Hi -
I am exploring various solutions in order to implement some filtering
features (even basic ones) at the haproxy side. My goal is to get rid of
the most popular bots and vulnerability scanners.
Would someone aware of a way to perform such a filter with haproxy
using, say, the modsecurity CRS?
Another alternative could be to scan the haproxy logs with fail2ban or
equivalent. I was wondering if that could be a satisfying enough and if
some fail2ban rulesets could be already available for that.
Thanks in anticipation for any idea/pointers!
--
Olivier Le Cam
Département des Technologies de l'Information et des Communications
Académie de Versailles
