Skip to main content

All Questions

Tagged with
Filter by
Sorted by
Tagged with
1 vote
1 answer
103 views

Incorrect HAProxy reverse proxy config?

I'm configuring my domain, and I want to set up HAProxy as a reverse proxy for all of my subdomains. Somehow I've got this configured incorrectly, and I absolutely have no idea what's wrong. Here's my ...
Vincent Guttmann's user avatar
0 votes
0 answers
29 views

HAProxy configure same domain with different port

I have haproxy configuration like this frontend http-in bind *:80 bind *:443 ssl crt /etc/ssl/haproxyssl/cert.pem mode http #default_backend backend_servers ...
Ananda Fajar's user avatar
0 votes
1 answer
862 views

How to configure HAproxy to a different backend based on path?

The problem is that, I have haproxy configured for multiple domains with backends respectively. The intended behaviour is to redirect a specific request such as myfirstdomain.com/alerts to backend2 ...
Jk843's user avatar
  • 1
0 votes
0 answers
245 views

Configuring Nginx as a reverse proxy for any domain

Currently i have a setup, where dnsmasq is used as a dns server, which resolves an dns lookup, to my own servers IP address. Where SNIPORXY is listening on port 80 and 443 The configuration of the ...
loxtic's user avatar
  • 21
0 votes
0 answers
49 views

HAProxy path-based routing a webpage; webpage resources cannot load

I have the following haproxy.cfg: global stats socket /var/run/api.sock user haproxy group haproxy mode 660 level admin expose-fd listeners log stdout format raw local0 info defaults mode http ...
Snappawapa's user avatar
0 votes
1 answer
628 views

Reverse TCP proxy ports 80 and 443 by server hostname [duplicate]

I have one public IP address. I am trying to allow access via the public IP on ports 80 and 443 to multiple services, differentiated by requested server name. HOWEVER, one service requires a TCP ...
Blair's user avatar
  • 1
1 vote
1 answer
2k views

Haproxy as a mail protocols reverse proxy with SSL termination

Looking for guidance of how to configure haproxy 2.4 in a container, to proxy for a mail server (all protocols, imap/s, smtp/s, pop3/s, http/s) and having haproxy doing ssl termination, but also ...
Unpossible's user avatar
0 votes
1 answer
197 views

Check response of one backend before proxying to another

I have two backends in two locations behind an Nginx frontend. Backend A implements authentication with OAuth. Backend B doesn't. I think a lazy way of adding authentication for location B would be to ...
Daniel Darabos's user avatar
1 vote
1 answer
1k views

HAProxy deny HTTP request on path_beg not matching

I have a HAProxy node in front of a Keycloak node. I want to only expose the API needed to serve the users (not the Admin panel) I have the following on my haproxy.cfg frontend block frontend haproxy-...
desertSniper87's user avatar
3 votes
0 answers
89 views

HAProxy, temporarily blacklist IP if downstream sends back an RST?

Would it be possible for HAProxy to temporarily block (Say for 30 seconds) an IP that connected, then got rejected by the downstream server (RST instead of FIN)? This is for just TCP, not HTTP. ...
Joe Finlo's user avatar
0 votes
0 answers
556 views

haproxy PROXY protocol to mod_remoteip sometimes shows wrong IP address

This is a very odd problem I noticed while checking Apache access logs. I have HAProxy in front of a bunch of containers. It inspects the incoming requests (Host header or SNI) and forwards the ...
user2323470's user avatar
2 votes
1 answer
2k views

Freeipa web interface behind HAProxy

I am trying to configure the FreeIPA web interface to work behind my HAProxy instance. I found an old GitHub Gist for the configuration (https://gist.github.com/m4ce/d081ab39654c3e13bbe8b150986526a3) ...
Computroniks's user avatar
0 votes
1 answer
669 views

HAProxy path_beg error - 503 service unavailable

Given a backend that running on: 172.18.1.125:8888 curl tested: curl --location --request GET "http://172.18.1.125:8888/oauth/sign-key" sample_response //>> HERE IS RESPONSE On ...
SoT's user avatar
  • 103
1 vote
1 answer
766 views

HAProxy goes to the same website even though they have different sub-domains

I have an issue with HAProxy where it goes to the same website even though they have different sub-domains. For example, I go to foo.domain.com then on another tab I go to bar.domain.com and another ...
Glen G's user avatar
  • 11
1 vote
0 answers
593 views

Load Balancing HTTP/2 GRPC persistent connections

Let's take a look at this scenario. In a traditional LB model, we would have the LB (wether a reverse proxy or not) farm out req/rep to application level servers. This model is fine for the generic ...
Sam's user avatar
  • 111
0 votes
1 answer
4k views

HAProxy - Cannot chroot /var/lib/haproxy

I am trying to run haproxy in docker by following this article from the haproxy blog. https://www.haproxy.com/blog/haproxy-on-docker-swarm-load-balancing-and-dns-service-discovery/ I am getting the ...
CodeWeed's user avatar
  • 101
1 vote
2 answers
3k views

Haproxy set Host Header per origin Server

We are trying to set host header per origin server, we can set per back end, but we are using default names on Azure app services, and as such the service will only respond to its own hostname, for ...
Jay's user avatar
  • 11
0 votes
1 answer
2k views

haproxy two applications on the same port with different certificates

I am setting up haproxy. My config is: frontend bothApps bind *:9999 mode http acl prov path_end -i /prov-0.0.1-SNAPSHOT/ acl web path end -i /web-0.0.1-SNAPSHOT/ ...
Michu93's user avatar
  • 103
0 votes
1 answer
2k views

How to configure HAProxy to ignore client header `Pragma: no-cache`?

