Unable to Reach app from Specified URL

aziddam · October 28, 2023, 12:28pm

I am new to Haproxy. I intend to do a reverse proxy using Haproxy. My setup is as follows

I have two Haproxy Servers with keepalived installed for HA, and then I have my applications hosted on several web servers with several applications running on them using Apache virtual hosting

I want to expose a particular web application over the internet <example.com>. I can successfully Curl that URL from the haproxy servers when i do curl <example.com>. I set the needed parameters in the host file of the haproxy servers

But when i map that URL to a public IP of the Haproxy Server, I get redirected to a different application been hosted on that same web server. Any idea what i have done wrong. My configuration is shared below

global
  log 127.0.0.1 local0
  log 127.0.0.1 local1 notice
  chroot /var/lib/haproxy
  stats socket /var/haproxy/admin.sock mode 660 level admin
  stats timeout 30s
  maxconn 4000
  user haproxy
  group haproxy
  daemon
  ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
  ssl-default-bind-options prefer-client-ciphers no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
  ssl-default-server-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
  ssl-default-server-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
  ssl-dh-param-file /etc/ssl/dhparam


defaults
  mode http
  log global
  option httplog
  option dontlognull
  retries 3
  option redispatch
  maxconn 2000
  timeout connect 5000
  timeout client 50000
  timeout server 50000

frontend example
  bind example.com:80
  bind example.com:443 ssl crt /etc/ssl/certs/certs.pem
  http-request redirect scheme https code 301 if !{ ssl_fc }
  http-response set-header Strict-Transport-Security max-age=63072000
  default_backend example_server
  log global

backend example_server
  balance roundrobin
  server web_srv  172.16.50.101:80
  log global

randomguy · October 30, 2023, 8:28pm

You mention that you get redirected to another application. Are you saying that something different loads or that the haproxy instance is sending you to a different location?

Try running curl http:/// from your machine and that should hit the haproxy instance and then be passed along to port 80 on your backend server.

aziddam · November 1, 2023, 10:31am

Thanks.

This has been fixed. My bindings (80,443) seemed to be the issue. When i changed to *:80 and *:443, all was fine

Topic		Replies	Views
Binding port 443 to both HTTP and TCP Help!	3	7927	December 8, 2020
NginX / Apache Reverse Proxy Settings To HAProxy Help!	5	1978	June 26, 2022
Help needed: I am trying to use HAProxy to deny access from internet to a specific URL Help!	0	447	October 9, 2023
Redirect not working properly to backends Help!	0	114	February 24, 2024
Need help with multiple domains, one public IP Help!	2	2625	March 7, 2021

Unable to Reach app from Specified URL

Related Topics