Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HAProxy randomly "failing", need to restart service to fix

    Scheduled Pinned Locked Moved Cache/Proxy
    3 Posts 3 Posters 602 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      ProxyMoron
      last edited by

      So i have HAProxy running and, on occasion, it seems to fail. By Fail i mean that when i try to access my website behind the proxy i get a browser warning about an unsecure website (like you do with self signed certs). If i click to continue it shows a PFSense screen warning about (If i remember correctly) a reverse DNS attack or something similar (i'll update with the exact message when it happens again.

      To fix - i simply restart the HAProxy service and it all starts to work - the HAProxy service IS operational though prior to restarting.

      PfSense - 2.3.2-RELEASE-p1
      HaProxy - 0.48_1

      Any ideas how i can diagnose this further?

      1 Reply Last reply Reply Quote 0
      • S
        Stewart
        last edited by

        I haven't used HAProxy before, but is it a warning about a DNS Rebind attack?  If so, you can set NAT reflection for the NAT.  There is also a setting for DNS rebind in System-Advanced, I believe.  Those may help to troubleshoot the next time it goes down.

        1 Reply Last reply Reply Quote 0
        • P
          PiBa
          last edited by

          I would move webgui to a non-standard port like 1443 or something, and disable the webgui-redirect.. Then at least you wont unintentionally end up on the webgui when trying to visit the wan-ip.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.