updated haproxy state

states/haproxy/templates/haproxy.cfg.j2

@@ -165,6 +165,7 @@ frontend fe_http from {{ haproxy.config.namespace }}
   acl path_root path /
   acl path_info path /info
   acl path_location path /location
+  acl version_http10 req.ver 1.0
 
   ## Basic rules
   http-request set-var(txn.srchash) src,crc32,mod(100)
@@ -173,6 +174,10 @@ frontend fe_http from {{ haproxy.config.namespace }}
   http-request set-var(req.host) req.hdr(Host)
   http-request set-var(req.accesshash) str(),concat(,req.src,),concat(-,req.host,)
 
+  ## Silent drop all external requests with no host header or HTTP/1.0
+  http-request silent-drop if !domains !internal
+  http-request silent-drop if version_http10
+
   ## Returns
   http-request return status 200 content-type text/plain string "User-agent: *\r\nAllow: /" if robots_txt
   http-request return status 200 content-type text/plain string "Contact: mailto:{{ haproxy.config.syscontact }}" if security_txt
@@ -215,6 +220,7 @@ frontend fe_https from {{ haproxy.config.namespace }}
   acl path_root path /
   acl path_info path /info
   acl path_location path /location
+  acl version_http10 req.ver 1.0
 
   ## Basic rules
   #http-request set-var(txn.random) rand,mul(5)
@@ -233,6 +239,7 @@ frontend fe_https from {{ haproxy.config.namespace }}
 
   ## Silent drop all external requests with no host header
   http-request silent-drop if !domains !internal
+  http-request silent-drop if version_http10
 
   ## DDoS
   http-request deny deny_status 429 if max_req_rate !internal