This has been FIXED after updating to the latest version 23.05.

https://redmine.pfsense.org/issues/14024

@ciconet Here is how I did this, keep in mind I have approved specific site to only be spliced and not use MITM mode for those.
First:
Create a advanced config like this,
Screenshot 2023-05-21 at 11.42.45 AM.png
Second:
Populate your file with the URLS you want to splice.

Screenshot 2023-05-21 at 11.44.42 AM.png

You can also use

http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense_reducted.tar.gz

If you lack memory like I do to run the full list.

@trumee nginx.conf saying not allowed to use location tag

@viragomann

Ahh, the actual backend ... that makes sense
I changed the health check from http to basic, and now there is no more error on the dashboard AND the reverse proxy works. Problem solved. I had no idea that a health check failure had an impact on functionality. I thought it was just a monitoring feature.

Thanks so much!!

@jonathanlee

clamd table.jpg

23.05RC clamav.jpg

In my logs all is fine so I can´t help you out and don´t know what problem that is, perhaps it would be also able to see
here I thought first or it is something common (bug) but
it seems not to be.

@ben-ihelputech Many thanks, that was quite helpful.

@jonathanlee Thanks a lot

@dobby_ Thanks a lot, I am going to try.

@michele-trotta
Hi everyone ,

sorry for the delay, but the problem has been solved.

When the citrix workspace web app is launched it is asked to open a new page with microsodt EDGE. When "Open APP" is confirmed, a file with the ICA extension is downloaded. In this file there is a parameter that identifies an internal proxy that citrix will use. Now once this value has been discovered, it must be included in our Squid and the game is done!!!!

Good job everyone

Michele

@viragomann I have one interface for LAN, other for VLANs.

@swemattias said in HAProxy Nextcloud WebDAV URL Discovery:

the second part is not able to be saved due to that I have a http redirect already http to https.

Possibly you did that wrong? Did you limit the respective ACL to non-HTTPS Traffic?