unixfox
diff --git a/‎README.md‎
Lines changed: 22 additions & 14 deletions b/‎README.md‎
Lines changed: 22 additions & 14 deletions
diff --git a/‎index.js‎
Lines changed: 3 additions & 1 deletion b/‎index.js‎
Lines changed: 3 additions & 1 deletion
@@ -1,26 +1,20 @@
 ![GitHub stars](https://img.shields.io/github/stars/unixfox/antibot-proxy.svg?style=social) [![Docker Cloud Build Status](https://img.shields.io/docker/cloud/build/unixfox/antibot-proxy.svg)](https://hub.docker.com/r/unixfox/antibot-proxy) [![Docker Cloud Automated build](https://img.shields.io/docker/cloud/automated/unixfox/antibot-proxy.svg)](https://hub.docker.com/r/unixfox/antibot-proxy) ![GitHub package.json version](https://img.shields.io/github/package-json/v/unixfox/antibot-proxy.svg)
 
 # Description
+
 :warning: This program is still experimental and (badly written) so there are probably some bugs and vulnerabilities in the bot detection system. :warning:
 
 The algorithm is based on the fact that every browser will accept cookie and load the external CSS that you included in your HTML page so in case of a stupid/basic bot it won't simply process the cookie or/and load that external CSS file because it does not process the HTML code.
 
-# How to make it work?
+# How to make it work? (minimalistic configuration)
 
-1. Copy the `example.toml` to `config.toml` and the `views/bot.template.pug` to `views/bot.pug`.
+1. Copy the `example.toml` to `config.toml`.
 
-2. Modify the settings inside the `config.toml`. You don't need to modify every setting, just change the one that you want to be changed. Here is the reference for each setting:
-- `COOKIE_NAME`: The name of the cookie that will be used for checking if the client can handle the cookie.
-- `ENDPOINT_NAME`: The name of the CSS file that will be used for checking if the client can process the HTML code.
-- `JAIL_PATH`: The path to the directory where the banned IP will be stored. Optionally to be used with the [ipfilter](https://caddyserver.com/docs/http.ipfilter) plugin of Caddy.
-- `MAX_RETRY`: The number of retries allowed for the client before getting banned.
-- `PORT`: The port of which the proxy application will listen to.
-- `TARGET`: The URL of the application to proxy/protect.
-- `TIMEOUT_LOAD`: The time before the program consider that the client failed to reach the CSS file.
-- `WHITELIST`: The IP that you want to be whitelisted. Separate each IP with a `,`.
-- `WHITELIST_PAGES`: Pages to whitelist from the blocked page for bots.
+2. Modify the setting `TARGET` in the `config.toml` to the URL where your application is listening to. For example if your application reachable on `http://127.0.0.1:8080` just set `127.0.0.1:8080` in the setting.
 
-3. On your main webserver (nginx, apache, caddy,...) you need to pass the IP address of the client to the application (with the `X-Real-IP` header). Here is how to do it on:
+3. Modify the setting `JAIL_PATH` in the `config.toml` to an empty directory that you created for the application.
+
+3. On your main webserver (nginx, apache, caddy,...) when you will proxy the `antibot-proxy` application you will also need to pass the IP address of the client to the application (with the `X-Real-IP` header). Here is how to do it on:
 - Apache:
 
 ```apache
@@ -38,8 +32,22 @@ proxy_set_header X-Real-IP $remote_addr;
 ```caddy
 transparent
 ```
+> Note: You may consult the documentation of your webserver for further details about proxying an application.
+
+# Reference of each setting in `config.toml` for advanced configuration
+
+- `COOKIE_NAME`: The name of the cookie that will be used for checking if the client can handle the cookie.
+- `ENDPOINT_NAME`: The name of the CSS file that will be used for checking if the client can process the HTML code.
+- `JAIL_PATH`: The path to the directory where the banned IP will be stored. Optionally to be used with the [ipfilter](https://caddyserver.com/docs/http.ipfilter) plugin of Caddy.
+- `MAX_RETRY`: The number of retries allowed for the client before getting banned.
+- `PORT`: The port of which the proxy application will listen to.
+- `TARGET`: The URL of the application to proxy/protect.
+- `TIMEOUT_LOAD`: The time before the program consider that the client failed to reach the CSS file.
+- `WHITELIST`: The IP that you want to be whitelisted.
+- `WHITELIST_PAGES`: Pages to whitelist from the blocked page for bots.
+
 
-# How to configure the ipfilter plugin to handle the banned IPs?
+# How to configure the ipfilter Caddy plugin to handle the banned IPs?
 
 You just need to add this block to your `Caddyfile`:
 ````JSON
 
@@ -65,8 +65,10 @@ app.get("/" + configFile.ENDPOINT_NAME, function (userReq, userRes) {
 app.all("*", function (userReq, userRes, next) {
  const IP = (userReq.headers["x-real-ip"] || userReq.connection.remoteAddress);
  const secretCookie = crypto.createHash('md5').update(IP).digest('hex');
- if (userReq.method != "GET" && userReq.method != "POST")
+ if ((userReq.method != "GET" && userReq.method != "POST") || checkFileExist(configFile.JAIL_PATH + "/" + IP, false)) {
+ userRes.status(403);
  userRes.end();
+ }
  else if ((userReq.cookies && userReq.cookies[configFile.COOKIE_NAME] === secretCookie)
  || configFile.WHITELIST.indexOf(IP) > -1 || whitelistPageChecker(userReq.url, userReq.method))
  next();