I am new to HAProxy. I want to restrict all to access a sub URL but not for access from few IPs. My Implementation of HAProxy is below and it is blocking all for IPs. I want “example.com/abc/qaz” accessible from 1.1.1.1 and 2.2.2.2 only.
# Listen to port 80. Throw a 301 redirect to port 443
frontend Listen80
bind *:80
redirect scheme https code 301 if !{ ssl_fc }
# List to port 443. Redirect to appropriate backend based on URL
frontend Listen443
bind *:443 ssl crt /etc/ssl/certs/examplesslpem %>
acl web_url path_beg /abc /xyz
acl web_url path_beg /efg /xy
acl batch_url path_beg /h /ga
acl network_allowed src 1.1.1.1 2.2.2.
acl resticted_pages path_beg /abc/qaz/
http-request deny if resticted_pages !network_allowed
use_backend BATCH if batch_url
use_backend SVC if svc_url
use_backend WEB if web_url
# Listen to port 8080. Pass through to WEB backend
frontend Listen8080
bind *:8080
use_backend WEB
backend WEB
mode http
balance roundrobin
option httpclose
cookie SERVERIDWEB insert indirect nocache secure
option forwardfor
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
reqrep ^([^\ ]*\ /)abc[/]?(.*) \1\2
server app-1 example-app1.com:8080 check cookie app1web
server app-2 example-app2.com:8080 check cookie app2web
server app-3 example-app3.com:8080 check cookie app3web
server app-4 example-app4.com:8080 check cookie app4web
server app-5 example-app5.com:8080 check cookie app5web