All Questions
Tagged with reverse-proxy haproxy
118
questions
1
vote
1
answer
103
views
Incorrect HAProxy reverse proxy config?
I'm configuring my domain, and I want to set up HAProxy as a reverse proxy for all of my subdomains. Somehow I've got this configured incorrectly, and I absolutely have no idea what's wrong. Here's my ...
0
votes
0
answers
29
views
HAProxy configure same domain with different port
I have haproxy configuration like this
frontend http-in
bind *:80
bind *:443 ssl crt /etc/ssl/haproxyssl/cert.pem
mode http
#default_backend backend_servers
...
0
votes
1
answer
862
views
How to configure HAproxy to a different backend based on path?
The problem is that, I have haproxy configured for multiple domains with backends respectively. The intended behaviour is to redirect a specific request such as myfirstdomain.com/alerts to backend2 ...
0
votes
0
answers
245
views
Configuring Nginx as a reverse proxy for any domain
Currently i have a setup, where dnsmasq is used as a dns server, which resolves an dns lookup, to my own servers IP address. Where SNIPORXY is listening on port 80 and 443 The configuration of the ...
0
votes
0
answers
49
views
HAProxy path-based routing a webpage; webpage resources cannot load
I have the following haproxy.cfg:
global
stats socket /var/run/api.sock user haproxy group haproxy mode 660 level admin expose-fd listeners
log stdout format raw local0 info
defaults
mode http
...
0
votes
1
answer
628
views
Reverse TCP proxy ports 80 and 443 by server hostname [duplicate]
I have one public IP address. I am trying to allow access via the public IP on ports 80 and 443 to multiple services, differentiated by requested server name.
HOWEVER, one service requires a TCP ...
1
vote
1
answer
2k
views
Haproxy as a mail protocols reverse proxy with SSL termination
Looking for guidance of how to configure haproxy 2.4 in a container, to proxy for a mail server (all protocols, imap/s, smtp/s, pop3/s, http/s) and having haproxy doing ssl termination, but also ...
0
votes
1
answer
197
views
Check response of one backend before proxying to another
I have two backends in two locations behind an Nginx frontend. Backend A implements authentication with OAuth. Backend B doesn't.
I think a lazy way of adding authentication for location B would be to ...
1
vote
1
answer
1k
views
HAProxy deny HTTP request on path_beg not matching
I have a HAProxy node in front of a Keycloak node. I want to only expose the API needed to serve the users (not the Admin panel) I have the following on my haproxy.cfg
frontend block
frontend haproxy-...
3
votes
0
answers
89
views
HAProxy, temporarily blacklist IP if downstream sends back an RST?
Would it be possible for HAProxy to temporarily block (Say for 30 seconds) an IP that connected, then got rejected by the downstream server (RST instead of FIN)?
This is for just TCP, not HTTP.
...
0
votes
0
answers
556
views
haproxy PROXY protocol to mod_remoteip sometimes shows wrong IP address
This is a very odd problem I noticed while checking Apache access logs. I have HAProxy in front of a bunch of containers. It inspects the incoming requests (Host header or SNI) and forwards the ...
2
votes
1
answer
2k
views
Freeipa web interface behind HAProxy
I am trying to configure the FreeIPA web interface to work behind my HAProxy instance. I found an old GitHub Gist for the configuration (https://gist.github.com/m4ce/d081ab39654c3e13bbe8b150986526a3) ...
0
votes
1
answer
669
views
HAProxy path_beg error - 503 service unavailable
Given a backend that running on:
172.18.1.125:8888
curl tested:
curl --location --request GET "http://172.18.1.125:8888/oauth/sign-key"
sample_response //>> HERE IS RESPONSE
On ...
1
vote
1
answer
766
views
HAProxy goes to the same website even though they have different sub-domains
I have an issue with HAProxy where it goes to the same website even though they have different sub-domains.
For example, I go to foo.domain.com then on another tab I go to bar.domain.com and another ...
1
vote
0
answers
593
views
Load Balancing HTTP/2 GRPC persistent connections
Let's take a look at this scenario.
In a traditional LB model, we would have the LB (wether a reverse proxy or not) farm out req/rep to application level servers. This model is fine for the generic ...
0
votes
1
answer
4k
views
HAProxy - Cannot chroot /var/lib/haproxy
I am trying to run haproxy in docker by following this article from the haproxy blog. https://www.haproxy.com/blog/haproxy-on-docker-swarm-load-balancing-and-dns-service-discovery/
I am getting the ...
1
vote
2
answers
3k
views
Haproxy set Host Header per origin Server
We are trying to set host header per origin server, we can set per back end, but we are using default names on Azure app services, and as such the service will only respond to its own hostname, for ...
