jknapp
0ee9e6cba8
All checks were successful
HAProxy Manager Build and Push / Build-and-Push (push) Successful in 50s
Final fix for HAProxy 3.0.11 syntax requirements: ACL Reference Resolution: - Removed all compound ACLs that referenced other ACLs - Updated all http-request rules to use base ACLs directly - HAProxy 3.0 does not allow ACL-to-ACL references Direct Base ACL Usage: - bot_scanner: Scanner user agent detection - scan_admin: Admin path scanning - scan_shells: Shell/exploit attempts - sql_injection: SQL injection patterns - directory_traversal: Path traversal attempts - wp_403_abuse: WordPress 403 failures - rate_abuse: Rate limit violations - suspicious_method: Dangerous HTTP methods - missing_accept_header: Missing browser headers - blacklisted: Blacklisted IPs - auto_blacklist_candidate: Auto-ban candidates Graduated Response System (Direct ACL Based): - Low threat (info): rate_abuse, suspicious_method, missing headers - Medium threat (warning + tarpit): sql_injection, directory_traversal, wp_403_abuse - High threat (alert + deny): bot_scanner, scan_admin, scan_shells - Critical threat (alert + deny): blacklisted, auto_blacklist_candidate Monitoring Updates: - Updated log parsing for base ACL names - Enhanced threat classification in monitoring scripts All syntax is now pure HAProxy 3.0.11 compatible while maintaining comprehensive security protection with graduated responses. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>