[Definition]
# Count any GET/POST from the same client IP. We prefer X-Forwarded-For
# (real client IP) when present; otherwise fall back to remote_addr.
failregex = ^.*"x_forwarded_for":"<HOST>(?:, [^"]+)?".*"request_method":"(?:GET|POST)".*$
            ^.*"remote_addr":"<HOST>".*"request_method":"(?:GET|POST)".*$

# Ignore safe/health endpoints (adjust to your env)
ignoreregex = ^.*"request_uri":"\/(?:stub_status|health\/system|health\/worker|pgadmin4(?:\/|$)|\.well-known\/acme-challenge\/|.*\.(?:css|js|png|jpg|jpeg|gif|svg|ico|webp|woff2?))".*$