0
votes
1
answer
2k
views
haproxy two applications on the same port with different certificates
I am setting up haproxy.
My config is:
frontend bothApps
bind *:9999
mode http
acl prov path_end -i /prov-0.0.1-SNAPSHOT/
acl web path end -i /web-0.0.1-SNAPSHOT/
...
0
votes
1
answer
2k
views
How to configure HAProxy to ignore client header `Pragma: no-cache`?
We have a web service behind a HAProxy server running in caching reverse proxy configuration. The backend servers send Cache-Control headers correctly for all responses so HAProxy can cache all ...
3
votes
1
answer
1k
views
Multiple forwardfor commands in HAProxy config
In HAProxy, I would like to forwardfor everything except a few networks like below (multiple networks)
frontend main
bind myip:5356-60000
mode http
option ...
0
votes
1
answer
172
views
How to deliver certificate randomly to browser, according to the backend IP/server picked by HAProxy?
I am a beginner in HAProxy and I was trying to achieve this. I have 4 VMs, one having HAProxy server and Apache httpd server in other 3 VMs. I have test.html on all three servers. When user hit https:/...
1
vote
1
answer
469
views
Why browser is always showing certificate of only one server even if multiple certificates are configured in HAProxy?
I am a beginner in HAProxy. I have four VMs, with HAProxy in one and Apache httpd in other three. What I am trying to achieve is, when user connect to HAProxy IP using https, the connection should be ...
0
votes
1
answer
2k
views
HAProxy send-proxy to Nginx
I am trying to reverse proxy clients to a web server through HAProxy and Nginx with SSL traffic using SNI. With the standard configuration, the web server sees the HAProxy IP and connects. When ...
3
votes
1
answer
4k
views
URL redirection and TCP proxy in haproxy
In a server with only one ipv4 and running haproxy, i want to redirect an url and proxy another in TCP level, for ssl passthrough purpose.
frontend https-frontend
bind *:443
mode tcp
option ...
2
votes
0
answers
6k
views
How to configure HAProxy to buffer the whole request including full body (buffering reverse proxy and big file uploads)?
We have a setup where front facing HTTP2 server is HAProxy and multiple backend servers run Apache+PHP. We have set HAProxy configuration option http-buffer-request. End users upload files (using ...
1
vote
0
answers
1k
views
HAProxy : SSL/TLS termination + ports forwarding
I'm writing here, because I use HAProxy as reverse-proxy with SSL/TLS termination, and I don't know how to configure it to forward HTTPS requests on specific port to the same on my HTTP backend's ...
2
votes
1
answer
5k
views
HAPROXY : reverse proxy with TLS termination
I'm a newbie with HAProxy, and I want to use it to redirects HTTPS incoming requests to my HTTP backends servers.
I know, how it is possible to do it with Nginx, like this :
#SSL for all
server {
...
1
vote
1
answer
4k
views
HAProxy: Using path variables to match one acl to a backend, depending on variable
I would like to setup HAProxy to redirect to a particular backend based on the variable in the acl rule. As an example, right now, I have a standard 1-to-1 setup for the ACLs and the corresponding ...
2
votes
1
answer
7k
views
What are the possible causes for Layer 4 and Layer 7 timeouts in HAProxy?
I am copying my Stackoverflow question : https://stackoverflow.com/q/63683206/6344947
I saw that I was getting 503 for my application when I was hitting the API's. When I checked the HAProxy LB stats ...
0
votes
1
answer
863
views
HaProxy edge redirecting to proxy port (instead of proxying) for certain URI patterns
I'm trying to use HaProxy as my edge webserver with Nginx as my primary application server running at localhost:9180, the normal proxy behavior works fine at domain.com (it simply shows the output ...
0
votes
3
answers
1k
views
How to redirect http requests to a service running in other port
I have a certain machine that recently got external access, but only to a few ports (SSH, HTTP and HTTPS.) Now this machine must provide access to some other services (e.g. RabbitMQ, Tomcat, etc), but ...
3
votes
0
answers
1k
views
Haproxy same port for http and https
I want my webapplication run only on port 4443. So i added this port to my docker container on haproxy. Now i want to inspect the incomming request and if it is not https, it should redirect to it. ...
2
votes
1
answer
754
views
Problems proxy requests to multiple backends with http2, "connection coalescing", connection reuse in google chrome
We are looking for a way to use http2, one proxy with SSL termination and multiple different backends for different subdomains.
I found this explanation of the problem and I am looking for solutions ...
