diff --git a/templates/hap_header.tpl b/templates/hap_header.tpl
index bbc1e0a..6382447 100644
--- a/templates/hap_header.tpl
+++ b/templates/hap_header.tpl
@@ -45,6 +45,6 @@ defaults
     timeout server          10m
     timeout http-keep-alive 120s
     timeout check           10s
-    timeout tarpit          60s  # Maximum tarpit time for exploit scanners
+    timeout tarpit          30s  # Tarpit delay for detected scanners (fixed in HAProxy 3.0)
     maxconn                 3000
     
\ No newline at end of file
diff --git a/templates/hap_listener.tpl b/templates/hap_listener.tpl
index 0d0ad8b..7634cc6 100644
--- a/templates/hap_listener.tpl
+++ b/templates/hap_listener.tpl
@@ -58,34 +58,12 @@ frontend web
     # Only block after significant error accumulation
     http-request deny deny_status 429 if scanner_critical
     
-    # ESCALATING TARPIT RULES - Progressive delays based on offense level
-    # HAProxy 3.0 requires setting timeout before tarpit action
+    # TARPIT RULES - Apply tarpit to detected scanners
+    # HAProxy 3.0 uses global 'timeout tarpit' (60s) for all tarpit actions
+    # We track escalation level but all tarpits use same timeout
+    # The escalation level helps identify repeat offenders
     
-    # Level 0 (first offense): Short delays (2-5 seconds)
-    http-request set-timeout tarpit 2s if scanner_low escalation_level_0
-    http-request set-timeout tarpit 3s if scanner_medium escalation_level_0
-    http-request set-timeout tarpit 5s if scanner_high escalation_level_0
-    http-request set-timeout tarpit 5s if burst_scanner escalation_level_0
-    
-    # Level 1 (second offense): Medium delays (8-15 seconds)
-    http-request set-timeout tarpit 8s if scanner_low escalation_level_1
-    http-request set-timeout tarpit 12s if scanner_medium escalation_level_1
-    http-request set-timeout tarpit 15s if scanner_high escalation_level_1
-    http-request set-timeout tarpit 10s if burst_scanner escalation_level_1
-    
-    # Level 2 (third offense): Long delays (20-45 seconds)
-    http-request set-timeout tarpit 20s if scanner_low escalation_level_2
-    http-request set-timeout tarpit 30s if scanner_medium escalation_level_2
-    http-request set-timeout tarpit 45s if scanner_high escalation_level_2
-    http-request set-timeout tarpit 25s if burst_scanner escalation_level_2
-    
-    # Level 3+ (repeat offender): Maximum delays (60 seconds)
-    http-request set-timeout tarpit 60s if scanner_low escalation_level_3
-    http-request set-timeout tarpit 60s if scanner_medium escalation_level_3
-    http-request set-timeout tarpit 60s if scanner_high escalation_level_3
-    http-request set-timeout tarpit 60s if burst_scanner escalation_level_3
-    
-    # Apply the tarpit action after setting the appropriate timeout
+    # Apply tarpit to any detected scanner
     http-request tarpit deny_status 429 if scanner_low or scanner_medium or scanner_high or burst_scanner
     
     # Increment escalation level when we apply tarpit