hi
i have a whm server that i need to fully hide the ip address of this server.
i setup haproxy 1.7.8 on vps
then i add this configuration :
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats timeout 30s
user haproxy
group haproxy
daemon
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
frontend http_front
bind *:80
mode http
stats uri /haproxy?stats
default_backend http_back
backend http_back
balance first
mode http
server whm ***.***.***.***:80 check
i found this configuration in some tutorial but i need the missing part of this config
i check my whm server with port scan and now i know what ports should be in this config
here is the result :
please help me to complete the config file of haproxy
1 Like
If you have a large number of different ports you have to forward, Iâd suggest to not specify port 80 on the backend (and donât even use health checks, if you have no backup servers anyway). That way you can use multiple frontend ports which will be reused on the backend.
Something likes this (adjust the ports of course):
frontend allports
bind :21,80,443,110,143,587
default_backend allportsserver
backend allportsserver
server whm ***.***.***.***
2 Likes
thanks for your help
i set everything that you send to me and my config file now is :
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats timeout 30s
user haproxy
group haproxy
daemon
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
frontend allports
bind :21,53,80,110,143,443,465,587,993,995,2077,2078,2079,2080,2082,2083,2086,2087,2095,2096,7080,7777
stats uri /haproxy?stats
mode http
default_backend allportsserver
backend allportsserver
server whm ...
when i save this configuration and restart the haproxy using this command ( sudo systemctl restart haproxy ) i got some errors and haproxy wont run
Job for haproxy.service failed because the control process exited with error code. See âs ystemctl status haproxy.serviceâ and âjournalctl -xeâ for details.
[root@dl ~]# sudo systemctl status haproxy.service
â haproxy.service - SYSV: HA-Proxy is a TCP/HTTP reverse proxy which is particularly suit ed for high availability environments.
Loaded: loaded (/etc/rc.d/init.d/haproxy; bad; vendor preset: disabled)
Active: failed (Result: exit-code) since Fri 2018-09-14 20:51:12 EDT; 29s ago
Docs: man:systemd-sysv-generator(8)
Process: 25444 ExecStop=/etc/rc.d/init.d/haproxy stop (code=exited, status=0/SUCCESS)
Process: 32414 ExecStart=/etc/rc.d/init.d/haproxy start (code=exited, status=1/FAILURE)
Main PID: 8544 (code=exited, status=0/SUCCESS)
Sep 14 20:51:12 hostname.com systemd[1]: Starting SYSV: HA-Proxy is a TCP/HTTP r everse proxy which is particularly suited for high availability environmentsâŚ
Sep 14 20:51:12 hostname.com haproxy[32414]: /etc/rc.d/init.d/haproxy: line 26: [: =: unary operator expected
Sep 14 20:51:12 hostname.com haproxy[32414]: [ALERT] 256/205112 (32418) : parsin g [/etc/haproxy/haproxy.cfg:20] : âbindâ : missing port number: â53â
Sep 14 20:51:12 hostname.com haproxy[32414]: [ALERT] 256/205112 (32418) : Error( s) found in configuration file : /etc/haproxy/haproxy.cfg
Sep 14 20:51:12 hostname.com haproxy[32414]: [ALERT] 256/205112 (32418) : Fatal errors found in configuration.
Sep 14 20:51:12 hostname.com haproxy[32414]: Errors found in configuration file, check it with âhaproxy checkâ.
Sep 14 20:51:12 hostname.com systemd[1]: haproxy.service: control process exited , code=exited status=1
Sep 14 20:51:12 hostname.com systemd[1]: Failed to start SYSV: HA-Proxy is a TCP /HTTP reverse proxy which is particularly suited for high availability environmentsâŚ
Sep 14 20:51:12 hostname.com systemd[1]: Unit haproxy.service entered failed sta te.
Sep 14 20:51:12 hostname.com systemd[1]: haproxy.service failed.
Looks like I gave you the wrong syntax, I should have been:
bind :21,:53,:80,:110,:143,:443,:465,:587,:993,:995,:2077,:2078,:2079,:2080,:2082,:2083,:2086,:2087,:2095,:2096,:7080,:7777
1 Like
thanks for your help
the haproxy is running but i have some problems with ssl ports
can i config haproxy to use original whm ssl certificate ?
how to have ssl in haproxy anyway ?
1 Like
i have some strange problem
main whm domain is server.domain.com and the ip is 192.168.1.1
i set the dns of loadbalancer.domain.com to the ip 192.168.1.2 (haproxy)
the problem is when client enter the Ip of balancer and port the client redirects to server.domain.com !
this problem also exist in domain name loadbalancer.domain.com:2087 redirects to server.domain.com !
also port 21 for ftp cant access via loadbalancer ip or domain !
how can i fix redirects and ftp ?