On Sat, Sep 6, 2014 at 9:16 PM, PiBa-NL <piba.nl....@gmail.com> wrote:
> Hi list,
> Inspired by a blog about wordpress bruteforce protection [0] , i'm trying to
> use this same kind of method in a frontend/backend configuration.
> I did change the method from POST to GET, for easier testing, but that
> doesn't matter for retrieving the gpc counter, does it?
> So i was trying to use this:
> tcp-request content track-sc1  base32+src  if METH_GET login
> It however doesn't seem to work using HAProxy 1.5.3, the acl containing
> "sc1_get_gpc0 gt 0" never seems to get the correct gpc0 value, even though i
> have examined the stick-table and the gpc0 value there is increasing.
> If i change it to the following it starts working:
> tcp-request content track-sc1  base32+src
> Even though the use_backend in both cases checks those first criteria:
> acl flagged_as_abuser        sc1_get_gpc0 gt 0
> use_backend            pb3_453_http if METH_GET wp_login flagged_as_abuser
> Am i doing something wrong, is the blog outdated, or was a bug introduced
> somewhere?
> If more information perhaps -vv or full config is needed let me know,
> thanks for any reply.
> p.s. did anyone get my other emails a while back? [1]
> Kind regards,
> PiBa-NL
> [0]
> http://blog.haproxy.com/2013/04/26/wordpress-cms-brute-force-protection-with-haproxy/
> [1] http://marc.info/?l=haproxy&m=140821298806125&w=2


Plese let us know if you have  the following configuration lines (or
equivalent), before your tracking rule:
  tcp-request inspect-delay 10s
  tcp-request accept if HTTP


Reply via email to