Hi there, I’m seeing some traffic from what appears to be bad actors and am wanting to block them. I see this in the existing config but being new to haproxy, it doesn’t seem like it’s configured correctly but I’m not sure:
frontend main bind :80 acl bad_ip src acl bad_ip_proxy hdr_ip(X-Forwarded-For) tcp-request connection reject if bad_ip || bad_ip_proxy I’m presuming the ‘all bad_ip src’ is missing the actual source definitions? This is the type of traffic I’m wanting to block: GET /REDACTED/ HTTP/1.1 Host: REDACTED Accept: text/html,text/plain,text/xml,text/*,application/xml,application/xhtml+xml,application/rss+xml,application/atom+xml,application/rdf+xml,application/php,application/x-php,application/x-httpd-php User-Agent: Mozilla/5.0 (compatible; MJ12bot/v1.4.8; http://mj12bot.com/) Accept-Encoding: br,gzip Accept-Language: cs X-Forwarded-Proto: https X-SSL: 1 X-Forwarded-For: 65.21.233.213, 10.1.12.132 Via: 1.1 REDACTED X-Forwarded-Host: REDACTED X-Forwarded-Server: REDACTED Connection: close You can see the source listed (65.21.233.213) has a bad IP reputation: https://www.abuseipdb.com/check/65.21.233.213 I'm running haproxy 1.8 which I know is EOL'ed but thank you very much for any help! Best regards