Shadowban
You can shadowban a client, meaning send them a webpage or resource that looks like the real one, but is actually a fake. For example, you could send a fake login page to an attacker, which will never actually allow them to log in.
Use http-request return
to return an HTML file from the load balancer instead of relaying the request to the backend servers. Here, we return a fake login page:
frontend www
acl blocked_ip src -f /etc/hapee-2.4/blocklist.acl
http-request return content-type text/html file /srv/www/fake_login.html if { path_beg /login } blocked_ip
As another example, use http-request set-path
to change the URL path that the client requested before it reaches your backend servers.
In this case, every request for an image is changed to a request for the image sad-walrus.jpg:
frontend www
acl blocked_ip src -f /etc/hapee-2.4/blocklist.acl
http-request set-path /images/sad-walrus.jpg if { path_end .jpg .png .gif } blocked_ip
Next up
Silent Drop