donnchac / cloudflare-tor-whitelister Goto Github PK
View Code? Open in Web Editor NEWWhitelist Tor exit relays to allowing Tor users access your CloudFlare-protected site without CAPTCHA's
License: GNU General Public License v2.0
Whitelist Tor exit relays to allowing Tor users access your CloudFlare-protected site without CAPTCHA's
License: GNU General Public License v2.0
Hello, thanks for opensourcing this little project. I'm reporting a minor issue, not a big deal so I'm not expecting it to get fixed since the resolution is to just try later.
Rate limiting
The CloudFlare API sets a maximum of 1,200 requests in a five minute period
https://api.cloudflare.com/#requests
If you exceed this rate limit while using whitelist.py
then you will get a successful log message without successfully hitting the CF API.
<snip>
2016-01-01 20:48:25,782 [ERROR]: Error deleting access rule 565c6267c40dbd004bae4ef063c64136 (IP: 197.231.221.211)
Traceback (most recent call last):
File "./whitelist.py", line 265, in main
remove_access_rule(session, rule_id, zone_id)
File "./whitelist.py", line 116, in remove_access_rule
r.raise_for_status()
File "/usr/lib64/python2.7/site-packages/requests/models.py", line 840, in raise_for_status
raise HTTPError(http_error_msg, response=self)
HTTPError: 429 Client Error: Too Many Requests for url: https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules/565c6267c40dbd004bae4ef063c64136
2016-01-01 20:48:25,783 [INFO]: Removed 799 matching Tor access rules.
The last line is what I am talking about. This is probably only an issue with accounts that have multiple domains, etc. Using default value, the problem will not present itself.
It is possible to whitelist Tor (T1
) visitors via the updated dashboard:
I think adding short node in the README may improve discoverability.
Currently, the IP-rule limit can only be edited by changing the script directly. I'd like to be able to pass a command-line argument for this, so that the script can be operated as a user who can't edit it.
Hi,
Just went to run the script and recieved the following errors:
2015-07-11 21:54:55,280 [INFO]: Successfully authenticated to the CloudFlare API
2015-07-11 21:54:55,281 [INFO]: No zone specified. Whitelist will be applied across all domains.
Traceback (most recent call last):
File "cloudflare-whitelist.py", line 346, in
main()
File "cloudflare-whitelist.py", line 235, in main
rules = fetch_access_rules(session, 1, zone_id=zone_id)
File "cloudflare-whitelist.py", line 70, in fetch_access_rules
raise CloudFlareAPIError(res['errors'])
main.CloudFlareAPIError: [{'code': 7003, 'message': 'Could not route to /user/firewall/packages/access_rules/rules, perhaps your object identifier is invalid?'}, {'code': 7000, 'message': 'No route for that URI'}]
Further investigation seems to point to the firewall packages being removed from the API. I can't see in the documentation any mention of /firewall/packages/access_rules any more.
I poked around with some code of my own and it seems that CloudFlare have indeed moved some things around.
Hello,
I get the following error:
/usr/local/lib/python2.7/dist-packages/requests-2.6.1-py2.7.egg/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
Traceback (most recent call last):
File "./cloudflare-whitelist.py", line 326, in
main()
File "./cloudflare-whitelist.py", line 181, in main
res = r.json()
File "/usr/local/lib/python2.7/dist-packages/requests-2.6.1-py2.7.egg/requests/models.py", line 819, in json
return json.loads(self.text, **kwargs)
File "/usr/lib/python2.7/json/init.py", line 326, in loads
return _default_decoder.decode(s)
File "/usr/lib/python2.7/json/decoder.py", line 365, in decode
obj, end = self.raw_decode(s, idx=_w(s, 0).end())
File "/usr/lib/python2.7/json/decoder.py", line 383, in raw_decode
raise ValueError("No JSON object could be decoded")
ValueError: No JSON object could be decoded
Latest Debian from Digitalocean.
Free accounts are limited to 200 rules per site. Pro and more expensive accounts have higher limits. If I edit the hardcoded limit in the script to be higher than my actual limit, I get some unpretty output:
2015-05-27 16:18:20,306 [ERROR]: Error creating access rule.
Traceback (most recent call last):
File "cloudflare-whitelist.py", line 310, in main
add_whitelist_rule(session, exit_address, zone_id)
File "cloudflare-whitelist.py", line 102, in add_whitelist_rule
raise CloudFlareAPIError(res['errors'])
CloudFlareAPIError: [{u'message': u'Access rule quota has been exceeded.', u'code': 81019}]
It would be lovely if this output could be prettier.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.