Redirect not working properly to backends

krischanb · February 24, 2024, 11:09am

Hello all,
I am experiencing some issues with HA Proxy running as a reversproxy and redirecting traffic to two different applicarions.
Application2 is working fine with the configuration below.
Appllication1 causes some minor trouble. Typing in the browser in order to access the domain :“domain.com/application1” I do get a Time Out Error and the address in the browser changes to domain.com:82/application1. Were 82 the desired port of the backend and the application1 is listening on.
Now it becomes al little strange to me. Deleting now the “:82” in “domain.com:82/application1” lets me access the application1 in the webbroser. I assume that I messed in some line the redirecting command up, but I do not see where.
One restriction is, that i need to log the originating IP.
Below my configuration and

thank you for your help
Krischan

global
        log /dev/log    local0
        log /dev/log    local1 notice
        chroot /var/lib/haproxy
        stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
        stats timeout 30s
        user haproxy
        group haproxy
        daemon
        ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
        ssl-default-bind-options no-sslv3
        tune.ssl.default-dh-param 2048

defaults
        log     global
        mode    tcp

        option  tcplog
        option  dontlognull
        option forwardfor header X-Forwarded-For

        timeout connect 5000
        timeout client  50000
        timeout server  50000

        errorfile 400 /etc/haproxy/errors/400.http
        errorfile 403 /etc/haproxy/errors/403.http
        errorfile 408 /etc/haproxy/errors/408.http
        errorfile 500 /etc/haproxy/errors/500.http
        errorfile 502 /etc/haproxy/errors/502.http
        errorfile 503 /etc/haproxy/errors/503.http
        errorfile 504 /etc/haproxy/errors/504.http


frontend http-in
        bind :80
        mode http

        option forwardfor header X-Forwarded-For
        option httplog

        acl is_letsencrypt path_beg -i /.well-known/acme-challenge/

        redirect scheme https code 301 if !{ ssl_fc } !is_letsencrypt
        use_backend be_letsencrypt if is_letsencrypt


frontend https_in
        bind *:443
        option http-server-close

        acl tls req.ssl_hello_type 1
        acl is_application1 req.ssl_sni -i domain.com

        tcp-request inspect-delay 5s
        tcp-request content accept if tls

        use_backend recir_application1 if is_application1
        use_backend recir_application2 if !{ req.ssl_hello_type 1 } !{ req.len 0 }


backend be_letsencrypt
        mode http
        server localhost 127.0.0.1:81


backend recir_application1
        server loopback-for-tls abns@haproxy-application1 send-proxy

backend recir_application2
        server loopback-for-tls abns@haproxy-default send-proxy

frontend ssl-default
        bind abns@haproxy-default accept-proxy
        use_backend be_application2


frontend application1
        mode http
        bind abns@haproxy-application1 accept-proxy ssl crt /etc/letsencrypt/domain.com/haproxy.pem
        use_backend be_application1


backend be_application2
        server localhost 127.0.0.1:4545


backend be_application1
       mode http
       server localhost 127.0.0.1:82 send-proxy

Topic		Replies	Views
HAProxy not switching between backends Help!	16	6927	December 15, 2017
Need help with haproxy config Help!	0	491	March 20, 2019
Use_backend app-main if { hdr_dom(host) -i } -> Not recognize domain Help!	5	3901	November 7, 2019
Newbie - Several backends - not redirecting correctly Help!	7	1912	September 22, 2016
Haproxy reusing wrong backend when using tcp mode Help!	6	2169	April 2, 2021

Redirect not working properly to backends

Related Topics