
Each my forum message taking premoderation. You literally forbidding me speak freely. WTF?
User avatar
tank
Posts: 2750
Joined: 28 Sep 2013, 22:15
Facebook: charlie.simmons.7334
Google: ttnnkkrr
GitHub: ttnnkkrr
Location: Irving TX
Contact:

Re: This forum securiity rules ruin forum&program usage experince

02 Apr 2019, 08:26

As to images you are free to upload and attach images directly on this forum
This is the first time i am hearing about broken updates. I will dig into it tonight.
This is not a government you have no rights. It is a privilege to use this forum. You may speak only as freely as allowed.
By the way if you PM me your static IP i may be willing to try and white-list you
We are troubled on every side‚ yet not distressed; we are perplexed‚
but not in despair; Persecuted‚ but not forsaken; cast down‚ but not destroyed;
https://www.facebook.com/ahkscript.org
If you have forum suggestions please submit a pull request
Thanks Tank :thumbup:
User avatar
tank
Posts: 2750
Joined: 28 Sep 2013, 22:15
Facebook: charlie.simmons.7334
Google: ttnnkkrr
GitHub: ttnnkkrr
Location: Irving TX
Contact:

Re: This forum securiity rules ruin forum&program usage experince

02 Apr 2019, 09:03

OK the update problem should be resolved
We are troubled on every side‚ yet not distressed; we are perplexed‚
but not in despair; Persecuted‚ but not forsaken; cast down‚ but not destroyed;
https://www.facebook.com/ahkscript.org
If you have forum suggestions please submit a pull request
Thanks Tank :thumbup:
User avatar
uname
Posts: 18
Joined: 25 Oct 2013, 12:50

Re: This forum securiity rules ruin forum&program usage experince

02 Apr 2019, 17:06

Still doesn't work for me.
Attachments
Untitled.png
Untitled.png (14.63 KiB) Viewed 1382 times
User avatar
tank
Posts: 2750
Joined: 28 Sep 2013, 22:15
Facebook: charlie.simmons.7334
Google: ttnnkkrr
GitHub: ttnnkkrr
Location: Irving TX
Contact:

Re: This forum securiity rules ruin forum&program usage experince

02 Apr 2019, 17:55

you may need to clear your cache
We are troubled on every side‚ yet not distressed; we are perplexed‚
but not in despair; Persecuted‚ but not forsaken; cast down‚ but not destroyed;
https://www.facebook.com/ahkscript.org
If you have forum suggestions please submit a pull request
Thanks Tank :thumbup:
User avatar
uname
Posts: 18
Joined: 25 Oct 2013, 12:50

Re: This forum securiity rules ruin forum&program usage experince

05 Apr 2019, 09:00

tank wrote:
02 Apr 2019, 17:55
you may need to clear your cache
Installer.ahk used for the program updates using

Code: Select all

    try {
        whr := ComObjCreate("WinHttp.WinHttpRequest.5.1")
        whr.Open("GET", "https://autohotkey.com/download/1.1/version.txt", true)
        whr.Send()
        whr.WaitForResponse()
        latestVersion := whr.responseText
    }
And there is always a captcha request on that URL so version check request always fails.
Is it suppose to work like that? Is it a privilege to use autoupdate?
swagfag
Posts: 2904
Joined: 11 Jan 2017, 17:59

Re: This forum securiity rules ruin forum&program usage experince

05 Apr 2019, 10:21

cloudflare is turned on for every www.autohotkey.com page and cant be isolated to just www.autohotkey.com/boards apparently
User avatar
tank
Posts: 2750
Joined: 28 Sep 2013, 22:15
Facebook: charlie.simmons.7334
Google: ttnnkkrr
GitHub: ttnnkkrr
Location: Irving TX
Contact:

Re: This forum securiity rules ruin forum&program usage experince

05 Apr 2019, 10:44

uname wrote:
05 Apr 2019, 09:00
always a captcha request on that URL
So you did or did not clear your cache?
We are troubled on every side‚ yet not distressed; we are perplexed‚
but not in despair; Persecuted‚ but not forsaken; cast down‚ but not destroyed;
https://www.facebook.com/ahkscript.org
If you have forum suggestions please submit a pull request
Thanks Tank :thumbup:
User avatar
tank
Posts: 2750
Joined: 28 Sep 2013, 22:15
Facebook: charlie.simmons.7334
Google: ttnnkkrr
GitHub: ttnnkkrr
Location: Irving TX
Contact:

Re: This forum securiity rules ruin forum&program usage experince

05 Apr 2019, 11:07

hmmm maybe you're on win 10
i just tried that isolated code and got a secure channel error
when i edited and tried the following it works

Code: Select all

        whr := ComObjCreate("MSXML2.XMLHTTP.6.0")
        whr.Open("GET", "https://www.autohotkey.com/download/1.1/version.txt", false)
        whr.Send()
        ;;whr.WaitForResponse()
        latestVersion := whr.responseText
        MsgBox % latestVersion
We are troubled on every side‚ yet not distressed; we are perplexed‚
but not in despair; Persecuted‚ but not forsaken; cast down‚ but not destroyed;
https://www.facebook.com/ahkscript.org
If you have forum suggestions please submit a pull request
Thanks Tank :thumbup:
User avatar
uname
Posts: 18
Joined: 25 Oct 2013, 12:50

