HAProxy rate limiting - ban abuser for 30 minutes
Andy, The trick is to add another backend that you only use for the extra stick table. You can only have one stick table per backend - BUT you can use them in ANY front/back end... So I just add one called Abuse that you can then use as a global 60 minute ban for any backend... You will need to change my example but try something like this:
# ABUSE SECTION works with http mode dependent on src ip
tcp-request content reject if { src_get_gpc0(Abuse) gt 0 }
acl abuse src_http_req_rate(Abuse) ge 10
acl flag_abuser src_inc_gpc0(Abuse) ge 0
acl scanner src_http_err_rate(Abuse) ge 10
# Returns a 403 to the abuser and flags for tcp-reject next time
http-request deny if abuse flag_abuser
http-request deny if scanner flag_abuser
backend Abuse
stick-table type ip size 1m expire 60m store conn_rate(3s),conn_cur,gpc0,http_req_rate(10s),http_err_rate(20s)