cloud-hosting-platform/haproxy-manager-base
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
04c98b1c1b05f3c6f077b8ec877e8ab3d6c02096
haproxy-manager-base/trusted_ips.map
Josh Knapp 1ff51da6f0
All checks were successful
Build and push coraza-spoa / Build-and-Push (push) Successful in 1m49s
Details
HAProxy Manager Build and Push / Build-and-Push (push) Successful in 1m55s
Details
sanitize public mirror: drop personal IP and infra/customer hostnames 
- trusted_ips.{list,map}: replace home IP with 127.0.0.1 + usage notes
- skill: resolve deploy host from gitignored target-host.local, ask if unset
  (no hardcoded server FQDN); customer host in WAF test -> <live-vhost>
- README / coraza README: registry FQDN in run examples -> placeholder
- 403 block page: drop hardcoded support link -> contact provider support
- CLAUDE.md: note whitelist files ship without real IPs
- .gitignore: ignore target-host.local and *.local

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-04 06:32:15 -07:00

10 lines
547 B
Plaintext
Raw Blame History

# Real-IP whitelist for proxy-header matching — exempt from HAProxy rate limits.
# Format: "<IP> 1" (one per line). Referenced by templates/hap_listener.tpl:
# acl is_whitelisted var(txn.real_ip),map_ip(/etc/haproxy/trusted_ips.map,0) -m int gt 0
#
# Add trusted real IPs below. Do NOT commit real/personal IPs to this repo —
# it is mirrored publicly. Keep real entries in an untracked local copy, or add
# them directly on the server (the file lives in the /etc/haproxy named volume
# and persists across container recreates).
127.0.0.1 1
Reference in New Issue View Git Blame Copy Permalink