HTTPS frontend to HTTP backend

wilnzi · October 5, 2017, 7:17am

Hi,
Helps please.

I’m trying to configure this architecture.
Frontend with https and redirection with http in backend.
But when i make it, i always have this error message :
Forbidden
You don’t have permission to access /new/new/ on this server.

But this directory exits in the two backends servers and have 0777 as chmod.

My configuration :

frontend www-http
bind *:80
mode http
option httpclose
option forwardfor

redirect prefix https://www.example.com if { hdr(host) -i example.com }
redirect prefix https://www.example.com if { hdr(host) -i www.example.com }

acl exampleACL hdr_dom(host) -i example.com
use_backend exampleBackend if exampleACL 
default_backend defaultBackendServer

frontend www-https
bind *:443 ssl crt /etc/ssl/certs/adwa/certificate.pem
mode http
option httpclose
option forwardfor

redirect prefix https://www.example.com if { hdr(host) -i example.com }

acl exampleACL hdr_dom(host) -i example.com
use_backend exampleBackend if exampleACL 
default_backend defaultBackendServer

backend defaultBackendServer
mode http
balance source
server SRV-WEB-1 192.168.2.13:80 check
server SRV-WEB-2 192.168.2.14:80 check

backend exampleBackend
mode http
redirect scheme http code 301 if !{ ssl_fc }
balance source
acl no_redir url_beg /new/new/
reqirep ^([^\ :])\ /(.) \1\ /new/new/\2 if !no_redir
server SRV-WEB-1 192.168.2.13:80 check
server SRV-WEB-2 192.168.2.14:80 check

lukastribus · October 5, 2017, 7:22am

This is an error your webserver is emitting, it is not coming from haproxy. Check your webservers logs.

wilnzi · October 5, 2017, 7:24am

Thank
I will check it.
But when i open with http, it passe very well!

wilnzi · October 7, 2017, 4:10am

Thank !
The error is on my apache server.

The error log :
[Sat Oct 07 05:51:44.352524 2017] [authz_core:error] [pid 5454] [client 192.168.2.15:52656] AH01630: client denied by server configuration: /www, referer: https://www.ewample.com/

Please do you have any solution ?

lukastribus · October 7, 2017, 10:44am

I don’t have a solution for you, I’m not an Apache expert.

Check your Apache configuration, specifically the authz_core configuration:
https://httpd.apache.org/docs/2.4/mod/mod_authz_core.html

wilnzi · October 8, 2017, 12:05pm

Thanks a lot for your help.

Effectivelly, it was my apache configuration which was not good.

I configured a virtual host, so i just remove it.

Thank

Topic		Replies	Views
How to use frontend without binding IP Help!	0	630	April 6, 2020
Redirect to backend comparing requests and host in a file Help!	4	1044	May 3, 2022
SSL passthrough with acl Help!	0	1090	March 26, 2018
Should a use_backend followed by redirect work? Help!	1	106	December 21, 2023
Multiple ssl/sni frontend configs without sharing config settings between sni names Help!	6	2603	July 29, 2020

HTTPS frontend to HTTP backend

Related Topics