Hi All,
When I view source on my website, I noticed that all my relative paths are replaced with absolute paths. I’d like to find out why this is happening and to figure out if this has something to do with my footer not showing up in the https version of my site.
http://www.nomura.ca (notice the footer on the bottom and all paths are relative)
https//www.nomura.ca (paths are now all absolute and the footer text is gone. Not sure if the two are related)
Here’s my haproxy.cfg. Hopefully someone can figure this out.
global
log /dev/log local0
log /dev/log local1 notice
# chroot /var/lib/haproxy
chroot /etc/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
maxconn 50000
tune.ssl.default-dh-param 2048
# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
# Default ciphers to use on SSL-enabled listening sockets.
# For more information, see ciphers(1SSL). This list is from:
# https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
ssl-default-bind-options no-sslv3 no-tlsv10
lua-load /etc/haproxy/acme-http01-webroot.lua
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
option forwardfor
option http-server-close
frontend www-http
maxconn 50000
bind 10.250.50.100:80
reqadd X-Forwarded-Proto:\ http
# Rule to redirect to Lua plugin
acl url_acme_http01 path_beg /.well-known/acme-challenge/
http-request use-service lua.acme-http01 if METH_GET url_acme_http01
# Use the special non http to https forwarding backend if traffic from LE
use_backend verification if url_acme_http01
default_backend www-backend
frontend www-https
maxconn 50000
bind 10.250.50.100:443 ssl crt /etc/haproxy/certs/
reqadd X-Forwarded-Proto:\ https
default_backend https-backend
backend verification # does not redirect to https to allow verification to work with LE without errors
option httpchk GET /
http-check expect string alive
server web1 10.250.30.1:80 check fall 3 rise 2
server web2 10.250.30.2:80 check fall 3 rise 2
server web3 10.250.30.3:80 check fall 3 rise 2
server web4 10.250.30.4:80 check fall 3 rise 2
server web5 10.250.30.5:80 check fall 3 rise 2
server web6 10.250.30.6:80 check fall 3 rise 2
server web7 10.250.30.7:80 check fall 3 rise 2
server web8 10.250.30.8:80 check fall 3 rise 2
server web9 10.250.30.9:80 check fall 3 rise 2
server web10 10.250.30.10:80 check fall 3 rise 2
backend www-backend
option httpchk GET /
http-check expect string alive
# redirect code to https below if http traffic is hitting the frontend
# redirect scheme https if !{ ssl_fc } # redirects https
server web1 10.250.30.1:80 check fall 3 rise 2
server web2 10.250.30.2:80 check fall 3 rise 2
server web3 10.250.30.3:80 check fall 3 rise 2
server web4 10.250.30.4:80 check fall 3 rise 2
server web5 10.250.30.5:80 check fall 3 rise 2
server web6 10.250.30.6:80 check fall 3 rise 2
server web7 10.250.30.7:80 check fall 3 rise 2
server web8 10.250.30.8:80 check fall 3 rise 2
server web9 10.250.30.9:80 check fall 3 rise 2
server web10 10.250.30.10:80 check fall 3 rise 2
backend https-backend
option httpchk GET /
http-check expect string alive
server web1 10.250.30.101:443 check fall 3 rise 2 ssl verify none
server web2 10.250.30.102:443 check fall 3 rise 2 ssl verify none
server web3 10.250.30.103:443 check fall 3 rise 2 ssl verify none
server web4 10.250.30.104:443 check fall 3 rise 2 ssl verify none
server web5 10.250.30.105:443 check fall 3 rise 2 ssl verify none
server web6 10.250.30.106:443 check fall 3 rise 2 ssl verify none
server web7 10.250.30.107:443 check fall 3 rise 2 ssl verify none
server web8 10.250.30.108:443 check fall 3 rise 2 ssl verify none
server web9 10.250.30.109:443 check fall 3 rise 2 ssl verify none
server web10 10.250.30.110:443 check fall 3 rise 2 ssl verify none
listen stats
bind :9000
mode http
stats enable
# stats hide-version
stats show-node
stats realm HAproxy-Statistics
stats uri /haproxy_stats
stats auth admin:************
stats refresh 5s