HAProxy Enterprise Documentation 1.8r2

Reject

You can reject a TCP connection or HTTP request by using one of the following directives in a frontend or listen section:

Directive	Result
`http-request reject`	Closes the connection without a response after a session has been created and the HTTP parser has been initialized. Use this if you need to evaluate the request's Layer 7 attributes (HTTP headers, cookies, URL).
`tcp-request content reject`	Closes the connection without a response once a session has been created, but before the HTTP parser has been initialized. These requests still show in your logs.
`tcp-request connection reject`	Closes the connection without a response at the earliest point, before a session has been created. These requests do not show in your logs.

A reject response closes the connection immediately without sending a response. The client's browser will display a "The connection was reset" error page.

In the following example, we reject requests originating from IP addresses we wish to block:

frontend www
   bind :80
   acl blocked_ip src -f /etc/hapee-1.8/blocklist.acl
   tcp-request connection reject if blocked_ip
   default_backend webservers

Next up

Silent Drop

More Versions

HAProxy Products Documentation

Reject

Your feedback is important to us!