Blocking a IP Adress via a map lookup
Hello, I currently have two backends defined in Haproxy CE 1.8.19-1+deb10u3 and I specify the target backend with the following rule: use_backend...
View ArticleRedirects based on Browser type
Has anyone created a redirect that is based on the browser type, ie IE, Chrome, Firefox I would like to redirect incoming traffic if the users web browser is IE. Is there an ACL variable that can pick...
View ArticleAWS s3 storage behind haproxy modern bucket URL problem
As announced by AWS the way buckets are used in the URL is about to change (it is deferrred but it will come) The path style format will disappear https://s3.domain.net/[bucket]/[object] and the only...
View ArticleMultiple TO adressen in Email alert
Hi All, I’m busy implementing HAproxy for the first time, created a e-mail alert but looks like it can only be send to 1 TO adress configured. have tried everything with seperators etc. Any way to...
View ArticleRedirect multiple idrac via haproxy
Hello, I’m looking for advice, I’ve like 100 iDRAC for managing servers, and I need to keep them with SSL certificates, every year I need to go manually replace SSL certs. So I’ve come with an idea to...
View ArticleIs there a way to get the last ip in the route to HAproxy?
Is there a way to get the last ip in the route to HAproxy? OpenVPN Server ip address → HAproxy I need to create an acl based on the ip address of the OpenVPN Server. I’m looking for something like the...
View ArticleACL Redirect Streams Help
Hi all, I’m quite new to HAProxy and I currently have a config set up so that the backend is a set of aws ecs servers that I can stream to with obs. I put the maxconn for each server in the backend at...
View ArticleRedirect page but keeping it accessible
Hi guys, I don’t really know how to ask this so long story short I have this URL: website/assets/file.xml I need to create a redirection from it but keep it alive meaning: website/assets/file.xml...
View ArticleHAProxy 1.5 replace or empty query parameter value
Hi! I am using haproxy 1.5 on CentOS 7. I am trying to either remove or empty out a url parameter value, if it is found, before sending out. I see it is possible to identify it with acl...
View ArticleTCP mode ACL does not kick in
ACL does not get excuted, seems like with tcp mode cannot match the domain can someone help please? frontend drs mode tcp bind *:5432 #default_backend backend acl sifo_acl hdr(host) -i v3locitydev.com...
View ArticleSetting up ACLs for multiple sites / regrep
Hi all, I’m pretty new to HAproxy, but it’s fantastic so far. I’m hosting multiple intranet sites with it to test some stuff. For ease of description I’m going to limit this to one page here. Here is...
View ArticleHaproxy listener based on domain
I want to run all my servers to listen on port 25565, but I can do that since I can’t have multiple listeners on the same port. I was wondering if there was a way to point subdomain1.example.com >...
View ArticleHaproxy 503 with termination set to CD
Following are the observations Seeing intermittent 503 in haproxy with termination code set to CD Backend is chosen and set correctly by haproxy http_total_time, tcp_total_time and...
View ArticleClik here to view.
HAProxy for securing servers (SSH/RDP-Brute-Force-Attacks)
Hello everyone! I hope I am at the right place for the question. We have severall Ubuntu Server/Windows Server VMs on ESXi. Every day there are several thousands of failed login tries. (we dont know...
View ArticleHTTP Header for Iframe from http
Dear all, I have the following configuration: I have included in a webpage (http://192.168.55.yyy - backend real server) an iframe like this: The webpage is running fine at https, all hhtp requests...
View ArticleRunning HAProxy as Reverse proxy using container
I have simple haproxy.cfg working on a VM. frontend main mode http bind :80 bind :443 ssl crt /etc/haproxy/certs/current/my.pem http-request redirect scheme https unless { ssl_fc } default_backend app...
View ArticleSsl private key not parsed
I will start out saying I am in no way an expert in SSL or haproxy. We are trying out haproxy, and so far we love it. A big thank you to all the people that have worked on this project. We have...
View ArticleSSH termination config invalid after upgrade
I’ve been using HAProxy for SSL termination and reverse proxy on 1.5 for a while and have been trying to upgrade to 1.8.30 as a stepping stone to upgrading to 2.4. The installation was successful but...
View ArticleBuilding 1.8.30 with USE_SYSTEMD=1 fails
I’m trying to upgrade from 1.5 to 1.8.30, and as I’m running HAProxy using systemd I’m trying to build it with USE_SYSTEMD=1 but the build keeps failing with this message: GPARM=3 -DUSE_OPENSSL...
View ArticleClik here to view.
Haproxy logs - Termination state PR--
Hi, I’m using Haproxy 2.2 and I’m observing some strange pattern in Haproxy logs: Aug 20, 2021 @ 09:29:06.595 <134>Aug 20 12:29:06 haproxy[211]: 1.2.3.4:56929 [20/Aug/2021:12:29:06.595]...
View Article