Step 1 - yum install fail2ban\\
Step 2 - edit /etc/fail2ban/jail.conf\\
Step 3 - add the following lines\\
[vulscan]\\
enabled=true\\
port =  http, https\\
filter = vulscan\\
banaction = iptables-allports\\
logpath=?/var/log/haproxy.log\\
maxretry=1\\
bantime=604800\\
step 4 - /etc/fail2ban/filter.d/vulscan\\
[Definition]\\
failregex = .*]:<HOST>.*GET\/myadmin/scripts/setup.php\\
            .*]:<HOST>.*GET\/javascripts/).html(
            .*]:<HOST>.*GET\/javascripts/.jsp
            
step 5 = verify that the /var/log/haproxy.log is generated and is capturing the above inputs.\\

Fail2ban parses the logs we point it to and based on the free text filters which we specify will carry out a specific action like alerting or logging.\\
This solution depends on the ability of haproxy to dump the information into the logs so that fail2ban can read it.\\

We have to continuosly add strings we find are hacking attempts and put it in the above filter.\\

This will NOT slow down haproxy as it is post facto. The first attempt will come through from the client IP. Once we see that x.y.z.a is attempting it from the logs fail2ban will automatically block that specific IP from accessing any of the ports on the haproxy server.\\

This needs to be implemented, tested and monitored.\\