C
CrowdSec2w ago
Mrx

Haproxy-Spoa captcha always reload and not redirect to site

Dear Crowedsec Team I set up my haproxy to show the chaptcha.html file from your Github repo. But my turnstile widget always reloads and never sent the cookie back to the server for verification.
10 Replies
CrowdSec
CrowdSec2w ago
Important Information
This post has been marked as resolved. If this is a mistake please press the red button below or type /unresolve
© Created By WhyAydan for CrowdSec ❤️
iiamloz
iiamloz2w ago
So for captcha there one thing to point out, that it uses cookies instead of the Lua behaviour which was temporary allowing the IP. Do you have any logs in spoa, there should be some debug logs if you enable debugging.
Mrx
MrxOP2w ago
hi Loz Thanks for your quick repley. Just to make sure that i got it right, the captcha site should send a cookies back and and then the bouncer allow the ip temporary? I will look for the logs when i get back to my server. Thank you so much.
iiamloz
iiamloz2w ago
So you can see in the debug, it states the uuid within the cookie value has the status PENDING, means the submission failed. Can you confirm the secret key is entered in the configuration. I know I kept it from logging in the debug but just to confirm, these lines
iiamloz
iiamloz2w ago
No description
iiamloz
iiamloz2w ago
Ahhh think I found the issue its linked the key name in the source code
iiamloz
iiamloz2w ago
iiamloz
iiamloz2w ago
https://github.com/crowdsecurity/cs-haproxy-spoa-bouncer/releases/tag/v0.0.5-rc2
GitHub
Release v0.0.5-rc2 · crowdsecurity/cs-haproxy-spoa-bouncer
What's Changed fix: turnstile key name (#47) by @LaurenceJJones in #48 Full Changelog: v0.0.5-rc1...v0.0.5-rc2
iiamloz
iiamloz2w ago
Once this RC is built it should resolve your issue, and just to clarify the captcha verfication is now per device. The problem we had with Lua is that users that wanted to captcha proxies and tor for example didnt have the ability to allow just a valid user through without blanket allowing the IP. Hence this new cookie based system. btw thank you for testing this out! we got a handful of users but any feedback you have is useful so please dont hesitate to be upfront about your experience :alpacas:
CrowdSec
CrowdSec2w ago
Resolving Haproxy-Spoa captcha always reload and not redirect to site This has now been resolved. If you think this is a mistake please run /unresolve Unresolving Haproxy-Spoa captcha always reload and not redirect to site This has now been unresolved. Resolving Haproxy-Spoa captcha always reload and not redirect to site This has now been resolved. If you think this is a mistake please run /unresolve

Did you find this page helpful?