Simplified captcha cookie

Until I found that pesky bug!

action.php

@@ -314,7 +314,7 @@ class action_plugin_botmon extends DokuWiki_Action_Plugin {
 
 		$today = substr((new DateTime())->format('c'), 0, 10);
 
-		$raw = $this->getConf('captchaSeed') . '|' . $_SERVER['SERVER_NAME'] . '|' . $_SERVER['REMOTE_ADDR'] . '|' . $today;
+		$raw = $this->getConf('captchaSeed') /*. '|' . $_SERVER['SERVER_NAME'] . '|' . $_SERVER['REMOTE_ADDR'] . '|' . $today */;
 		$expected = $raw; //hash('sha256', $raw);
 
 		// for debugging: write captcha data to the log:
@@ -330,13 +330,16 @@ class action_plugin_botmon extends DokuWiki_Action_Plugin {
 	 */
 	private function writeCaptchaLog($remote_addr, $cookieVal, $serverName, $expected) {
 
+		global $INFO;
+
 		$logArr = Array(
 			$remote_addr, /* remote IP */
 			$cookieVal, /* cookie value */
 			$this->getConf('captchaSeed'), /* seed */
 			$serverName, /* server name */
 			$expected, /* expected cookie value */
-			$cookieVal == $expected /* cookie matches expected value? */
+			($cookieVal == $expected ? 'MATCH' : 'WRONG'), /* cookie matches expected value? */
+			$_SERVER['REQUEST_URI'] /* request URI */
 		);
 
 		//* create the log line */

captcha.js

@@ -168,15 +168,16 @@ const $BMCaptcha = {
 			try {
 				var $status = 'loading';
 
-				// generate the hash:
-				const dat = [ // the data to encode
+				// generate the hash: -- disabled until I found the pesky bug in the digest
+				/*const dat = [ // the data to encode
 					document._botmon.seed || '',
 					location.hostname,
 					document._botmon.ip || '0.0.0.0',
 					(new Date()).toISOString().substring(0, 10)
-				];
+				]; */
 				//if ($BMCaptcha._st - performance.now() >= 0) dat.push($BMCaptcha._st - performance.now());
-				const hash = /*$BMCaptcha.digest.hash(*/dat.join('|')/*)*/;
+				//const hash = $BMCaptcha.digest.hash(dat.join('|'));
+				const hash = document._botmon.seed || ''
 
 				// set the cookie:
 				document.cookie = "DWConfirm=" + encodeURIComponent(hash) + ';path=/;hostOnly;session;sameSite=strict;'

config/default-config.json

@@ -2,7 +2,7 @@
 	"threshold": 100,
 	"rules": [
 		{"func": "fromKnownBotIP",
-		 "id": "botIpRange", "desc": "Common Bot IP range",
+		 "id": "knownIpRange", "desc": "From known IP range",
 		 "bot": 40
 		},
 		{"func": "matchesClient", "params": ["aol","msie","ffold","chromeold","oldedge","operaold"],
@@ -57,9 +57,13 @@
 		 "id": "impPC", "desc": "Impossible combination of platform and client",
 		 "bot": 70
 		},
+		{"func": "loadSpeed", "params": [3, 10],
+		 "id": "speedRun", "desc": "Average time between page loads is less than 10 seconds",
+		 "bot": 30
+		},
 		{"func": "loadSpeed", "params": [3, 20],
 		 "id": "speedRun", "desc": "Average time between page loads is less than 20 seconds",
-		 "bot": 60
+		 "bot": 30
 		},
 		{"func": "noAcceptLang",
 		 "id": "noAcc", "desc": "No “Accept-Language” header",