justin/new-site
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
730 commits 2 branches 0 tags 96 MiB
Find a file
justin f481a1d13c analytics: filter email-scanner / headless traffic out of Umami stats 
Email security gateways (Microsoft Defender Safe Links / ATP, Proofpoint,
Mimecast, Barracuda, etc.) auto-fetch and often render every link in a
campaign email to scan for malware. The advanced ones drive a real headless
browser, execute JS, and fire Umami pageviews/clicks that masquerade as human
visits -- inflating campaign click-through.

New site/public/js/pw-bot-filter.js queries multiple real-browser signals and
gates Umami via its official data-before-send hook (umamiBeforeSend), dropping
all events when the visitor is a bot. Signals (from empirical chromium probing):
  decisive: navigator.webdriver, HeadlessChrome UA, known scanner UAs, zero/
            collapsed screen|viewport|outer geometry, window LARGER than the
            physical screen (impossible on real HW; uses outerW/H so page zoom
            does not false-positive), software GPU rasterizer (SwiftShader/
            llvmpipe/swrast via WebGL UNMASKED_RENDERER), zero logical CPUs.
  soft (>=2 to trip): tiny screen, inner>screen, low color depth, empty
            navigator.languages, no input device (no fine/coarse pointer + no
            hover + 0 touch), no WebGL on a desktop UA.
Designed to FAIL OPEN: only strong/corroborated evidence suppresses, so real
visitors (incl. zoomed, privacy-tooled, remote-desktop, kiosk) still count.

Wired before the Umami tag in Base.astro (Astro pages) and all 86 static
public/**/*.html pages; both load with defer so order is guaranteed and the
hook is defined before Umami reads it.

Tested end-to-end with chromium (site/tests/bot-filter.test.sh, 4/4):
default headless-new, spoofed-Windows-UA + normal 1366x768 window, and
spoofed-UA + 1x1 window are all caught; hook returns null to drop the event.
2026-06-18 02:02:34 -05:00
.claude/projects/-home-justin-projects-performancewest-new-site/memory Initial commit — Performance West telecom compliance platform 2026-04-27 06:54:22 -05:00
api CRTC: ERPNext as portal source of truth + harden discount expiry + carrier guide PDF 2026-06-17 23:34:13 -05:00
chrome-extension/fcc-access-helper Initial commit — Performance West telecom compliance platform 2026-04-27 06:54:22 -05:00
data otc: reincorporation email template + campaign builder 2026-06-14 06:58:43 -05:00
docs campaigns: auto-rollout catch-all pool gated by warmup day + live bounce rate 2026-06-18 01:39:09 -05:00
docserver docserver: self-healing Task Scheduler config + docs 2026-06-15 22:49:21 -05:00
erpnext build: pin payments to version-15 + stage apps in deploy.sh erpnext 2026-06-02 23:13:01 -05:00
frappe_adyen Initial commit — Performance West telecom compliance platform 2026-04-27 06:54:22 -05:00
frappe_ca_registry Fix flagged items: CRTC email submission, BITS todo, selector docs, stale plans 2026-05-04 11:33:45 -05:00
frappe_crypto Initial commit — Performance West telecom compliance platform 2026-04-27 06:54:22 -05:00
infra chore(email): decommission SMTP2GO references — local MTA only 2026-06-17 22:46:59 -05:00
mcp Initial commit — Performance West telecom compliance platform 2026-04-27 06:54:22 -05:00
monitoring fix(monitoring): render alertmanager.yml from template at deploy (fixes crash loop) 2026-06-07 04:49:53 -05:00
node-compile-cache/v25.1.0-x64-392347a2-1000 Initial commit — Performance West telecom compliance platform 2026-04-27 06:54:22 -05:00
performancewest_erpnext fix(erpnext): self-heal outgoing Email Account password from SMTP_* env 2026-06-17 09:48:28 -05:00
scripts campaigns: auto-rollout catch-all pool gated by warmup day + live bounce rate 2026-06-18 01:39:09 -05:00
site analytics: filter email-scanner / headless traffic out of Umami stats 2026-06-18 02:02:34 -05:00
src Initial commit — Performance West telecom compliance platform 2026-04-27 06:54:22 -05:00
test_screenshots Pivot CRTC offering on FCC carrier page for A-Z wholesale carriers 2026-06-02 13:26:39 -05:00
.gitignore gitignore: stray personal image 2026-06-10 12:35:56 -05:00
CLAUDE.md Update CLAUDE.md with complete deployment guide, infrastructure map, and key patterns 2026-04-28 02:54:44 -05:00
deploy.sh fix(deploy): hard-reset to origin/main + assert HEAD advanced (stop silent strands) 2026-06-16 09:25:11 -05:00
docker-compose.dev.override.yml dev: remap api(3002)/site(4323) ports in override to avoid prod collision on shared host 2026-06-05 23:07:22 -05:00
docker-compose.yml email: add plaintext MIME part + stable Message-ID hostname 2026-06-17 20:09:02 -05:00
extract-erpnext-assets.sh portal: serve /files/ (logo) from stable host path, fix recurring 403 2026-06-02 22:18:30 -05:00