1
vote
1
answer
3k
views
HAProxy - Need to add a URL parameter to ACL to differentiate between services with the same URL, but on different ports
I have several services that run on different ports, each of which use the same URI paths. For example:
New York Housing Service
127.0.0.1:8080/homes
127.0.0.1:8080/prices
Las Vegas Housing Service
...
0
votes
2
answers
3k
views
HAProxy ACL to multiple backend ports not working
I'm trying to set up haproxy to navigate between the multiple applications running on the same server. If my understanding is correct, I should be able to use ACL rules in the frontend to switch ...
1
vote
1
answer
7k
views
HAProxy reports that servers-http and servers-https is down. Does not start
I'm trying to setup haproxy for the first time, and it has been giving me a lot of trouble. Right now, when I call the haproxy file in the /etc/init.d folder to start it up, I get the following:
$ ./...
0
votes
1
answer
493
views
How many ports HAProxy machine opens
I have below port range configured
cat /proc/sys/net/ipv4/ip_local_port_range
32768 61000
So, 28232 will be no.of available ports
I have HAProxy Configured to take 5000 connection with 2 processor
...
0
votes
1
answer
2k
views
HAProxy as a reverse proxy for backend already ssl enabled and SSL terminator for a backend exposed in port 80
I have 4 servers:
proxy_server,
$BK_SERVER_001,
$BK_SERVER_002 and
$BK_SERVER_003
The "proxy_server" only has an HAProxy enabled service with this configuration:
(please look at the rows marked ...
2
votes
0
answers
541
views
Reverse proxy in front of a forward proxy
Our enterprise environment is essentially cut off from the internet, save for an HTTP (forward) proxy that operates at 192.168.1.2:8080. There is a firewall with an IP whitelist for proxy access, and ...
0
votes
2
answers
3k
views
Generic SNI-based transparent TLS proxy without having to enumerate all backends?
I'm in a situation where I have to provide a transparent reverse proxy in front of a set of thousands of backend https webservers, with the list changing (relatively) frequently.
I know I can tell ...
1
vote
0
answers
551
views
HAProxy - Doesn't work from external network
I've been digging the internet all night trying to figure out this issue.
So basically I installed a HA Proxy instance to be used as Reverse Proxy.
This is my simple haproxy.conf config:
global
...
-1
votes
1
answer
2k
views
How can I verify Haproxy backend HTTPS server as in browser I can?
Haproxy's documentation says the ssl and the verify server option enable verify on backend server's certificate via one ca-file but I try to use Firefox export the backend server's CA file then use ...
0
votes
2
answers
1k
views
How can I make Haproxy don't send SNI field to backend server?
Following reverse proxy work for en.wikipedia.org but not zh.wikipedia.org, my censor prevents access to zh.wikipedia.org by SNI. if no SNI then just correct IP in /etc/hosts is enough.
Original ...
1
vote
0
answers
1k
views
Haproxy ProxyPass and ReverseProxy
I have an Apache vhost with the following directives ;
ProxyPass "/String1" "http://10.0.1.50:8081/String1/String2/String3
ProxyPassReverse "/String1" "http://10.0.1.50:8081/String1/String2/String3"
...
2
votes
1
answer
4k
views
HAProxy reverse proxy config - selecting backends based on subdomain
I'm having the darndest time trying to make a simple reverse proxy select the backend based on the URL.
I keep getting a 503 Service Unavailable. No server is available to handle this request. error ...
0
votes
0
answers
985
views
HAProxy as Docker container not routing as a reverse proxy
This HAProxy configuration should serve:
the Google main web page when asking http://localhost:9000/google/
the Wikipedia main web page when asking for anything else hitting http://localhost:9000
I ...
0
votes
1
answer
2k
views
haproxy hide backend url
Is it possible to hide the backend server's URL path, using haproxy?
The backend server's URL path is https://backend:8443/backend_url(/.*)
I would like to keep the URL path in the browser as always ...
2
votes
0
answers
3k
views
HAProxy reverse proxy - multiple sites
I have configured HAProxy as reverse proxy - with single SharePoint site, server and it's working (SSL pass-through on IIS), but when I'm trying to configure two compeletly different SharePoint sites ...
1
vote
2
answers
4k
views
SharePoint - HAProxy reverse-proxy (issue with SSL)
UPDATE BELOW
________________
I decided to use HAProxy as reverse-proxy for SharePoint sites and without SSL everything works fine, but with SSL I can't start haproxy.service.
I was trying with many ...
1
vote
1
answer
2k
views
HAProxy 504 Gateway Time-out Exchange 2016
I have been trying to use HAProxy as a proxy and load balancer for my 2 Exchange 2016 mail servers. Whenever I hit the IP of the HAProxy server I get a "504 Gateway Time-out" error. I have tried ...