Introduce new --strict-mode option.

[brndnmtthws]

This also adds a new HAPROXY_{n}_ENABLED option, which lets you
enabled/disable individual backends for an app.

This resolves issues #402 and #403.

[JohnOmernik]

I like this idea, but I think you've mentioned that for backwards compatibility, it's hard to switch enforcement. The security guy in me wants to find a way to make this the default (strict mode) however, I understand the challenges of installed clusters... not sure how to best handle, perhaps with this change make some "marketing" hoopla? Update docs with notes recommending strict mode for new clusters? Recommending people make the change if they can, and then a page on understanding what needs to change?

[brndnmtthws]

I'm not comfortable with enabling it by default at the moment. I think we can do a slow transition, but right now it would make a lot of people angry if their apps suddenly broke.

[vishnu2kmohan]

LGTM

A blog post announcing --strict-mode with a plea to users to port their app definitions to a more secure version (along with a deprecation cycle - 1.5?) would be appreciated.

[brndnmtthws]

I'm going to cut the next release as 1.5. I'll target enabling strict mode by default for 1.6.