JDownloader Community - Appwork GmbH
 

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 21.07.2021, 08:14
Coldblackice Coldblackice is offline
Wind Gust
 
Join Date: Sep 2019
Location: San Francisco
Posts: 40
Default [Cloudflare] I've lost downloads because of "AntiDDOS"

How in the world do we disable the "anti DDOS" module?

JDownloader has been my dependable go-to, but this is the most frustrating issue I've had with JD2. I've lost downloads due to this module activating and not knowing it. It doesn't help that JD doesn't give any notice or warning that it's been activated, the only way to know is manually scrolling over the Downloads screen and happen to see a cell flagged, which counters usefulness of automated linkgrabber/packagerizer rules if you have to "babysit" the downloads screen continually.

Further frustrating is it seems to activate at random without any clear pattern or ruleset. Is there a per-host ruleset?

This really should be explained in settings. Unless I'm overlooking it, there is zero mention of it anywhere in settings, even under advanced. Was it quietly introduced recently so people wouldn't notice it?

And for the record, I'm nowhere even close to "DDoSing" a host with downloads or anything. That's what's perhaps most frustrating of all.

How do I go about disabling this? TIA
Reply With Quote
  #2  
Old 21.07.2021, 11:08
raztoki's Avatar
raztoki raztoki is offline
English Supporter
 
Join Date: Apr 2010
Location: Australia
Posts: 17,659
Default

Hi
The antiDDoS as you referenced isn't something you can turn on or off, its just a function of the browser. I made this with assistance with coalado and jiaz many year ago. It wont be the cause of your failure per se, it just doesn't work with cloudflare at this time. They changed how there website works and actively fight non standard browsers which add support (google this or look on our forum) for it. Without the that support within JD Browser, and if the website is under attack or has permanent protection mode is active you wont be able to crawl or download with JDownloader.
__________________
raztoki @ jDownloader reporter/developer
http://svn.jdownloader.org/users/170

Don't fight the system, use it to your advantage. :]
Reply With Quote
  #3  
Old 22.07.2021, 11:45
Coldblackice Coldblackice is offline
Wind Gust
 
Join Date: Sep 2019
Location: San Francisco
Posts: 40
Default

Quote:
Originally Posted by raztoki View Post
Hi
The antiDDoS as you referenced isn't something you can turn on or off, its just a function of the browser. I made this with assistance with coalado and jiaz many year ago. It wont be the cause of your failure per se, it just doesn't work with cloudflare at this time. They changed how there website works and actively fight non standard browsers which add support (google this or look on our forum) for it. Without the that support within JD Browser, and if the website is under attack or has permanent protection mode is active you wont be able to crawl or download with JDownloader.
So it's not JD that's blocking the download, it's entirely Cloudflare's block? And if so, the block only happens because CF detects JD's browser?

If so, does that mean if JD were to use a Mozilla user-agent, for example -- theoretically -- the block wouldn't occur?

(hypothetical question for understanding, I'm not suggesting JD fake a user-agent)
Reply With Quote
  #4  
Old 22.07.2021, 12:42
pspzockerscene's Avatar
pspzockerscene pspzockerscene is offline
Community Manager
 
Join Date: Mar 2009
Location: Deutschland
Posts: 71,140
Default

Quote:
Originally Posted by Coldblackice View Post
So it's not JD that's blocking the download, it's entirely Cloudflare's block? And if so, the block only happens because CF detects JD's browser?
No:
1. Cloudflare is not directly "blocking" JD but executing their verification procedure either requires a real browser or complex scripting capabilities --> This is enough work for an entire separate project.
You will not find any open source prjects at this moment capable of handling Cloudflare automatically.

2. User-Agent:
No this will not help.
If it was that simple, we'd have already implemented it this way.
For more information please read our Cloudflare thread.

-psp-
__________________
JD Supporter, Plugin Dev. & Community Manager

Erste Schritte & Tutorials || JDownloader 2 Setup Download
Spoiler:

A users' JD crashes and the first thing to ask is:
Quote:
Originally Posted by Jiaz View Post
Do you have Nero installed?
Reply With Quote
  #5  
Old 22.07.2021, 14:06
raztoki's Avatar
raztoki raztoki is offline
English Supporter
 
Join Date: Apr 2010
Location: Australia
Posts: 17,659
Default

Then no, not really. now, yes slightly more so in the detection/prevention of access within a challenge event. It prevents non standard browser access more so than specific to just JD Browser.
The detection methods back when was just entry traffic into said website, and totally out of your control as it was backend analysis.
So once a protection event happened they typically issued a challenge, first mode was just a simple javascript function, second mode was recapthca.

