TheCloud/anubis
1
0
Fork 0
mirror of https://github.com/TecharoHQ/anubis.git synced 2025-09-24 04:16:27 -04:00
Code Issues Packages Projects Releases Wiki Activity
530 Commits 117 Branches 34 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Xe Iaso 6e4e471792
fix(lib): ensure issued challenges don't get double-spent (#1003) 
* fix(lib): ensure issued challenges don't get double-spent

Closes #1002

TL;DR: challenge IDs were not validated at time of token issuance. A
dedicated attacker could solve a challenge once and reuse it across
multiple sessons in order to mint additional tokens.

With the advent of store based challenge issuance in #749, this means
that these challenge IDs are only good for 30 minutes. Websites using
the most recent version of Anubis have limited exposure to this problem.

Websites using older versions of Anubis have a much more increased
exposure to this problem and are encouraged to keep this software
updated as often and as frequently as possible.

* docs: update CHANGELOG

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-08-20 12:33:32 -04:00
.devcontainer
.github
.vscode
cmd
data
decaymap
docs
internal
lib
run
test
utils/cmd/backoff-retry
var
web
xess
.air.toml
.gitattributes
.gitignore
.ko.yaml
anubis.go
Brewfile
go.mod
go.sum
LICENSE
Makefile
package-lock.json
package.json
README.md
VERSION
yeetfile.js

README.md

Anubis

A smiling chibi dark-skinned anthro jackal with brown hair and tall ears looking victorious with a thumbs-up

enbyware GitHub Issues or Pull Requests by label GitHub go.mod Go version language count repo size GitHub Sponsors

Sponsors

Anubis is brought to you by sponsors and donors like:

Diamond Tier

Raptor Computing Systems

Gold Tier

Distrust Terminal Trove canine.tools Weblate Uberspace Wildbase Cat eyes over the word Emma in a serif font Cat eyes over the word Emma in a serif font

Overview

Anubis is a Web AI Firewall Utility that weighs the soul of your connection using one or more challenges in order to protect upstream resources from scraper bots.

This program is designed to help protect the small internet from the endless storm of requests that flood in from AI companies. Anubis is as lightweight as possible to ensure that everyone can afford to protect the communities closest to them.

Anubis is a bit of a nuclear response. This will result in your website being blocked from smaller scrapers and may inhibit "good bots" like the Internet Archive. You can configure bot policy definitions to explicitly allowlist them and we are working on a curated set of "known good" bots to allow for a compromise between discoverability and uptime.

In most cases, you should not need this and can probably get by using Cloudflare to protect a given origin. However, for circumstances where you can't or won't use Cloudflare, Anubis is there for you.

If you want to try this out, connect to anubis.techaro.lol.

Support

If you run into any issues running Anubis, please open an issue. Please include all the information I would need to diagnose your issue.

For live chat, please join the Patreon and ask in the Patron discord in the channel #anubis.

Star History

Star History Chart

Packaging Status

Packaging status

Contributors

Made with contrib.rocks.

Description
Weighs the soul of incoming HTTP requests using proof-of-work to stop AI crawlers
Readme MIT 24 MiB
Languages
Go 86.4%
TypeScript 4.4%
Shell 4.1%
JavaScript 2%
templ 1.9%
Other 1%