@Dave wrote:
Hello guys,
I’am trying to setup haproxy on Ubuntu 16.04 Haproxy 1.7v with ssl only.I have A record in cloudflare to ip where is loadbalancer.Check my haproxy.cfgglobal
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
maxconn 5000
tune.ssl.default-dh-param 2048# Default SSL material locations ca-base /etc/ssl/certs crt-base /etc/ssl/private # Default ciphers to use on SSL-enabled listening sockets. # For more information, see ciphers(1SSL). This list is from: # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ # An alternative list with additional directives can be obtained from # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS ssl-default-bind-options no-sslv3defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
stats enable
stats hide-version
stats uri /stats
stats realm Haproxy\ Statistics
stats auth admin:123$
stats refresh 5sfrontend UP-Proxy
bind *:443 ssl crt /etc/haproxy/cert/server.pemacl site_dead nbsrv(LoadBalancer) lt 1
tcp-request connection reject if site_dead
monitor-uri /haproxy?monitordefault_backend LoadBalancer
backend LoadBalancer
balance roundrobin
option redispatch 1
cookie SERVERID insert indirect nocacheserver up130 10.x.xxx.xx:80 cookie 130 check fall 3 rise 2
server up153 10.x.xxx.xx:80 cookie 153 check fall 3 rise 2When i try to request site cloudflare throw 521 or 502 (Bad gateway) Please Help
Posts: 1
Participants: 1