From 9a3afd61ed30ce144cce408c21a104ba36f53416 Mon Sep 17 00:00:00 2001 From: Sudo-Ivan Date: Sat, 27 Dec 2025 03:15:22 -0600 Subject: [PATCH] Update README.md --- README.md | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 3fa427c..bf631d5 100644 --- a/README.md +++ b/README.md @@ -7,13 +7,14 @@ A modern, high-performance software distribution platform for software built and - **Direct Gitea Integration**: Automatically fetches releases, assets, and metadata from your Gitea instance. - **High-Performance Proxy**: Proxies downloads with support for **Resumable Downloads (HTTP Range)** and modern transfer protocols. - **Security First**: - - Built-in bot protection and pattern-based request blocking. + - **Dynamic Bot Protection**: Supports external User-Agent blocklists with automatic daily updates and local caching. + - **Enhanced Fingerprinting**: Multi-header request fingerprinting (`IP`, `UA`, `Accept-Language`, `Accept-Encoding`, `Sec-CH-UA`) to prevent rate-limit collisions. + - **Secure Downloads**: Salted SHA256 download IDs to prevent "private" repository bypasses. - SSRF protection for proxy requests. - Automatic SHA256 checksum verification for assets. - **Throttling & Rate Limiting**: Intelligent download throttling (Default: 5MB/s, Speed downloaders: 1MB/s, Heavy users: 256KB/s) and global API rate limiting. -- **Internationalization (i18n)**: Multi-language support (English, German) with automatic browser detection. -- **Modern UI**: Clean, responsive dashboard with Dark Mode support. -- **RSS Updates**: Built-in RSS feed for tracking new software releases. +- **RSS Updates**: Secure XML-encoded RSS feed for tracking new software releases. +- **Internationalization (i18n)**: Multi-language support (English, German, Italian, Russian) with automatic browser detection. ## Upcoming @@ -25,6 +26,8 @@ A modern, high-performance software distribution platform for software built and - SBOM and SPDX viewer. - CDN support - GPG signatures verification +- OSV integration for vulnerability scanning. +- Container scanning ## Getting Started @@ -42,7 +45,9 @@ A modern, high-performance software distribution platform for software built and Another-Owner/Project-B ``` -2. **Environment Variables**: +2. **Bot Blocklist**: Create a `ua-blocklist.txt` to add URLs of User-Agent blocklists (one per line). These will be fetched and cached automatically. + +3. **Environment Variables**: - `GITEA_TOKEN`: Your Gitea personal access token (optional, required for private repos). - `NODE_ENV`: Set to `production` for production builds. @@ -59,7 +64,7 @@ A modern, high-performance software distribution platform for software built and 2. **Build and Run the Backend**: ```bash go build -o software-station . - ./software-station -t YOUR_TOKEN -s https://your-gitea-instance.com + ./software-station -t YOUR_TOKEN -s https://your-gitea-instance.com -ua-blocklist ua-blocklist.txt ``` ## Customization @@ -70,9 +75,10 @@ To add a new language: 2. Register the locale in `frontend/src/lib/i18n/index.ts`. ### Changing Security Rules -Modify `internal/security/constants.go` to adjust: +Modify `internal/security/constants.go` or `ua-blocklist.txt` to adjust: - `ForbiddenPatterns`: Block specific URL patterns. -- `BotUserAgents`: Block specific scrapers or bots. +- `BotUserAgents`: Block specific scrapers or bots (static list). +- `ua-blocklist.txt`: External lists for dynamic bot blocking. - `DefaultDownloadLimit`: Adjust the global download speed limit. ### UI Themes