https://github.com/crowdsecurity/cs-haproxy-spoa-bouncer
EXPERIMENTAL: HAProxy spoe filter for CrowdSec - WAF and IP protection
https://github.com/crowdsecurity/cs-haproxy-spoa-bouncer
Last synced: about 1 year ago
JSON representation
EXPERIMENTAL: HAProxy spoe filter for CrowdSec - WAF and IP protection
- Host: GitHub
- URL: https://github.com/crowdsecurity/cs-haproxy-spoa-bouncer
- Owner: crowdsecurity
- License: mit
- Created: 2024-04-13T13:04:40.000Z (about 2 years ago)
- Default Branch: main
- Last Pushed: 2025-03-12T15:48:10.000Z (over 1 year ago)
- Last Synced: 2025-04-05T20:33:36.425Z (about 1 year ago)
- Language: Go
- Size: 209 KB
- Stars: 7
- Watchers: 4
- Forks: 2
- Open Issues: 11
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-crowdsec - cs-haproxy-spoa-bouncer - HAProxy SPOE filter with WAF capabilities and IP-based protection (beta). (Bouncers / Web Servers & Proxies)
README
# crowdsec-spoa
[HAProxy SPOE](https://www.haproxy.com/blog/extending-haproxy-with-the-stream-processing-offload-engine) filter for CrowdSec - WAF and IP protection
## Table of Contents
- [crowdsec-spoa](#crowdsec-spoa)
- [Table of Contents](#table-of-contents)
- [About](#about)
- [Roadmap](#roadmap)
## About
> [!NOTE]
> This is an experimental project, see [roadmap](#roadmap) for more details.
## Roadmap
This outlines the goals of the project, and the current status of each.
- [ ] **v0.1.0** - Initial release
- [x] Container
- [x] Dockerfile
- [x] Docker Compose
- [ ] Debian Package
- [ ] Documentation
- [ ] RPM Package
- [ ] Documentation
- [x] SPOA Server
- [ ] TCP Listener
- [ ] Documentation
- [x] Configuration File
- [ ] Unix Socket Listener
- [ ] Documentation
- [x] Configuration File
- [ ] Handler
- [ ] Documentation
- [ ] Ban Remediation
- [ ] Documentation
- [x] Configuration File
- [x] Template File
- [ ] Captcha Remediation
- [ ] Documentation
- [x] Configuration File
- [x] Template File
- [ ] Country Remediation
- [ ] Documentation
- [x] Configuration File
- [ ] AppSec
- [ ] Documentation
- [ ] Configuration File
HAProxy response schema
```
## Base variables
txn.crowdsec.remediation = "captcha" | "ban" | "unknown" | "allow"
## Ban variables
txn.crowdsec.contact_us_url = host.ban.contact_us_url
## Captcha variables
txn.crowdsec.captcha_site_key = host.captcha.site_key
txn.crowdsec.captcha_frontend_key = providers[host.provider].frontend_key
txn.crowdsec.captcha_frontend_js = providers[host.provider].frontend_js
```