diff --git a/data/botPolicies.yaml b/data/botPolicies.yaml index 3b8c1ee..ad7fb1a 100644 --- a/data/botPolicies.yaml +++ b/data/botPolicies.yaml @@ -95,53 +95,6 @@ bots: # weight: # adjust: -10 - # Assert behaviour that only genuine browsers display. This ensures that Chrome - # or Firefox versions - - name: realistic-browser-catchall - expression: - all: - - '"User-Agent" in headers' - - '( userAgent.contains("Firefox") ) || ( userAgent.contains("Chrome") ) || ( userAgent.contains("Safari") )' - - '"Accept" in headers' - - '"Sec-Fetch-Dest" in headers' - - '"Sec-Fetch-Mode" in headers' - - '"Sec-Fetch-Site" in headers' - - '"Accept-Encoding" in headers' - - '( headers["Accept-Encoding"].contains("zstd") || headers["Accept-Encoding"].contains("br") )' - - '"Accept-Language" in headers' - action: WEIGH - weight: - adjust: -10 - - # The Upgrade-Insecure-Requests header is typically sent by browsers, but not always - - name: upgrade-insecure-requests - expression: '"Upgrade-Insecure-Requests" in headers' - action: WEIGH - weight: - adjust: -2 - - # Chrome should behave like Chrome - - name: chrome-is-proper - expression: - all: - - userAgent.contains("Chrome") - - '"Sec-Ch-Ua" in headers' - - 'headers["Sec-Ch-Ua"].contains("Chromium")' - - '"Sec-Ch-Ua-Mobile" in headers' - - '"Sec-Ch-Ua-Platform" in headers' - action: WEIGH - weight: - adjust: -5 - - - name: should-have-accept - expression: - all: - - userAgent.contains("Mozilla") - - '!("Accept" in headers)' - action: WEIGH - weight: - adjust: 5 - # Generic catchall rule - name: generic-browser user_agent_regex: >- diff --git a/data/meta/default-config.yaml b/data/meta/default-config.yaml index 712ed0c..73e8a0d 100644 --- a/data/meta/default-config.yaml +++ b/data/meta/default-config.yaml @@ -79,53 +79,6 @@ # weight: # adjust: -10 -# Assert behaviour that only genuine browsers display. This ensures that Chrome -# or Firefox versions -- name: realistic-browser-catchall - expression: - all: - - '"User-Agent" in headers' - - '( userAgent.contains("Firefox") ) || ( userAgent.contains("Chrome") ) || ( userAgent.contains("Safari") )' - - '"Accept" in headers' - - '"Sec-Fetch-Dest" in headers' - - '"Sec-Fetch-Mode" in headers' - - '"Sec-Fetch-Site" in headers' - - '"Accept-Encoding" in headers' - - '( headers["Accept-Encoding"].contains("zstd") || headers["Accept-Encoding"].contains("br") )' - - '"Accept-Language" in headers' - action: WEIGH - weight: - adjust: -10 - -# The Upgrade-Insecure-Requests header is typically sent by browsers, but not always -- name: upgrade-insecure-requests - expression: '"Upgrade-Insecure-Requests" in headers' - action: WEIGH - weight: - adjust: -2 - -# Chrome should behave like Chrome -- name: chrome-is-proper - expression: - all: - - userAgent.contains("Chrome") - - '"Sec-Ch-Ua" in headers' - - 'headers["Sec-Ch-Ua"].contains("Chromium")' - - '"Sec-Ch-Ua-Mobile" in headers' - - '"Sec-Ch-Ua-Platform" in headers' - action: WEIGH - weight: - adjust: -5 - -- name: should-have-accept - expression: - all: - - userAgent.contains("Mozilla") - - '!("Accept" in headers)' - action: WEIGH - weight: - adjust: 5 - # Generic catchall rule - name: generic-browser user_agent_regex: >- diff --git a/docs/docs/CHANGELOG.md b/docs/docs/CHANGELOG.md index f2e7f39..73a8d1e 100644 --- a/docs/docs/CHANGELOG.md +++ b/docs/docs/CHANGELOG.md @@ -28,6 +28,7 @@ Anubis is back and better than ever! Lots of minor fixes with some big ones inte - Open Graph passthrough now reuses the configured target Host/SNI/TLS settings, so metadata fetches succeed when the upstream certificate differs from the public domain. ([1283](https://github.com/TecharoHQ/anubis/pull/1283)) - Stabilize the CVE-2025-24369 regression test by always submitting an invalid proof instead of relying on random POW failures. - Refine the check that ensures the presence of the Accept header to avoid breaking docker clients. +- Removed rules intended to reward actual browsers due to abuse in the wild. ### Dataset poisoning