Website auto redirecting when hosted on HAProxy

varms · April 27, 2017, 2:13am

Hi,
We are in the process of migrating from Apache reverse proxy to
HAProxy. We are facing issues with some of the web sites. Any
recommendation will be greatly appreciated.

We have hosted all application on HAProxy with the needed SSL
Certificates. All our sites are SSL, there is no non ssl site in our
env.

e.g. https ://mysite.com is on HAProxy

Env Configuration:
https ://mysite.com should forward the request to http ://192.168.128.10:8080 on the backend. The backend i.e. 192.168.128.10:8080 is not HTTPS it is only http site. So we are proxying HTTPS site to a backend http site.

Expected behaviour (Which is not working):
When we access the site https ://mysite.com it should auto forward to login page i.e. https ://mysite.com/app1/login.jsp?/app1/ – (this autoforward is the application behavior )

Issue:

When we access as https ://mysite.com/ the URL in the browser gets changed automatically to http: //mysite.com:8080/app1/login.jsp?/app1/

Since HAProxy is not listening on port 8080 the site gives error “Page cannot be displayed”

When the login page is accessed with full url i.e. https ://mysite.com/app1/login.jsp?/app1/ it loads fine, but on entering the domain only i.e. https ://mysite.com/ it ends up in “page cannot be displayed” error
This configuration is working smoothly with apache as reverse proxy, the configuration of apache is also provided below.

The HA Proxy configuration is as below

frontend http-in
bind *:443 ssl crt /etc/pki/tls/certs/mysite/mysite.com.pem crt /etc/pki/tls/certs/mysite1/mysite1.com.pem
mode http
acl mysite.com req.hdr(Host) mysite.com
acl path_mirror_app1 path -m beg /app1
use_backend mysite.com_redirect if mysite.com path_mirror_app1

backend mysite.com_redirect
http-request set-header Host mysite.com
server mysite.com 192.168.128.10:8080 check
mode http

Apache Configuration

The apache configuration for the same site which is working fine is as below

<VirtualHost *:443>
ServerName mysite.com
ProxyPass / http://192.168.128.10:8080/
ProxyPassReverse / http://192.168.128.10:8080/

SSLEngine On
SSLProxyEngine On
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite HIGH:!aNULL:!eNULL:!RC4
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLCertificateFile /etc/pki/tls/certs/mysite/mysite.com.crt
SSLCertificateKeyFile /etc/pki/tls/certs/mysite/mysite.com.key

Thankyou

lukastribus · April 27, 2017, 7:10am

You are configuring haproxy to only foward this to the backend when the URI begins with /app1, this is not the case when you are only pointing your browser to https://mysite.com/, which of course does not work as expected then.

Whatever your default_backend is pointing to, it will hit that instead of your “mysite.com_redirect” backend.

varms · May 2, 2017, 2:59am

I tried configuring “acl path_mirror_app1 path -m beg /” but the same redirection issue still persists. When i try to access the site with the domain name, the URL in browser gets autochanged to http.

lukastribus · May 2, 2017, 7:02am

I assume your backend has some problem with the host header not showing 8080.

Try modifying the Host header:
http-request set-header Host mysite.com:8080

Topic		Replies	Views
Redirect not working properly to backends Help!	0	227	February 24, 2024
Application behind Haproxy with SSL offloading Help!	3	1721	August 10, 2019
HA proxy Redirect NOT WORKING Help!	1	593	June 30, 2020
Backend redirects Help!	14	11529	February 11, 2019
Haproxy redirections with ssl Help!	1	878	April 26, 2017

Website auto redirecting when hosted on HAProxy

Related topics