Better to post it here we can t formally

Better to post it here: we can't formally/directly support folks via DM, but others may be able to help 🙂

104 Replies

export interface Env {
  DB: D1Database;
}

export default {
  async fetch(request: Request, env: Env) {
    // Check if the custom-verified-bot header is set to "true"
    if (request.headers.get("custom-verified-bot") === "true") {
      // If it is, return the result of calling fetch(request)
      return fetch(request);
    }

    // Get the IP address from the request headers
    const ip = request.headers.get('CF-Connecting-IP');

    // Check if there are at least 3 rows with the same time value for this IP address
    let results;
    try {
      const stmt = env.DB.prepare("SELECT time FROM (SELECT time, count(*) as cnt FROM accesslog WHERE ip = ?1 GROUP BY time) WHERE cnt >= 3").bind(ip);
      results = (await stmt.all()).results;
    } catch (error: any) {
      console.error(`Error while checking rows: ${error}`);
      return Response.json({ message: `Error while checking rows: ${error.stack}` });
    }

    // If there are at least 3 rows, add the IP address to the Cloudflare rule and delete rows from the database
    if (results && results.length > 0) {
      try {
        const options = {
          method: 'POST',
          headers: {
            'Content-Type': 'application/json',
            'X-Auth-Email': '[email protected]',
            'X-Auth-Key': 'XXX'
          },
          body: JSON.stringify({
            "configuration": {"target": "ip", "value": ip},
            "mode": "challenge",
            "notes": "Rate limit block."
          })
        };
        await fetch('https://api.cloudflare.com/client/v4/accounts/8aXXXX/firewall/access_rules/rules', options);
      } catch (error: any) {
        console.error(`Error while adding IP address to Cloudflare rule: ${error}`);
        return Response.json({ message: `Error while adding IP address to Cloudflare rule: ${error.stack}` });
      }

      try {
        const deleteStmt = env.DB.prepare('DELETE FROM accesslog WHERE ip = ?1').bind(ip);
        await deleteStmt.run();
      } catch (error: any) {
        console.error(`Error while deleting rows from database: ${error}`);
        return Response.json({ message: `Error while deleting rows from database: ${error.stack}` });
      }

      return Response.json({ message: 'Rows deleted' });
    } else {
      // If there are fewer than 3 rows, insert a new row into the accesslog table with the current time and path
      const now = new Date();
      const time = `${now.getHours()}:${now.getMinutes()}:${now.getSeconds()}`;
      let { pathname } = new URL(request.url);
      pathname = pathname || '/';
      if (
        !request.url.endsWith('/favicon.ico') &&
        !request.url.endsWith('/style.css') &&
        !request.url.endsWith('/script.js') &&
        pathname !== '/dzziqEPxnCcWmU0R/bkIiX3dl0JVgB7mw' &&
        pathname !== '/service_worker.js' &&
        pathname !== '/robots.txt'
      ) {
        try {
          await env.DB.prepare(
            "INSERT INTO accesslog (ip, time, path) VALUES (?1, ?2, ?3)"
          ).bind(ip, time, pathname).run();
        } catch (error: any) {
          console.error(`Error while inserting row into accesslog table: ${error}`);
          return Response.json({ message: `Error while inserting row into accesslog table: ${error.stack}` });
        }
      }

      return fetch(request);
    }
  },
};

export interface Env {
  DB: D1Database;
}

export default {
  async fetch(request: Request, env: Env) {
    // Check if the custom-verified-bot header is set to "true"
    if (request.headers.get("custom-verified-bot") === "true") {
      // If it is, return the result of calling fetch(request)
      return fetch(request);
    }

    // Get the IP address from the request headers
    const ip = request.headers.get('CF-Connecting-IP');

    // Check if there are at least 3 rows with the same time value for this IP address
    let results;
    try {
      const stmt = env.DB.prepare("SELECT time FROM (SELECT time, count(*) as cnt FROM accesslog WHERE ip = ?1 GROUP BY time) WHERE cnt >= 3").bind(ip);
      results = (await stmt.all()).results;
    } catch (error: any) {
      console.error(`Error while checking rows: ${error}`);
      return Response.json({ message: `Error while checking rows: ${error.stack}` });
    }

    // If there are at least 3 rows, add the IP address to the Cloudflare rule and delete rows from the database
    if (results && results.length > 0) {
      try {
        const options = {
          method: 'POST',
          headers: {
            'Content-Type': 'application/json',
            'X-Auth-Email': '[email protected]',
            'X-Auth-Key': 'XXX'
          },
          body: JSON.stringify({
            "configuration": {"target": "ip", "value": ip},
            "mode": "challenge",
            "notes": "Rate limit block."
          })
        };
        await fetch('https://api.cloudflare.com/client/v4/accounts/8aXXXX/firewall/access_rules/rules', options);
      } catch (error: any) {
        console.error(`Error while adding IP address to Cloudflare rule: ${error}`);
        return Response.json({ message: `Error while adding IP address to Cloudflare rule: ${error.stack}` });
      }

      try {
        const deleteStmt = env.DB.prepare('DELETE FROM accesslog WHERE ip = ?1').bind(ip);
        await deleteStmt.run();
      } catch (error: any) {
        console.error(`Error while deleting rows from database: ${error}`);
        return Response.json({ message: `Error while deleting rows from database: ${error.stack}` });
      }

      return Response.json({ message: 'Rows deleted' });
    } else {
      // If there are fewer than 3 rows, insert a new row into the accesslog table with the current time and path
      const now = new Date();
      const time = `${now.getHours()}:${now.getMinutes()}:${now.getSeconds()}`;
      let { pathname } = new URL(request.url);
      pathname = pathname || '/';
      if (
        !request.url.endsWith('/favicon.ico') &&
        !request.url.endsWith('/style.css') &&
        !request.url.endsWith('/script.js') &&
        pathname !== '/dzziqEPxnCcWmU0R/bkIiX3dl0JVgB7mw' &&
        pathname !== '/service_worker.js' &&
        pathname !== '/robots.txt'
      ) {
        try {
          await env.DB.prepare(
            "INSERT INTO accesslog (ip, time, path) VALUES (?1, ?2, ?3)"
          ).bind(ip, time, pathname).run();
        } catch (error: any) {
          console.error(`Error while inserting row into accesslog table: ${error}`);
          return Response.json({ message: `Error while inserting row into accesslog table: ${error.stack}` });
        }
      }

      return fetch(request);
    }
  },
};

{
    "message": "Error while checking rows: Error: D1_ERROR\n    at D1Database._send (worker.js:149:13)\n    at async D1PreparedStatement.all (worker.js:215:7)\n    at async Object.fetch (worker.js:11:18)"
}

It works with few users. but it does not work when there are many instant requests.😕

elithrarOP•2y ago

What is “many” here? How are you testing?

lokiwind•2y ago

Instant 5k request I wonder what I'm doing wrong. Does the D1 database have a request limit

elithrarOP•2y ago

5k RPS with (potentially) multiple queries - you're likely going to hit the limits of the alpha right now. You're also (potentially) calling the Rate Limiting API many, many times per 5 minutes, which will cause you to get rate limited there as well.

lokiwind•2y ago

Hmm.Thank you How do you suggest I solve this problem

elithrarOP•2y ago

A rate limiting rule (https://developers.cloudflare.com/waf/rate-limiting-rules/request-rate/) would probably do this for you and be much more scalable (and cheaper...) - e.g. a rule that rate limits IPs by path - https://developers.cloudflare.com/waf/rate-limiting-rules/parameters/

Gaming

Programming

Better to post it here we can t formally