ACL setup after haproxy

I have setup the Haproxy successful via lawrence video , I would like to know is there any way to setup acl by the domain.
For example : I have a domain name xyz. net ,
First subdomain : web. xyz. net
second subdomain: uat. xyz. net
thired subdomain: web3. xyz .net
I have successfully setup haproxy with 1 ip , and 3 web server behide it.
Now I can access via any where from the world to access the web. xyz. net
but I just want certain ip address to access the uat. xyz. net .
How to setup this?Also How can I protect them from this horrible world(DDOS,MID,layer 7 DDOS…etc)?

I haven’t used it myself, but HAProxy does appear to have ACLs available.

frontend example-frontend
  acl network_allowed src

I would reference this article for some additional examples. You probably still have to have forwarding rules from the outside into the haproxy front-end - but I’m guessing you’ve already solved that step.

Thanks for your advise !!

Personally, I think your ACLs should be applied at your perimeter firewall, but your scenario may be unique. Good luck, share what you ended up doing.