Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
IDP and HAProxy
« previous
next »
Print
Pages: [
1
]
Author
Topic: IDP and HAProxy (Read 2233 times)
blackout
Newbie
Posts: 7
Karma: 0
IDP and HAProxy
«
on:
March 21, 2021, 08:48:47 pm »
Hi,
is there a way that these components work together?
Today there was a massive brute force attak to my nextcloud and there was no other way as close the https port. In front of my nextcloud there is OPNsense with HAProxy as reverse proxy with SSL offloading.
So no encrypted traffic.
Regards
Logged
sorano
Full Member
Posts: 153
Karma: 21
Re: IDP and HAProxy
«
Reply #1 on:
March 22, 2021, 09:31:57 pm »
You could apply rate-limiting in HAProxy to block the bruteforce attempts, something like:
https://www.loadbalancer.org/blog/simple-denial-of-service-dos-attack-mitigation-using-haproxy-2/
Logged
2x 23.7 VMs & CARP, 4x 2.1GHz, 8GB
Cisco L3 switch, ESXi, VDS, vmxnet3
DoT, Chrony, HAProxy + NAXSI, Suricata
VPN: IPSec, OpenVPN, Wireguard
MultiWAN: Fiber 500/500Mbit dual stack + 4G failover
--
Available for private support.
Did my answer help you? Feel free to click [applaud] to the left
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
IDP and HAProxy