Hi,
I want to block repeating post requests using form-data and/or x-www-form-urlencoded if more than 5 times within 30 minutes, the following configuration is working but if there is a change in the value in form-data the requests are still being blocked even though its totally a new request. really appreciate any help on this. Thanks in advance.
I’m using HAProxy version 2.4.9, my current settings as follow:
listen webfarm
bind :443 ssl crt /etc/haproxy/certs/ssl-cert.pm
acl services path_beg /services
http-request set-header X-DOS-Protect %[src];%[req.fhdr(host)]%[capture.req.uri] if services
backend app_server
stick-table type integer size 1m expire 30m store http_req_rate(30m)
tcp-request inspect-delay 5s
tcp-request content track-sc0 req.fhdr(X-DOS-Protect),crc32(1) if HTTP
acl services path_beg /services
http-request deny deny_status 429 if { sc0_http_req_rate gt 5 } services
server webserver01 localhost:8080 check inter 30s
errorfile 503 /etc/haproxy/errors/maintenance.htm1 post - 1 participant