Complete config is: ``` # Automaticaly generated, dont edit manually. # Generated on: 2019-06-01 14:38 global maxconn 1000 stats socket /tmp/haproxy.socket level admin gid 80 nbproc 1 hard-stop-after 15m chroot /tmp/haproxy_chroot daemon tune.ssl.default-dh-param 2048 log-send-hostname HaproxyMasterNode server-state-file /tmp/haproxy_server_state listen HAProxyLocalStats bind 127.0.0.1:2200 name localstats mode http stats enable stats admin if TRUE stats show-legends stats uri /haproxy/haproxy_stats.php?haproxystats=1 timeout client 5000 timeout connect 5000 timeout server 5000 frontend http-to-https bind 50.50.50.50:80 name 50.50.50.50:80 mode http log global option http-keep-alive timeout client 30000 acl domain.co.uk-Redirect var(txn.txnhost) -m beg -i domain.co.uk acl domain.co.uk var(txn.txnhost) -m str -i www.domain.co.uk http-request set-var(txn.txnhost) hdr(host) http-request redirect scheme https frontend shared-frontend-merged bind 50.50.50.50:443 name 50.50.50.50:443 no-sslv3 force-tlsv12 ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 ssl crt-list /var/etc/haproxy/shared-frontend.crt_list mode http log global option http-keep-alive option forwardfor acl https ssl_fc http-request set-header X-Forwarded-Proto http if !https http-request set-header X-Forwarded-Proto https if https timeout client 30000 acl ACL1 var(txn.txnhost) -m str -i domain.co.uk acl ACL2 var(txn.txnhost) -m str -i www.domain.co.uk acl aclcrt_shared-frontend var(txn.txnhost) -m reg -i ^www\.domain\.co\.uk(:([0-9]){1,5})?$ acl aclcrt_shared-frontend var(txn.txnhost) -m reg -i ^domain\.co\.uk(:([0-9]){1,5})?$ acl aclcrt_shared-frontend var(txn.txnhost) -m reg -i ^fileshare\.domain\.co\.uk(:([0-9]){1,5})?$ acl ACL12 req.cook_cnt(organizr_token_b112adac-dbcb-41c1-9ed6-e8eb190763f2=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImp0aSI6IjRmMWcyM2ExMmFhIn0.eyJpc3MiOiJPcmdhbml6ciIsImF1ZCI6Ik9yZ2FuaXkdofmsnjRpIjoiNGYxZzIzYTEyYWEiLCJpYXQiOjE1NTkzOTIxODYsImV4cCI6MTU1OTk5Njk4NiwidXNlcm5hbWUiOiJjaGFybGllIiwiZ3JvdXAiOiJBZG1pbiIsImdyb3VwSUQiOjAsImVtYWlsIjoiZHJvc3Nib3hAcHJvdG9ubWFpbC5jb20iLCJpbWFnZSI6Imh0dHBzOlwvXC93d3cuZ3JgppF0YXIuY29tXC9hdmF0YXJcLzJmMjUwMjJkMjU0NGIyNzgxMzA3ZGRhZmQwZGRhYjM5P3M9MTAwJmQ9bW0iLCJ1c2VySUQiOjF9.Y3pGdrPMARVdXSdAs1TigTQPH1HOkbsYkRCBo3pUkaY) -m found acl ACL9 var(txn.txnhost) -m str -i grafana.domain.co.uk acl ACL10 var(txn.txnhost) -m str -i plex.domain.co.uk http-request set-var(txn.txnhost) hdr(host) use_backend Organizr_ipv4 if ACL1 use_backend Fileshare_ipv4 if ACL12 backend Organizr_ipv4 mode http id 10100 log global timeout connect 30000 timeout server 30000 retries 3 source ipv4@ usesrc clientip server Organizr 192.168.2.10:8899 id 10101 check inter 1000 backend Fileshare_ipv4 mode http id 10108 log global timeout connect 30000 timeout server 30000 retries 3 source ipv4@ usesrc clientip server Fileshare 192.168.2.10:8000 id 10111 check inter 1000 ``` For now, I'm only trying to get the fileshare subdomain working, at which point I'll apply it to the rest of the services I'd like available. The cookie created is always the same for each user - so eventually I want to access the main page, log in (at which point the cookie is issued), and have every other domain require the presence of the cookie. I've checked on another machine and browser, they're both able to access the 'fileshare' subdomain without the cookie being present.