Backend regirep redirection


#1

Hi,

I have problem whith backend redirection.
I’m want when user go to www.example.com, i give it the page located to www.example.com/new/new/

How can i make it ??

The current regirep instruction.
reqirep ^([^\ :])\ /(.) \1\ /new/new/\2


#2

I suspect you want this:

reqirep ^([^\ :]*)\ /(.*)     \1\ /new/new/\2

Rather than:

reqirep ^([^\ :])\ /(.) \1\ /new/new/\2

Which is missing some asterisk unless they were lost in copy and paste?


#3

Thanks for answer .

I try it but it don’t redirect.

My instruction
reqirep ^([^\ :])\ /(.) \1\ /new/new/\2


#4

Sorry to hear you are still having issues, I see again in your example that the asterisk(*) are missing, not sure if this is a copy and paste thing…

Anyway, it will definitely work with:

reqirep ^([^\ :]*)\ /(.*)     \1\ /new/new/\2

As this was tested in my test lab, can you confirm that the stars(asterisk) are really there in your config file as above?


#5

It’s pass.
But with this new configuration,
i have this error

My configuration instruction
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon

# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private

defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http

frontend frontendServer
bind *:80
mode http

option httpclose
option forwardfor

acl localhostACL hdr_dom(host) -i localhost
use_backend localhostBackend if localhostACL 
default_backend defaultBackendServer

backend defaultBackendServer
mode http
balance source
server SRV-WEB-1 192.168.2.13:80 check
server SRV-WEB-2 192.168.2.14:80 check

backend localhostBackend
mode http
balance source

reqirep ^([^\ :]*)\ /(.*)     \1\ /new/new/\2
server SRV-WEB-1 192.168.2.13:80 check
server SRV-WEB-2 192.168.2.14:80 check

#6

Hmm, looks like the regex is matching “/” each time which does make sense I guess…

We could try using an ACL to identify when the path is just a slash like so:

acl is_root path -i /
reqirep ^([^\ :]*)\ /(.*)     \1\ /new/new/\2 if is_root

But that seems like we are working around the fact it’s a regex…

So maybe this instead as a more static suggestion:

acl is_root path -i /
http-request set-uri http://%[req.hdr(Host)]/new/new/ if is_root

#7

Please must i remove the precedent ACL ?
Please can you show me where can i put the new ACL ?


#8

I think I had better check a couple of things first.

We have this already:

reqirep ^([^\ :]*)\ /(.*)     \1\ /new/new/\2

It will make all requests to this site read from the folder “/new/new” on the backend so a request to “http://www.example.com/index.html” would actually on the backend be made to “http://www.example.com/new/new/index.html” and so will a request to “http://www.example.com/support/support.html” translate to “http://www.example.com/new/new/support/support.html” without the user being aware.

You would need to be very careful of any redirects on the backend real server itself as that could end up in the error you show above where the backend also tried to apply a redirect.

Is this the behaviour you want?

Or do we only want literally http://www.example.com/ to read “http://www.example.com/new/new/” while “http://www.example.com/support/support.html” or even “http://www.example.com/index.html” would be left unmodified?

Or maybe we’d be better performing a real redirect causing the user to be fully redirected to example.com/new/new in their browsers address bar?


#9

I can’t make the real redirection.
Because the user will don’t know.
When i use this regirep
reqirep ^([^\ :])\ /v1/(.) \1\ /new/new/\2
It’s working fine.
I don’t know why ?


#10

Do you think that i can make it with htacess ?
Because my goal is to have multiple domain redirect in one server.


#11

The redirect from /v1 to /new/new is much easier in a way because not all traffic starts with /v1.

The problem with a regex looking for a URI starting with a / is that every possible request will start with that /.

If you can confirm the exact behaviour required it should be possible to do, do you want ALL traffic silently redirected to /new/new or only traffic to the root URI /? And do we have to account for other requests to / such as /somepage.html?


#12

Hmm possible idea for the initial issue, I think the problem there was when you request http://example.com/new/new it will request http://example.com/new/new/new/new, we could get around that issue with a counter repetition ACL:

acl no_redir url_beg   /new/new/
reqirep ^([^\ :]*)\ /(.*)     \1\ /new/new/\2 if !no_redir

This may be enough to work around your issues making it work more like your other example.


#13

In this case i will kept the old ACL or i replace it ?


#14

It’s function!!!
Thanks very much


#15

Please can you help with this topic SSL Termination
Thank in advance.


#16

I have another problem.
When i enter http://localhost.com the redirection function well but when i enter http://www.localhost.com i have the error : You don’t have permission to access /PROD/MYTRAVEL/FO/ on this server.You don’t have permission to access /new/new/ on this server.


#17

If the problem persists then can you share your current config so I can take a look.