We have a web service behind a HAProxy server running in caching reverse proxy configuration. The backend servers send Cache-Control headers correctly for all responses so HAProxy can cache all ...
Mikko Rantalainen's user avatar
3 votes
1 answer
1k views

Multiple forwardfor commands in HAProxy config

In HAProxy, I would like to forwardfor everything except a few networks like below (multiple networks) frontend main bind myip:5356-60000 mode http option ...
Evyatar Saias's user avatar
0 votes
1 answer
172 views

How to deliver certificate randomly to browser, according to the backend IP/server picked by HAProxy?

I am a beginner in HAProxy and I was trying to achieve this. I have 4 VMs, one having HAProxy server and Apache httpd server in other 3 VMs. I have test.html on all three servers. When user hit https:/...
Alfred's user avatar
  • 111
1 vote
1 answer
469 views

Why browser is always showing certificate of only one server even if multiple certificates are configured in HAProxy?

I am a beginner in HAProxy. I have four VMs, with HAProxy in one and Apache httpd in other three. What I am trying to achieve is, when user connect to HAProxy IP using https, the connection should be ...
Alfred's user avatar
  • 111
0 votes
1 answer
2k views

HAProxy send-proxy to Nginx

I am trying to reverse proxy clients to a web server through HAProxy and Nginx with SSL traffic using SNI. With the standard configuration, the web server sees the HAProxy IP and connects. When ...
Brailyn's user avatar
3 votes
1 answer
4k views

URL redirection and TCP proxy in haproxy

In a server with only one ipv4 and running haproxy, i want to redirect an url and proxy another in TCP level, for ssl passthrough purpose. frontend https-frontend bind *:443 mode tcp option ...
Albert's user avatar
  • 31
2 votes
0 answers
6k views

How to configure HAProxy to buffer the whole request including full body (buffering reverse proxy and big file uploads)?

We have a setup where front facing HTTP2 server is HAProxy and multiple backend servers run Apache+PHP. We have set HAProxy configuration option http-buffer-request. End users upload files (using ...
Mikko Rantalainen's user avatar
1 vote
0 answers
1k views

HAProxy : SSL/TLS termination + ports forwarding

I'm writing here, because I use HAProxy as reverse-proxy with SSL/TLS termination, and I don't know how to configure it to forward HTTPS requests on specific port to the same on my HTTP backend's ...
outstore's user avatar
2 votes
1 answer
5k views

HAPROXY : reverse proxy with TLS termination

I'm a newbie with HAProxy, and I want to use it to redirects HTTPS incoming requests to my HTTP backends servers. I know, how it is possible to do it with Nginx, like this : #SSL for all server { ...
outstore's user avatar
1 vote
1 answer
4k views

HAProxy: Using path variables to match one acl to a backend, depending on variable

I would like to setup HAProxy to redirect to a particular backend based on the variable in the acl rule. As an example, right now, I have a standard 1-to-1 setup for the ACLs and the corresponding ...
SVill's user avatar
  • 87
2 votes
1 answer
7k views

What are the possible causes for Layer 4 and Layer 7 timeouts in HAProxy?

I am copying my Stackoverflow question : https://stackoverflow.com/q/63683206/6344947 I saw that I was getting 503 for my application when I was hitting the API's. When I checked the HAProxy LB stats ...
Debodirno Chandra's user avatar
0 votes
1 answer
863 views

HaProxy edge redirecting to proxy port (instead of proxying) for certain URI patterns

I'm trying to use HaProxy as my edge webserver with Nginx as my primary application server running at localhost:9180, the normal proxy behavior works fine at domain.com (it simply shows the output ...
MJHd's user avatar
  • 107
0 votes
3 answers
1k views

How to redirect http requests to a service running in other port

I have a certain machine that recently got external access, but only to a few ports (SSH, HTTP and HTTPS.) Now this machine must provide access to some other services (e.g. RabbitMQ, Tomcat, etc), but ...
André Winston's user avatar
3 votes
0 answers
1k views

Haproxy same port for http and https

I want my webapplication run only on port 4443. So i added this port to my docker container on haproxy. Now i want to inspect the incomming request and if it is not https, it should redirect to it. ...
Samhamsam's user avatar
2 votes
1 answer
754 views

Problems proxy requests to multiple backends with http2, "connection coalescing", connection reuse in google chrome

We are looking for a way to use http2, one proxy with SSL termination and multiple different backends for different subdomains. I found this explanation of the problem and I am looking for solutions ...
nelaaro's user avatar
  • 654
1 vote
1 answer
3k views

HAProxy - Need to add a URL parameter to ACL to differentiate between services with the same URL, but on different ports

