Hi team!
I've configured a Docker Swarm arquitecture with 3 managers and 3 workers (3 servers).
I've installed the traefik containers in global mode for the managers with consul.
I've a floating IP with keepalive in the 3 managers.
I've this DNS entries:
mydomain -> My floating IP
*.mydomain -> My floating IP
I'm receiving any request to xxxx.mydomain and this subdomain don't exists.
I'll need, if exists any way, to block all request to this subdomain (xxxx.mydomain) with traefik.
I need any rule, entrypoint or feature for block all request to domain.
I see a lot of logs with "Backend not found" (traffic) to xxxx.mydomain. I want to eliminate that traffic.
In other projects I'm use haproxy with ACL for this purpose.
Is there anything like it for traefik?
Thanks in advance
Hello @sergarrido
Traefik is not a security appliance, and therefore does not have full security features. This sounds like something that should be handled by a firewall, instead of by your proxy.
Traefik should return a 404 for routes that are not configured and don't exist.
Can you provide your Traefik configuration?
Hi @daniel.tomcej,
Thank for you reply!
I understand Traefik doesn't have this feature. So, in this type of scenario, what application could be used for this purpose?
Thanks!
@sergarrido,
There are many firewall options based on the OS that you are running on. Many different companies offer Web Application Firewalls that can provide the filtering that you are needing.
Web application firewalls are recommended for PCI compliance, so there are lots of guides online showing how to install and configure them!
@daniel.tomcej,
Ok, I understand it. Thanks for your information.