Load Balancer
HAProxy Blocklist Tutorial
Block malicious IPs at the load balancer level using HAProxy ACL files loaded from TXT or CSV blocklists for high-performance traffic filtering.
Steps
- 1
Download the blocklist
Download the TXT blocklist from your AntiProxies dashboard. HAProxy ACL files support one entry per line.
- 2
Create an ACL file
Place the downloaded file at a path readable by HAProxy, e.g. /etc/haproxy/blocklists/blocked_ips.lst.
- 3
Configure frontend ACL
Add an acl directive referencing the file and a tcp-request or http-request deny rule in your frontend section.
- 4
Reload HAProxy
Run haproxy -c -f /etc/haproxy/haproxy.cfg to validate, then systemctl reload haproxy (or haproxy -sf $(cat /var/run/haproxy.pid)) for zero-downtime reload.
Need the blocklist files?
Download free sample data or subscribe for daily-updated lists.
Free Samplehaproxy.cfg – ACL blocklist
Load an IP blocklist from a file and deny matching clients at the frontend.
frontend http_front
bind *:80
mode http
# Load AntiProxies blocklist from file
acl blocked_ip src -f /etc/haproxy/blocklists/blocked_ips.lst
# Deny blocked IPs immediately
http-request deny if blocked_ip
default_backend http_back
backend http_back
mode http
server app1 127.0.0.1:3000 checkACL file format
One IP address or CIDR range per line. Comments start with #.
# AntiProxies blocklist – auto-generated, do not edit manually
1.2.3.4
5.6.7.0/24
10.0.0.1
192.168.100.0/22Frequently asked questions
Can HAProxy reload the ACL file without a config reload?
How many IPs can HAProxy ACL files handle?
Can I block by country in addition to IP?
Want to see what's in the database?
Download once, query as many times as you need. €99/year for all 22 databases, unlimited servers, and a full year of monthly updates. No usage limits, no per-query fees, no data leaving your servers.