I have several services that run on different ports, each of which use the same URI paths. For example: New York Housing Service 127.0.0.1:8080/homes 127.0.0.1:8080/prices Las Vegas Housing Service ...
SVill's user avatar
  • 87
0 votes
2 answers
3k views

HAProxy ACL to multiple backend ports not working

I'm trying to set up haproxy to navigate between the multiple applications running on the same server. If my understanding is correct, I should be able to use ACL rules in the frontend to switch ...
SVill's user avatar
  • 87
1 vote
1 answer
7k views

HAProxy reports that servers-http and servers-https is down. Does not start

I'm trying to setup haproxy for the first time, and it has been giving me a lot of trouble. Right now, when I call the haproxy file in the /etc/init.d folder to start it up, I get the following: $ ./...
SVill's user avatar
  • 87
0 votes
1 answer
493 views

How many ports HAProxy machine opens

I have below port range configured cat /proc/sys/net/ipv4/ip_local_port_range 32768 61000 So, 28232 will be no.of available ports I have HAProxy Configured to take 5000 connection with 2 processor ...
Karthik's user avatar
0 votes
1 answer
2k views

HAProxy as a reverse proxy for backend already ssl enabled and SSL terminator for a backend exposed in port 80

I have 4 servers: proxy_server, $BK_SERVER_001, $BK_SERVER_002 and $BK_SERVER_003 The "proxy_server" only has an HAProxy enabled service with this configuration: (please look at the rows marked ...
Goose's user avatar
  • 3
2 votes
0 answers
541 views

Reverse proxy in front of a forward proxy

Our enterprise environment is essentially cut off from the internet, save for an HTTP (forward) proxy that operates at 192.168.1.2:8080. There is a firewall with an IP whitelist for proxy access, and ...
Chris Hunt's user avatar
0 votes
2 answers
3k views

Generic SNI-based transparent TLS proxy without having to enumerate all backends?

I'm in a situation where I have to provide a transparent reverse proxy in front of a set of thousands of backend https webservers, with the list changing (relatively) frequently. I know I can tell ...
András Korn's user avatar
1 vote
0 answers
551 views

HAProxy - Doesn't work from external network

I've been digging the internet all night trying to figure out this issue. So basically I installed a HA Proxy instance to be used as Reverse Proxy. This is my simple haproxy.conf config: global ...
Shlomi's user avatar
  • 331
-1 votes
1 answer
2k views

How can I verify Haproxy backend HTTPS server as in browser I can?

Haproxy's documentation says the ssl and the verify server option enable verify on backend server's certificate via one ca-file but I try to use Firefox export the backend server's CA file then use ...
illiterate's user avatar
0 votes
2 answers
1k views

How can I make Haproxy don't send SNI field to backend server?

Following reverse proxy work for en.wikipedia.org but not zh.wikipedia.org, my censor prevents access to zh.wikipedia.org by SNI. if no SNI then just correct IP in /etc/hosts is enough. Original ...
illiterate's user avatar
1 vote
0 answers
1k views

Haproxy ProxyPass and ReverseProxy

I have an Apache vhost with the following directives ; ProxyPass "/String1" "http://10.0.1.50:8081/String1/String2/String3 ProxyPassReverse "/String1" "http://10.0.1.50:8081/String1/String2/String3" ...
angry_guy45's user avatar
2 votes
1 answer
4k views

HAProxy reverse proxy config - selecting backends based on subdomain

I'm having the darndest time trying to make a simple reverse proxy select the backend based on the URL. I keep getting a 503 Service Unavailable. No server is available to handle this request. error ...
john's user avatar
  • 23
0 votes
0 answers
985 views

HAProxy as Docker container not routing as a reverse proxy

This HAProxy configuration should serve: the Google main web page when asking http://localhost:9000/google/ the Wikipedia main web page when asking for anything else hitting http://localhost:9000 I ...
TPPZ's user avatar
  • 101
0 votes
1 answer
2k views

haproxy hide backend url

Is it possible to hide the backend server's URL path, using haproxy? The backend server's URL path is https://backend:8443/backend_url(/.*) I would like to keep the URL path in the browser as always ...
Unpossible's user avatar
2 votes
0 answers
3k views

HAProxy reverse proxy - multiple sites

I have configured HAProxy as reverse proxy - with single SharePoint site, server and it's working (SSL pass-through on IIS), but when I'm trying to configure two compeletly different SharePoint sites ...
maar's user avatar
  • 495
1 vote
2 answers
4k views

SharePoint - HAProxy reverse-proxy (issue with SSL)

UPDATE BELOW ________________ I decided to use HAProxy as reverse-proxy for SharePoint sites and without SSL everything works fine, but with SSL I can't start haproxy.service. I was trying with many ...
maar's user avatar
  • 495
1 vote
1 answer
2k views

HAProxy 504 Gateway Time-out Exchange 2016

I have been trying to use HAProxy as a proxy and load balancer for my 2 Exchange 2016 mail servers. Whenever I hit the IP of the HAProxy server I get a "504 Gateway Time-out" error. I have tried ...
Justin Morrison's user avatar