I have setup the Haproxy successful via lawrence video , I would like to know is there any way to setup acl by the domain.
For example : I have a domain name xyz. net ,
First subdomain : web. xyz. net
second subdomain: uat. xyz. net
thired subdomain: web3. xyz .net
I have successfully setup haproxy with 1 ip , and 3 web server behide it.
Now I can access via any where from the world to access the web. xyz. net
but I just want certain ip address to access the uat. xyz. net .
How to setup this?Also How can I protect them from this horrible world(DDOS,MID,layer 7 DDOS…etc)?
I haven’t used it myself, but HAProxy does appear to have ACLs available.
frontend example-frontend
[...]
acl network_allowed src 20.30.40.50 20.30.40.40
I would reference this article for some additional examples. You probably still have to have forwarding rules from the outside into the haproxy front-end - but I’m guessing you’ve already solved that step.
Thanks for your advise !!
Personally, I think your ACLs should be applied at your perimeter firewall, but your scenario may be unique. Good luck, share what you ended up doing.