ad3fa90ca874db73ed3e9109d468ef3cd5db9797 max Mon Dec 15 11:09:30 2025 -0800 documenting the cloudflare captcha, no redmine, email from Hiram diff --git src/hg/htdocs/goldenPath/help/mirrorManual.html src/hg/htdocs/goldenPath/help/mirrorManual.html index caba5516201..f2ba721e539 100755 --- src/hg/htdocs/goldenPath/help/mirrorManual.html +++ src/hg/htdocs/goldenPath/help/mirrorManual.html @@ -23,30 +23,31 @@

Adding your own track groups to the browser

Adding your own tracks to the browser

Adding a new, custom (non-UCSC) genome to the browser

Modifying the source code

Custom Track Database

Debugging the CGI binaries

Notes on security

Proxy support

Support for cloud URLs

The UDC local cache directory

Activating CRAM support for the Genome Browser.

Using FreeType font support for anti-aliased text

Building the kent source tree.

Adding a track hub to your hubPublic table so it appears under My Data > Track Hubs

Make the API work in the same way as on the public website

Set up the Cloudflare captcha

Overview of the Genome Browser directories and databases

The genome browser requires only Apache and MariaDB and uses these directories:

static html files: we typically keep them under /usr/local/apache/htdocs and configure Apache to load them from there, to avoid conflicts with the distribution of the Linux default location /var/www/html
MariaDB databases: most of them are read-only, except the hgcentral database which is read-write. Most linux distributions keep these under /var/lib/mysql. (It is possible to get the genome browser to work with MySQL after version 8, but we do highly discourage it, as our download procedures use MyISAM .frm @@ -2676,17 +2677,36 @@ Options Indexes FollowSymLinks MultiViews Includes AllowOverride None Require all granted </Directory> AddOutputFilterByType DEFLATE text/html text/plain text/css text/javascript application/x-javascript application/json application/javascript SSLEngine on SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite HIGH:3DES:!aNULL:!MD5:!SEED:!IDEA SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key SSLCertificateChainFile /etc/httpd/conf/ssl.crt/chain.crt Header set Access-Control-Allow-Origin "*" Header set Access-Control-Allow-Headers "Range" </VirtualHost> + +
Set up the Cloudflare captcha
+ +
+Go to Cloudflare.com, make an account, login, go to Application Security > +Turnstile, click "Add Widget", make sure that you enter your publicly visible +hostname of your web server. Copy the API site key and secret and put it into +your cgi-bin/hg.conf file: +
+ +
```
# Turns on cloudflare turnstile captcha
+cloudFlareSiteKey=0x4xxxxxxxxxxxxxxx
+cloudFlareSecretKey=0x4xxxxxxxxxxxxx
```
+ +
+Not need to restart Apache, at the next access to the browser, a one-click captcha will come up. +The captcha comes up only a single time, once a unique cookie is set, it will never come up again. +
+