updated haproxy state
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Paul 2024-07-17 00:04:13 +02:00
parent 00c68173c9
commit fde0651d53

View File

@ -165,6 +165,7 @@ frontend fe_http from {{ haproxy.config.namespace }}
acl path_root path / acl path_root path /
acl path_info path /info acl path_info path /info
acl path_location path /location acl path_location path /location
acl version_http10 req.ver 1.0
## Basic rules ## Basic rules
http-request set-var(txn.srchash) src,crc32,mod(100) http-request set-var(txn.srchash) src,crc32,mod(100)
@ -173,6 +174,10 @@ frontend fe_http from {{ haproxy.config.namespace }}
http-request set-var(req.host) req.hdr(Host) http-request set-var(req.host) req.hdr(Host)
http-request set-var(req.accesshash) str(),concat(,req.src,),concat(-,req.host,) http-request set-var(req.accesshash) str(),concat(,req.src,),concat(-,req.host,)
## Silent drop all external requests with no host header or HTTP/1.0
http-request silent-drop if !domains !internal
http-request silent-drop if version_http10
## Returns ## Returns
http-request return status 200 content-type text/plain string "User-agent: *\r\nAllow: /" if robots_txt http-request return status 200 content-type text/plain string "User-agent: *\r\nAllow: /" if robots_txt
http-request return status 200 content-type text/plain string "Contact: mailto:{{ haproxy.config.syscontact }}" if security_txt http-request return status 200 content-type text/plain string "Contact: mailto:{{ haproxy.config.syscontact }}" if security_txt
@ -215,6 +220,7 @@ frontend fe_https from {{ haproxy.config.namespace }}
acl path_root path / acl path_root path /
acl path_info path /info acl path_info path /info
acl path_location path /location acl path_location path /location
acl version_http10 req.ver 1.0
## Basic rules ## Basic rules
#http-request set-var(txn.random) rand,mul(5) #http-request set-var(txn.random) rand,mul(5)
@ -233,6 +239,7 @@ frontend fe_https from {{ haproxy.config.namespace }}
## Silent drop all external requests with no host header ## Silent drop all external requests with no host header
http-request silent-drop if !domains !internal http-request silent-drop if !domains !internal
http-request silent-drop if version_http10
## DDoS ## DDoS
http-request deny deny_status 429 if max_req_rate !internal http-request deny deny_status 429 if max_req_rate !internal