Hi. I have this lines in the Table per_ip_and_url_rates. Is there a easy way to know which URL+src the key is?
# table: per_ip_and_url_rates, type: binary, size:1048576, used:56781 0x559813fc9200: key=xxx use=0 exp=85821390 http_req_rate(86400000)=27 0x7fef40373630: key=xxxx use=0 exp=86380499 http_req_rate(86400000)=4494 I used this blog post as base for the table. https://www.haproxy.com/blog/bot-protection-with-haproxy/ That's the backend definition with HA-Proxy version 2.1.4-1ppa1~bionic ``` frontend https-in bind :::443 v4v6 alpn h2,http/1.1 ssl ca-file {{ ansible_nodename }}/fullchain.pem crt /etc/ssl/haproxy/ tcp-request inspect-delay 5s tcp-request content accept if { req_ssl_hello_type 1 } # DNS labels are case insensitive (RFC 4343), we need to convert the hostname into lowercase # before matching, or any requests containing uppercase characters will never match. # http-request set-header Host %[req.hdr(Host),lower] # https://www.haproxy.com/blog/application-layer-ddos-attack-protection-with-haproxy/ http-request track-sc0 src table per_ip_rates # https://www.haproxy.com/blog/bot-protection-with-haproxy/ # track client's source IP + URL accessed in # per_ip_and_url_rates stick table http-request track-sc1 url32+src table per_ip_and_url_rates unless { path_end .css .js .png .gif } # Set the threshold to 15 within the time period acl exceeds_limit sc_gpc0_rate(0) gt 20 # Increase the new-page count if this is the first time # they've accessed this page, unless they've already # exceeded the limit #http-request sc-inc-gpc0(0) if { sc_http_req_rate(1) eq 1 } !exceeds_limit # Deny requests if over the limit #http-request deny deny_status 429 if exceeds_limit # 10 requests per second #http-request deny deny_status 429 if { sc_http_req_rate(0) gt 200 } # Strip off Proxy headers to prevent HTTpoxy (https://httpoxy.org/) http-request del-header Proxy declare capture request len 128 declare capture request len 148 declare capture request len 148 http-request capture req.hdr(host) len 148 # Add CORS response header acl is_cors_preflight method OPTIONS http-response add-header Access-Control-Allow-Origin "*" if is_cors_preflight http-response add-header Access-Control-Allow-Methods "GET,POST" if is_cors_preflight http-response add-header Access-Control-Allow-Credentials "true" if is_cors_preflight http-response add-header Access-Control-Max-Age "600" if is_cors_preflight use_backend be_nginx if { path_beg /.well-known/acme-challenge/ } use_backend %[req.hdr(host),lower,map(/etc/haproxy/haproxy_backend.map,be_default)] ``` Thanks for help. Cheers Aleks
