klevze/SkinbaseNova
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add captcha-backed forum security hardening

Browse Source
This commit is contained in:
Gregor Klevže
2026-03-17 16:06:28 +01:00
parent 980a15f66e
commit b3fc889452
40 changed files with 2849 additions and 108 deletions
Download Patch File Download Diff File Expand all files Collapse all files

147
config/forum_bot_protection.php Normal file
View File

@@ -0,0 +1,147 @@
<?php
return [
'enabled' => env('FORUM_BOT_PROTECTION_ENABLED', true),
'thresholds' => [
'allow' => 20,
'log' => 20,
'captcha' => 40,
'moderate' => 60,
'block' => 80,
],
'honeypots' => [
'fields' => ['homepage_url', 'company_name'],
'penalty' => 60,
],
'captcha' => [
'provider' => env('FORUM_BOT_CAPTCHA_PROVIDER', 'turnstile'),
'actions' => [
'register',
'login',
'forum_topic_create',
'forum_reply_create',
'forum_post_update',
'profile_update',
'api_write',
],
'input' => env('FORUM_BOT_CAPTCHA_INPUT', ''),
'message' => 'Complete the captcha challenge to continue.',
],
'behavior' => [
'new_account_days' => 7,
'rapid_post_window_minutes' => 1,
'rapid_post_threshold' => 5,
'rapid_thread_threshold' => 2,
'recent_action_window_seconds' => 45,
'recent_action_threshold' => 6,
'login_attempt_window_minutes' => 10,
'login_attempt_threshold' => 8,
'profile_update_threshold' => 6,
'profile_update_window_minutes' => 60,
'api_request_window_minutes' => 1,
'api_request_threshold' => 100,
'repeated_content_penalty' => 50,
'new_account_links_penalty' => 30,
'rapid_post_penalty' => 40,
'recent_action_penalty' => 40,
'login_burst_penalty' => 35,
'profile_burst_penalty' => 20,
'api_burst_penalty' => 60,
],
'account_farm' => [
'window_minutes' => 10,
'register_attempt_threshold' => 10,
'same_ip_users_threshold' => 5,
'same_fingerprint_users_threshold' => 3,
'same_pattern_users_threshold' => 3,
'register_attempt_penalty' => 50,
'same_ip_penalty' => 35,
'same_fingerprint_penalty' => 40,
'same_pattern_penalty' => 45,
],
'ip' => [
'cache_ttl_minutes' => 15,
'recent_high_risk_window_hours' => 24,
'recent_high_risk_threshold' => 3,
'recent_high_risk_penalty' => 20,
'known_proxy_penalty' => 20,
'datacenter_penalty' => 25,
'tor_penalty' => 40,
'blacklist_penalty' => 100,
'known_proxies' => [],
'datacenter_ranges' => [],
'provider_ranges' => [
'aws' => [],
'azure' => [],
'gcp' => [],
'digitalocean' => [],
'hetzner' => [],
'ovh' => [],
],
'tor_exit_nodes' => [],
],
'rate_limits' => [
'penalties' => [
'default' => 35,
'minute' => 35,
'hour' => 45,
],
],
'geo_behavior' => [
'enabled' => true,
'login_actions' => ['login'],
'country_headers' => [
'CF-IPCountry',
'CloudFront-Viewer-Country',
'X-Country-Code',
'X-App-Country-Code',
],
'recent_login_window_minutes' => 60,
'country_change_penalty' => 50,
],
'patterns' => [
'seo' => [
'best seo service',
'cheap backlinks',
'guaranteed traffic',
'rank your website',
],
'casino' => [
'online casino',
'jackpot bonus',
'slot machine',
'betting tips',
],
'crypto' => [
'crypto signal',
'double your bitcoin',
'guaranteed profit',
'token presale',
],
'affiliate' => [
'affiliate link',
'promo code',
'limited offer',
'work from home',
],
'repeated_phrase_penalty' => 40,
'category_penalty' => 30,
],
'scan' => [
'lookback_minutes' => 5,
'auto_blacklist_attempts' => 10,
'auto_blacklist_risk' => 80,
'auto_blacklist_reason' => 'Automatically blacklisted by bot activity monitor.',
'queue' => env('FORUM_BOT_SCAN_QUEUE', 'forum-moderation'),
],
];