Hi,
On 2.9.2013 8:55, Willy Tarreau wrote:
backend web29
stick-table type ip size 50k expire 120m store gpc0,http_req_rate(120s)
tcp-request content track-sc2 src if METH_POST
stick store-request src if METH_POST
acl bruteforce_detection sc2_http_req_rate gt 5
acl foo sc2_inc_gpc0 gt 0
http-request deny if foo bruteforce_detection
server web29 94.199.58.249:80 check
I think that with the fix above it will work. BTW, you don't need
the "stick store-request" statement, but I suspect you used it to
debug the issue.
This works on backend side.. but how do I get that sc2_get_gpc0 working
on frontend?
Idea is that I will have multiple backends but once one backend detects
certain IP being over the limit it would be blocked already on the frontend.
Some reason the "acl flagged_as_abuser sc2_get_gpc0 gt 0" doesn't now
evaluate true when using:
use_backend bk_login_abusers if flagged_as_abuser
Thanks in advance,
Toni Mattila
