I am trying to rate limit just the login page of a website with HAProxy in pfSense.
The rate limiting works, but not the page checking, so I am unsure on my logic/syntax.
[Logic] (?)
“If path = */login* then track http reqs”
“If http reqs = gt 300 then deny http”
https://website.domain.com/web/index.html#!/login*
[ACLs]
Name: check-page
Value: path_beg /web/index.html#!/login (?)
Name: rate-limit
Value: sc_http_req_rate(0) gt 300
[Actions]
Condition: check-page
Action: http-request track-sc0 src table backend_ipvANY
Condition: rate-limit
Action: http-request reject
1 post - 1 participant