HAProxy Enterprise Documentation 1.9r1

Silent Drop

You can silently drop a client's HTTP request, which disconnects immediately without notifying the client that the connection has been closed. This means that HAProxy Enterprise frees any resources used for this connection. Clients will typically need to time out before they can release their end of the connection. Beware that silently dropping will affect any stateful firewalls or proxies in between HAProxy Enterprise and the client, since they will often hold onto the connection unaware that it has been disconnected.

In the example below, we use http-request silent-drop to silently drop clients that access a restricted file:

frontend www
   bind :80
   http-request silent-drop if { path_end /restricted.txt }
   default_backend webservers

Next up

Tarpit