FreePenGateway is a reverse proxy application built with ASP.NET Core and YARP (Yet Another Reverse Proxy) that provides a gateway to access FreePen.net.
This application acts as an intermediary between users and FreePen.net, forwarding requests to the target website while modifying request headers to ensure proper functionality. It can be used to:
- Provide alternative access to FreePen.net content
- Bypass certain network restrictions
- Create a customized access point for FreePen.net
- Full request forwarding to FreePen.net
- Automatic header modification to ensure proper routing
- HTTPS redirection for secure connections
- HTTP Strict Transport Security (HSTS) for enhanced security
- Configurable reverse proxy settings
- .NET 9.0 SDK or later
- A valid SSL certificate (for production deployments)
-
Clone the repository:
git clone https://github.com/yourusername/FreePenGateway.git cd FreePenGateway -
Build the application:
dotnet build -
Run the application:
dotnet run
The application will start and listen on the configured ports (by default, http://localhost:5000 and https://localhost:5001).
The application is configured through the appsettings.json file. The main configuration section is ReverseProxy, which defines the routes and clusters for the YARP reverse proxy.
Routes define how incoming requests are matched and transformed before being forwarded to the destination.
"Routes": {
"all": {
"ClusterId": "freepen_cluster",
"Match": {
"Path": "{**catch-all}"
},
"Transforms": [
{
"RequestHeader": "Host",
"Set": "www.freepen.net"
},
{
"RequestHeader": "Origin",
"Set": "https://www.freepen.net"
},
{
"RequestHeader": "Referer",
"Set": "https://www.freepen.net/"
}
]
}
}Clusters define the destination servers where requests will be forwarded.
"Clusters": {
"freepen_cluster": {
"Destinations": {
"destination1": {
"Address": "https://www.freepen.net/"
}
}
}
}- HTTPS Redirection: All HTTP requests are automatically redirected to HTTPS.
- HTTP Strict Transport Security (HSTS): Ensures that browsers always use HTTPS for future requests.
- Exception Handling: Production environments use a dedicated error handler to prevent leaking sensitive information.
- Rate Limiting: Consider implementing rate limiting to prevent abuse.
- IP Filtering: Restrict access to trusted IP addresses if the gateway is intended for specific users.
- Authentication: Add authentication if the gateway should be accessible only to authorized users.
- Regular Updates: Keep the application and its dependencies up to date to address security vulnerabilities.
- Logging and Monitoring: Implement comprehensive logging and monitoring to detect and respond to suspicious activities.
- Content Security Policy: Configure appropriate Content Security Policy headers to mitigate XSS attacks.
To add authentication to the gateway, modify the Program.cs file to include authentication services and middleware:
// Add authentication services
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options => {
// Configure JWT options
});
// Add authorization services
builder.Services.AddAuthorization();
// In the request pipeline
app.UseAuthentication();
app.UseAuthorization();To add rate limiting, use the built-in rate limiting middleware in ASP.NET Core:
// Add rate limiting services
builder.Services.AddRateLimiter(options =>
{
options.GlobalLimiter = PartitionedRateLimiter.Create<HttpContext, string>(context =>
{
return RateLimitPartition.GetFixedWindowLimiter(
partitionKey: context.Connection.RemoteIpAddress?.ToString() ?? "anonymous",
factory: partition => new FixedWindowRateLimiterOptions
{
AutoReplenishment = true,
PermitLimit = 100,
QueueLimit = 0,
Window = TimeSpan.FromMinutes(1)
});
});
});
// In the request pipeline
app.UseRateLimiter();This project is licensed under the MIT License - see the LICENSE file for details.
This application is provided for educational and legitimate use cases only. Users are responsible for ensuring their use of this tool complies with all applicable laws, regulations, and terms of service for the target website.