jknapp
1eed03a3b6
All checks were successful
HAProxy Manager Build and Push / Build-and-Push (push) Successful in 51s
Implement progressive tarpit delays and threat detection to slow down attackers scanning for exploits. Features include: - Stick table to track attacks with 2-hour expiry - Escalating tarpit delays based on threat level and repeat offenses - Threat level detection (low/medium/high/critical) based on scan attempts - Rate-based attack detection for burst/sustained/persistent attacks - Automatic scan attempt tracking via HTTP error responses (400/401/403/404) - Detection of suspicious paths (admin panels, config files, etc.) - Trusted network bypass for local/monitoring systems - Progressive escalation levels that increase tarpit duration - Critical threat blocking with 429 status The system uses HAProxy's built-in tarpit mechanism to delay responses up to 60 seconds for persistent attackers, effectively slowing down vulnerability scanners while maintaining service for legitimate users. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>