Haproxy to prevent access to all but selected URLs on a backend

sinaowolabi · April 26, 2019, 9:41am

Hi!

I am trying to setup haproxy to block access to a backend server from a particular IP address.
I need haproxy to allow access to only three URLs on the backend server.
I came up with this, please can someone tell me if this is correct, and will work as expected?

frontend access_control
   maxconn     50000
   bind        *:8080
   mode        http
   option      httplog
   http-request deny if !{ path -i -m beg /url1/path } { src 1.1.1.1 } 
   http-request deny if !{ path -i -m beg /url2 } { src 1.1.1.1 }
   http-request deny if !{ path -i -m beg /url3 } { src 1.1.1.1 }
default_backend access_control_backend

backend access_control_backend
   mode        http
   option      httplog
   server      server1     server1:8080

sinaowolabi · April 27, 2019, 8:39am

It appears to work, but I would really appreciate some assistance in refining it, if necessary.

Topic		Replies	Views
Block Sub URL for all except list of few IPs Help!	2	7124	January 14, 2017
Disable backend https Help!	3	734	February 13, 2018
How to restrict access for a back-end just to the internal network Help!	1	1315	November 14, 2018
Restricting URLs to an IP range Help!	2	1252	October 25, 2023
Help needed: I am trying to use HAProxy to deny access from internet to a specific URL Help!	0	744	October 9, 2023

Haproxy to prevent access to all but selected URLs on a backend

Related topics