jknapp
2b31fb9f4f
All checks were successful
HAProxy Manager Build and Push / Build-and-Push (push) Successful in 52s
Implements smart client IP detection to handle Cloudflare and other reverse proxies correctly, preventing legitimate traffic from being tarpited when behind a shared proxy IP. Changes: - Detect real client IP from proxy headers with priority order: 1. CF-Connecting-IP (Cloudflare) 2. X-Real-IP (common proxy header) 3. X-Forwarded-For (standard proxy header) 4. src (fallback to source IP if no headers) - Track real client IP in stick-table instead of proxy IP - Check real client IP for blocking rules - No need to maintain proxy IP lists - works automatically This ensures that: - Cloudflare and other CDN traffic is tracked per real client - Each actual user gets their own tarpit counter - Legitimate users aren't affected by attackers on the same proxy - Works automatically with any proxy that sets standard headers 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>