Hello! I have stumbled upon an interesting use case and wanted to discuss with you if it is feasible or maybe you would have (more critical) input. I have seen Writing a plugin to tarpit but my use case is different.
I place Caddy in front of my app which itself is a reverse-proxy. Some requests to upstream hit WAF tarpit, so my app has to handle that, which wastes resources. I was wondering if it could be possible to offload keeping the connection open after my app has detected that a request has hit a tarpit.
An approach I am considering is for my app to reply with some header like X-Tarpit-Detected: true, which would signal to Caddy that it must hold the request open indefinitely, wasting malicious bot’s resources.
Would that be feasible with a Caddy plugin or is there a way to solve this differently?