On Wed, Jun 18, 2014 at 5:51 PM, Baptiste <[email protected]> wrote: > On Wed, Jun 18, 2014 at 8:09 AM, Andrew Kroenert <[email protected]> wrote: > > Hey Guys, > > > > Im trying to tarpit based on Unique IP and specific URL. I started with > the > > following: > > > > listen web > > ... > > # Track IP over 60sec, if http_req rate greater than 20 AND > > page.html, send > > # to new backend with tarpit only. > > stick-table type ip size 1m expire 60s store > gpc0,http_req_rate(60s) > > tcp-request connection track-sc1 src > > tcp-request connection reject if { src_get_gpc0 gt 0 } > > > > acl ratelimiteIP src_http_req_rate ge 20 > > acl showPage path_end page.html > > use_backend web-ratelimit if ratelimiteIP showPage > > > > backend web-ratelimit > > mode http > > fullconn 500 > > > > timeout tarpit 5s > > reqitarpit . > > > > > > The above example works to a degree, but not what I was hoping for. I am > > only sending to a new backend to easily see results in the stats web > page. > > > > The above example tracks all IP requests, and if the url matches > page.html > > it blocks it (Example: 100x req to index.html and 1 req to page.html > would > > trigger) . I am hoping to track ONLY ip addresses going to a specific > URL, > > not all in general. > > > > I then moved onto the following example: > > > > listen web > > ... > > acl showPage path_end page.html > > acl ratelimitIP sc1_get_gpc0 ge 0 > > stick-table type binary len 20 size 500 store gpc0 > > > > tcp-request content track-sc1 url32+src if showPage > > use_backend web-ratelimit if ratelimitIP > > > > backend web-ratelimit > > mode http > > fullconn 500 > > > > timeout tarpit 5s > > reqitarpit . > > > > But this doesnt seem to track them correctly. > > > > Anyone have any pointers or a working config on url32+src? would be > greatly > > appreciated? > > > > Thanks > > > > Andrew > > > > > > Hi Andrew, > > You pick up your example from the blog post related to brute force > protection. > In such case you just want to protect a particular URL from being > hitting too much. > URL: > http://blog.haproxy.com/2013/04/26/wordpress-cms-brute-force-protection-with-haproxy/ > > Now, if you explain us your needs, we may be able to help you. > > Baptiste >
Thanks Baptiste, I had followed the article but I thought it was either backend OR frontend, not both. I have configured both and it is working as expected, Once I configured the peers section. Thanks Again.