Re: This forum securiity rules ruin forum&program usage experince

05 Apr 2019, 11:19

tank wrote:
05 Apr 2019, 11:07
hmmm maybe you're on win 10
i just tried that isolated code and got a secure channel error
when i edited and tried the following it works

Code: Select all

        whr := ComObjCreate("MSXML2.XMLHTTP.6.0")
        whr.Open("GET", "https://www.autohotkey.com/download/1.1/version.txt", false)
        whr.Send()
        ;;whr.WaitForResponse()
        latestVersion := whr.responseText
        MsgBox % latestVersion
How am I suppose to clear WinHttp.WinHttpRequest.5.1 cache?
My IE and Edge cache are cleared.

Each request to https://www.autohotkey.com/download/1.1/version.txt has captcha validation.
It's not a cached page with captcha, it's a solid new page with new Cloudfare Ray ID.

Your suggested code also returns text from the captcha page.
Maybe you should remove yourself from whitelist and try to operate as a normal user? Have you tried? It's an awesome experience, all the captchas and validations on each step. Would recommend.
User avatar
tank
Posts: 2750
Joined: 28 Sep 2013, 22:15
Facebook: charlie.simmons.7334
Google: ttnnkkrr
GitHub: ttnnkkrr
Location: Irving TX
Contact:

Re: This forum securiity rules ruin forum&program usage experince

05 Apr 2019, 11:43

uname wrote:
05 Apr 2019, 11:19
My IE and Edge cache are cleared.
Thats how
I have whitelisted your last used IP try now
We are troubled on every side‚ yet not distressed; we are perplexed‚
but not in despair; Persecuted‚ but not forsaken; cast down‚ but not destroyed;
https://www.facebook.com/ahkscript.org
If you have forum suggestions please submit a pull request
Thanks Tank :thumbup:
User avatar
uname
Posts: 18
Joined: 25 Oct 2013, 12:50

Re: This forum securiity rules ruin forum&program usage experince

05 Apr 2019, 12:45

tank wrote:
05 Apr 2019, 11:43
I have whitelisted your last used IP try now
Now it works (obviously)
But 99.99% AHK users still unable to use default installer properly.
gregster
Posts: 2951
Joined: 30 Sep 2013, 06:48

Re: This forum securiity rules ruin forum&program usage experince

05 Apr 2019, 12:54

uname wrote:
05 Apr 2019, 12:45
tank wrote:
05 Apr 2019, 11:43
I have whitelisted your last used IP try now
Now it works (obviously)
But 99.99% AHK users still unable to use default installer properly.
I doubt that this is true - many (if not most users) don't see captchas, afaik. But there seem to be some factors that trigger specific rules.
Especially for new users and older users with low post count/low activity in the last months, the likelihood is higher. At least, this is what I gathered from looking at the recent feedback... I personally haven't seen a captcha once (without being explicitly whitelisted - at least that I know of.)
User avatar
uname
Posts: 18
Joined: 25 Oct 2013, 12:50

Re: This forum securiity rules ruin forum&program usage experince

05 Apr 2019, 13:36

many (if not most users) don't see captchas
So this was just a "discrimination by IP subnet".
Back in 2015 they completely banned my ISP /19 subnet by /16 (if not /9) global ban rule.

Well, what can I say…

Whitelist power!
lexikos
Posts: 6589
Joined: 30 Sep 2013, 04:07
GitHub: Lexikos

Re: This forum securiity rules ruin forum&program usage experince

05 Apr 2019, 16:20

tank, you should add rules to exclude version.txt (and perhaps the main download links) from captcha.
Selectively disable the challenge page
If you would like to selectively disable the Cloudflare challenge page for a specific path, you can create a page rule and add a setting to turn Security Level for the matching URL to Essentially Off
Source: How do I turn off the Cloudflare Captcha (challenge page)? – Cloudflare Support
swagfag
Posts: 2904
Joined: 11 Jan 2017, 17:59

Re: This forum securiity rules ruin forum&program usage experince

05 Apr 2019, 17:05

and if feasible whitelist the docs too
User avatar
jeeswg
Posts: 6711
Joined: 19 Dec 2016, 01:58
Location: UK

Re: This forum securiity rules ruin forum&program usage experince

05 Apr 2019, 19:52

and the old archived forum maybe
homepage | tutorials | wish list | fun threads | donate
WARNING: copy your posts/messages before hitting Submit as you may lose them due to CAPTCHA
User avatar
tank
Posts: 2750
Joined: 28 Sep 2013, 22:15
Facebook: charlie.simmons.7334
Google: ttnnkkrr
GitHub: ttnnkkrr
Location: Irving TX
Contact:

Re: This forum securiity rules ruin forum&program usage experince

06 Apr 2019, 02:00

But i did
We are troubled on every side‚ yet not distressed; we are perplexed‚
but not in despair; Persecuted‚ but not forsaken; cast down‚ but not destroyed;
https://www.facebook.com/ahkscript.org
If you have forum suggestions please submit a pull request
Thanks Tank :thumbup:

Return to “Offtopic”

Who is online

Users browsing this forum: No registered users and 14 guests