Hi, Just to let you know I have added a feature to the modsecurity contrib to enable it to get the client Real IP Address through an extra param in the SPOE template. This way, standalone modsecurity has access to the REAL IP and you can enable features relying on the client real IP (DDOS, RBL, etc...)
https://github.com/jbrunicardi/haproxy-2.1/tree/master/contrib/modsecurity [modsecurity] spoe-agent modsecurity-agent messages check-request option var-prefix modsec timeout hello 100ms timeout idle 30s timeout processing 15ms use-backend spoe-modsecurity spoe-message check-request args src unique-id method path query req.ver req.hdrs_bin req.body_size req.body event on-frontend-http-request Maybe you find it interesting! Best regards. [itssimple] Meytel S.L. C/ Villamiel de Cáceres 13 28042 Madrid ¡Suscribete a nuestro newsletter! https://www.meytel.net/suscribete-a-nuestro-newsletter/ * 91 741 65 79 / F: 91 320 78 24 directo: 91 142 05 55 https://www.meytel.net<https://www.meytel.net/> @meytel @nocmeytel Status e intervenciones programadas<http://status.hosting-meytel.net/> Portal de Soporte<https://spoc.meytel.net/> horario oficina: 9-17 (l-j) 8-15 (v) soporte: ¡abiertos 25 horas al día!
