gnh1201/caterpillar
1
0
Fork 0
mirror of https://github.com/gnh1201/caterpillar.git synced 2024-10-04 07:01:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Page: Fediverse
Pages
Fediverse Home Invoke Method Stateful mode Wayback
8 Fediverse
Namhyeon, Go edited this page 2024-06-20 15:01:37 +09:00
Table of Contents

Fediverse

This document covers how to block spam using Caterpillar Proxy in web applications using the federation based on the ActivityPub protocol (referred to as Fediverse), such as Mastodon, Misskey, Pleroma. #

Spam filtering strategies

  • K-Anonymity test - Estimating whether the characters has been arranged by humans. (use Have I Been Pwned)
  • Not CAPTCHA - Image spam containing characters that look very similar to CAPTCHA. (use TrueCaptcha)
  • VowelRatio10 - In characters arranged by humans, there is a high frequency of vowels (aeiou) and semivowels (wy) and vowel-ending patterns included in strings that are 10 characters.
  • Palindrome4 - Detect palindromes composed of 4 or more characters
  • KnownWords4 - Detect well-known words composed of 4 or more characters
  • SearchEngine3 - In public search engine, the given string yields more than 2 results. (use LibreY)
  • RepeatedNumber3 - Detect a repeated numbers 3 times or more.
  • SSL decryption (MITM) when relaying to federated servers.

The strategies were implemented to respond to the Fediverse Spam Attacks which started on the 15th of February. # #

Example of settings.ini (.env)

[settings]
PORT=5555
SERVER_URL=localhost
SERVER_CONNECTION_TYPE=
CA_KEY=ca.key
CA_CERT=ca.crt
CERT_KEY=cert.key
CERT_DIR=certs/
OPENSSL_BINPATH=openssl
CLIENT_ENCODING=utf-8
LOCAL_DOMAIN=example.org
PROXY_PASS=http://127.0.0.1:3000
DICTIONARY_FILE=words_alpha.txt
TRUECAPTCHA_USERID=
TRUECAPTCHA_APIKEY=
LIBREY_APIURL=https://search.catswords.net

For Mastodon users

In [Caterpillar installed directory]/settings.ini or .env

  1. set SERVER_URL variable to localhost in .env (e.g. SERVER_URL=localhost)
  2. set PROXY_PASS variable to Mastodon backend URI (e.g. http://127.0.0.1:3000)
  3. if you want use notification, set MASTODON_SERVER(server domain) and MASTODON_USER_TOKEN(access token) variables

In [Mastodon installed directory]/env.production

  1. set http_proxy variable to http://localhost:5555 (e.g. http_proxy=http://localhost:5555)

In NGINX configuration

  1. Check your port number of Caterpillar (default: 5555)
  2. In NGINX configuration (e.g. /etc/nginx/conf.d/mastodon.conf), edit the proxy_pass like a proxy_pass http://localhost:5555

Report abuse