HAProxy provides high-performance load balancing with powerful ACL-based IP filtering capabilities. This guide shows you how to integrate Fraudcache threat feeds.
HAProxy Overview
HAProxy is a high-performance load balancer and reverse proxy. Its ACL system and map files provide efficient IP-based access control.
Integration Methods
- Using ACLs - Create ACLs that match source IPs against a blocklist file and deny matching traffic.
- Using Map Files - For large blocklists, use map files for efficient O(1) lookups without performance degradation.
- Hot Reload Updates - Update blocklists without restarting HAProxy using the stats socket or map_set command.
Example HAProxy ACL configuration:
acl blocked_ips src -f /etc/haproxy/blocklist.txt
http-request deny if blocked_ips
Best Practices
Use Stick Tables
Combine IP blocking with rate limiting using stick tables for additional protection.
Log Blocked Connections
Configure logging to capture blocked source IPs for analysis and false positive detection.
Conclusion
HAProxy's efficient ACL and map file system makes it ideal for high-traffic environments. By integrating Fraudcache feeds with hot reload capability, you maintain current protection without service disruption.
Get HAProxy Feeds
Download blocklists for HAProxy integration.