How I recall it previously working, Cloudflare initiate a block until challenge is complete, this can be for
- global attack
- geo/regional specific
- from collective exit points for example VPN, or TOR. This was/is deemed as not normal traffic, and typically as result they had to answer recaptcha more often.
- setting/config, website admins sometimes enforce it for some reason js or recaptcha

And as Psp indicated user-agent will not fly. It used to play no influence even when support worked.

I have not really looked into the latest Cloudflare, other than following some others trying to figure it out. A little information from Cloudflare themselves, I did read that they introduced AI backend. I find 'AI' over used term like 'cloud', so the extent of their AI backend I have no idea really. I haven't the time to focus on JD as I used to, but it would be nice to support Cloudflare again. Our presence was never negative to the platform (we never produce DDoS like events in the traditional sense) it would have actually complemented, even though we are semi automated program/workflow.

hope that helps
__________________
raztoki @ jDownloader reporter/developer
http://svn.jdownloader.org/users/170

Don't fight the system, use it to your advantage. :]

Last edited by raztoki; 22.07.2021 at 14:53. Reason: last paragraph
Reply With Quote
  #6  
Old 23.07.2021, 03:08
BJN01 BJN01 is offline
JD Adviser
 
Join Date: Jan 2020
Posts: 113
Default

I'm not an expert (actually, the opposite) but, even after reading the other topic on "Cloudflare thread", and other thing on net I have a doubt, so I hope you don't hate if I ask:

when i found this:
<< the necessary data (cookies and user agent) useful to bypass Cloudflare and similar anti-bot protections >> .... whats? why? [**External links are only visible to Support Staff****External links are only visible to Support Staff**

I noticed that a program specialized in manga-comic dl has found the problem with the help of a browser app.

in disbelief I tried and apparently it works.

the basic idea seems simple:

if the program is blocked,
- open the browser, go to the link page
- wait for the page to load and click on the "assistance" app.
-..... now copy the text and past in the programm .

and the download really start !

I'm not saying to write a browser app, but why not experiment with this one that already exists?

something like:
- if JD gets blocked X times
- JD open the link in the user default browser
- JD asks at the user << copi the test from the app>>.


[ and then cookee etc change every time? wouldn't it be enough to report them once? or at last one time for session ?]

Last edited by Jiaz; 23.07.2021 at 19:26.
Reply With Quote
  #7  
Old 23.07.2021, 14:27
pspzockerscene's Avatar
pspzockerscene pspzockerscene is offline
Community Manager
 
Join Date: Mar 2009
Location: Deutschland
Posts: 71,140
Default

The browser solution has already been mentioned in the Cloudflare thread and it might be the only possible (public) solution.
At this moment we do not have the time and manpower to realize this.
Also as mentioned in the Cloudflare thread, admins can "unlock" JD at any time if wanted.
A lot of admins still got Cloudflare mistakenly configured in a way that it blocks legit users.
I do not see a solution for this any time in the near future.

What's the name of that manga download project?
__________________
JD Supporter, Plugin Dev. & Community Manager

Erste Schritte & Tutorials || JDownloader 2 Setup Download
Spoiler:

A users' JD crashes and the first thing to ask is:
Quote:
Originally Posted by Jiaz View Post
Do you have Nero installed?
Reply With Quote
  #8  
Old 23.07.2021, 14:35
Jiaz's Avatar
Jiaz Jiaz is offline
JD Manager
 
Join Date: Mar 2009
Location: Germany
Posts: 79,342
Default

@BJN01: Thanks for the hint. I've tested this in the past (UA+Cookies) and did not succeed, but maybe oversaw something. I will check as soon as I find time
__________________
JD-Dev & Server-Admin
Reply With Quote
  #9  
Old 23.07.2021, 17:11
BJN01 BJN01 is offline
JD Adviser
 
Join Date: Jan 2020
Posts: 113
Default

Quote:
Originally Posted by pspzockerscene View Post
What's the name of that manga download project?
Edit by jiaz: already found and linked

Last edited by Jiaz; 23.07.2021 at 19:27.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT +2. The time now is 11:42.
Provided By AppWork GmbH | Privacy | Imprint
Parts of the Design are used from Kirsch designed by Andrew & Austin
Powered by vBulletin® Version 3.8.10 Beta 1
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.