Inspired by a blog about wordpress bruteforce protection  , i'm
trying to use this same kind of method in a frontend/backend configuration.
I did change the method from POST to GET, for easier testing, but that
doesn't matter for retrieving the gpc counter, does it?
So i was trying to use this:
tcp-request content track-sc1 base32+src if METH_GET login
It however doesn't seem to work using HAProxy 1.5.3, the acl containing
"sc1_get_gpc0 gt 0" never seems to get the correct gpc0 value, even
though i have examined the stick-table and the gpc0 value there is
If i change it to the following it starts working:
tcp-request content track-sc1 base32+src
Even though the use_backend in both cases checks those first criteria:
acl flagged_as_abuser sc1_get_gpc0 gt 0
use_backend pb3_453_http if METH_GET wp_login flagged_as_abuser
Am i doing something wrong, is the blog outdated, or was a bug
If more information perhaps -vv or full config is needed let me know,
thanks for any reply.
p.s. did anyone get my other emails a while back?