qqq
qqq
PostsComments
CDCloudflare Developers
Created by qqq on 9/30/2023 in #general-help
cf worker spamming problem
avoiding everyone and here mention
13 replies
CDCloudflare Developers
Created by qqq on 9/30/2023 in #general-help
cf worker spamming problem
No description
13 replies
CDCloudflare Developers
Created by qqq on 9/30/2023 in #general-help
cf worker spamming problem
i am using a webhook not API
13 replies
CDCloudflare Developers
Created by qqq on 9/30/2023 in #general-help
cf worker spamming problem
is there a way to make it not sending the 
or
or
here``` mentions or a specific word I select ?
13 replies
CDCloudflare Developers
Created by qqq on 9/30/2023 in #general-help
cf worker spamming problem
If you want to try to prevent spam, I would set up turnstile on your form, and force people to solve it first and verify it in your worker. Example: https://github.com/cloudflare/turnstile-demo-workers/tree/main. It's not impossible to get around, but it raises the difficulty
I dont want people to solve anything but the website sends the message automatically without the visitor know about
13 replies
CDCloudflare Developers
Created by qqq on 9/30/2023 in #general-help
cf worker spamming problem
spam I got
13 replies
CDCloudflare Developers
Created by qqq on 9/30/2023 in #general-help
cf worker spamming problem
No description
13 replies
CDCloudflare Developers
Created by qqq on 9/30/2023 in #general-help
cf worker spamming problem
this is my worker.js code 
const webhook = "https://discord.com/api/webhooks/";

// Define rate limiting parameters
const rateLimitWindow = 60 * 1000; // 1 minute
const maxRequestsPerWindow = 5; // Maximum requests per minute

// Create an object to store request timestamps
const requestTimestamps = new Map();

export default {
  async fetch(request, env, ctx) {
    // Check if the request is from 'pain.lol'
    if (request.headers.get('Origin') === 'https://pain.lol') {
      if (request.method === 'OPTIONS') {
        // Handle preflight request (OPTIONS)
        return new Response(null, {
          status: 200,
          headers: {
            "Access-Control-Allow-Origin": "https://pain.lol",
            "Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, OPTIONS",
            "Access-Control-Allow-Headers": "Content-Type",
          },
        });
      } else if (request.method === 'POST') {
        // Check rate limiting
        const clientIP = request.headers.get("CF-Connecting-IP");
        const clientKey = `${clientIP}-${request.method}-${request.url}`;
        const now = Date.now();
        const timestamps = requestTimestamps.get(clientKey) || [];

        // Remove timestamps older than the rateLimitWindow
        const recentTimestamps = timestamps.filter((timestamp) => now - timestamp <= rateLimitWindow);

        if (recentTimestamps.length >= maxRequestsPerWindow) {
          return new Response("Rate limit exceeded", {
            status: 429,
            headers: {
              "Access-Control-Allow-Origin": "https://pain.lol",
            },
          });
        }

        // Update the timestamps
        timestamps.push(now);
        requestTimestamps.set(clientKey, timestamps);

        // Handle the actual POST request here
        const res = await fetch(webhook, {
          method: "POST",
          body: request.body,
          headers: {
            "content-type": "application/json",
          },
        });

        return new Response(null, {
          status: res.status,
          headers: {
            "Access-Control-Allow-Origin": "https://pain.lol",
          },
        });
      }
    } else {
      return new Response("403", {
        status: 403,
        headers: {
          "Access-Control-Allow-Origin": "https://pain.lol",
        },
      });
    }
  },
};
const webhook = "https://discord.com/api/webhooks/";

// Define rate limiting parameters
const rateLimitWindow = 60 * 1000; // 1 minute
const maxRequestsPerWindow = 5; // Maximum requests per minute

// Create an object to store request timestamps
const requestTimestamps = new Map();

export default {
  async fetch(request, env, ctx) {
    // Check if the request is from 'pain.lol'
    if (request.headers.get('Origin') === 'https://pain.lol') {
      if (request.method === 'OPTIONS') {
        // Handle preflight request (OPTIONS)
        return new Response(null, {
          status: 200,
          headers: {
            "Access-Control-Allow-Origin": "https://pain.lol",
            "Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, OPTIONS",
            "Access-Control-Allow-Headers": "Content-Type",
          },
        });
      } else if (request.method === 'POST') {
        // Check rate limiting
        const clientIP = request.headers.get("CF-Connecting-IP");
        const clientKey = `${clientIP}-${request.method}-${request.url}`;
        const now = Date.now();
        const timestamps = requestTimestamps.get(clientKey) || [];

        // Remove timestamps older than the rateLimitWindow
        const recentTimestamps = timestamps.filter((timestamp) => now - timestamp <= rateLimitWindow);

        if (recentTimestamps.length >= maxRequestsPerWindow) {
          return new Response("Rate limit exceeded", {
            status: 429,
            headers: {
              "Access-Control-Allow-Origin": "https://pain.lol",
            },
          });
        }

        // Update the timestamps
        timestamps.push(now);
        requestTimestamps.set(clientKey, timestamps);

        // Handle the actual POST request here
        const res = await fetch(webhook, {
          method: "POST",
          body: request.body,
          headers: {
            "content-type": "application/json",
          },
        });

        return new Response(null, {
          status: res.status,
          headers: {
            "Access-Control-Allow-Origin": "https://pain.lol",
          },
        });
      }
    } else {
      return new Response("403", {
        status: 403,
        headers: {
          "Access-Control-Allow-Origin": "https://pain.lol",
        },
      });
    }
  },
};
13 replies