HAProxy DDoS protection configurator
| Channel | Revision | Published | Runs on |
|---|---|---|---|
| latest/edge | 37 | Today |
juju deploy haproxy-ddos-protection-configurator --channel edge
Deploy universal operators easily with Juju, the Universal Operator Lifecycle Manager.
Platform:
-
client-timeout | int
Timeout for client connections in seconds. Default is 50 seconds.
-
concurrent-connections-limit | int
Maximum number of concurrent connections per entry to trigger the limit policy.
-
deny-paths | string
Comma-seperated list of paths to deny.
-
error-rate-per-minute | int
Number of errors per minute per entry to trigger the limit policy.
-
http-keepalive-timeout | int
Timeout for HTTP keep-alive connections in seconds.
-
http-request-timeout | int
Timeout for HTTP requests in seconds.
-
ip-allow-list | string
Comma-separated list of IPv4 addresses or CIDR blocks to be allowed on both TCP and HTTP levels.
-
limit-policy-http | string
Policy to be applied when HTTP-level limits are exceeded (rate-limit-requests-per-minute, error-rate-per-minute). Specify one of- silent-drop, reject, or deny. Optionally append an HTTP status code for deny (default is 403). Examples- 'reject', 'deny', 'deny 503'. Default is 'silent-drop'.
-
limit-policy-tcp | string
Policy to be applied when TCP-level limits are exceeded (rate-limit-connections-per-minute, concurrent-connections-limit). Specify one of- 'silent-drop' or 'reject'. Default is 'silent-drop'.
-
rate-limit-connections-per-minute | int
Maximum number of connections per minute per entry to trigger the limit policy.
-
rate-limit-requests-per-minute | int
Maximum number of requests per minute per entry to trigger the limit policy.