Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HAproxy issue after installing 2.3.5 (SOLVED)

    Scheduled Pinned Locked Moved Cache/Proxy
    13 Posts 2 Posters 3.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      PiBa
      last edited by

      Indeed haproxy cannot send a http redirect when operating in tcp mode.

      The redirect that seems to happen anyway might be a cached hsts header (usually hard but possible to erase from the browser memory, take more then just deleting cookies though..)
      Or also the 'webgui redirect' from pfSense System/Advanced/AdminAccess which will be listening on port 80.

      1 Reply Last reply Reply Quote 0
      • K
        killmasta93
        last edited by

        Thanks for the reply, as i changed the port to 81 so it wont listen but same concept because HTTP cannot be directed to HTTPS. Would there be any other way using the TCP mode on HAproxy? Rewriting the URL maybe?

        The redirect that seems to happen anyway might be a cached hsts header (usually hard but possible to erase from the browser memory, take more then just deleting cookies though..)

        what i did is on chrome crtl+shift+delete, deleted everything closed it and opened it and bam wont redirect. of Course on firefox did not delete anything and went perfect. The issue with that is when a user or client has never gone to the website there either going to error or it wont load unless they put https://

        Thank you

        Tutorials:

        https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

        1 Reply Last reply Reply Quote 0
        • P
          PiBa
          last edited by

          For the redirect from http to https to work you must have something that listens on :80 and performs the redirect. This could be done with a frontend specifically made for this and without any backends. It could have a single action that performs the redirect.

          1 Reply Last reply Reply Quote 0
          • K
            killmasta93
            last edited by

            Thanks for the quick reply,
            So on HAproxy i added another frontend
            But when i try to apply settings im getting this error

            Errors found while starting haproxy
            [ALERT] 309/165522 (51624) : parsing [/var/etc/haproxy_test/haproxy.cfg:45] : error detected in frontend 'HTTP' while parsing 'http-request redirect' rule : redirection type expected ('prefix', 'location', or 'scheme').
            [ALERT] 309/165522 (51624) : Error(s) found in configuration file : /var/etc/haproxy_test/haproxy.cfg 
            

            see picture

            Thank you

            Clipboarder.2017.11.06-004.png
            Clipboarder.2017.11.06-004.png_thumb
            Clipboarder.2017.11.06-005.png
            Clipboarder.2017.11.06-005.png_thumb
            Clipboarder.2017.11.06-006.png
            Clipboarder.2017.11.06-006.png_thumb

            Tutorials:

            https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

            1 Reply Last reply Reply Quote 0
            • P
              PiBa
              last edited by

              Must tell it what type of redirect to perform "scheme https" in your case..

              ![2017-11-06 18_48_03-Services_ HAProxy_ Frontend_ Edit - pfSe.localdomain.png](/public/imported_attachments/1/2017-11-06 18_48_03-Services_ HAProxy_ Frontend_ Edit - pfSe.localdomain.png)
              ![2017-11-06 18_48_03-Services_ HAProxy_ Frontend_ Edit - pfSe.localdomain.png_thumb](/public/imported_attachments/1/2017-11-06 18_48_03-Services_ HAProxy_ Frontend_ Edit - pfSe.localdomain.png_thumb)

              1 Reply Last reply Reply Quote 0
              • K
                killmasta93
                last edited by

                Thank you for the quick reply, that did the trick. for anyone else having this issue here is the screen shot for working SSL, the only tiny issue is the www, if someone puts www.mydomain.com it wont direct it to mydomain. i tried adding on rule prefix https but no luck, was reading the manual HAproxy but did not find any other rule that would apply for the www

                Thank you again

                Clipboarder.2017.11.06-008.png
                Clipboarder.2017.11.06-008.png_thumb

                Tutorials:

                https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

                1 Reply Last reply Reply Quote 0
                • P
                  PiBa
                  last edited by

                  The www prefix rule needs a bit more content in its action i think: "prefix https://mydomain.com"

                  1 Reply Last reply Reply Quote 0
                  • K
                    killmasta93
                    last edited by

                    Thanks for the reply, as for the prefix i tried

                    prefix https://mydomain.com
                    prefix https://www.mydomain.com

                    I also changed ACL because realized that the web_acl www.mydomain.com wont work because all www on nginx gets redirect to mydomain.com

                    So instead redirect to mydomain.com but unfortunately did not work

                    Thank you

                    Clipboarder.2017.11.06-009.png
                    Clipboarder.2017.11.06-009.png_thumb

                    Tutorials:

                    https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

                    1 Reply Last reply Reply Quote 0
                    • P
                      PiBa
                      last edited by

                      well.. www only gets redirected by nginx webserver if the traffic gets to it as far as ive see the 443 frontend doesnt check for www to pass to the right backend.?.

                      anyhow using the "prefix https://mydomain.com" should work to redirect http://www.domain.com to https://domain.com, browser caches of previous followed redirects aside..

                      1 Reply Last reply Reply Quote 0
                      • K
                        killmasta93
                        last edited by

                        Thanks for the reply, so after hours trail and error this is the config that worked to redirect the www to mydomain.com whats odd that every browser worked by putting the www.mydomain.com besides safari on the iphone but i guess who knows what safari does that wont let redirect, besides that internet explorer, chrome, firefox, puffin all worked well.
                        What i did is to create another acl web2 host start with www then below with the prefix

                        prefix https://mydomain.com
                        

                        which points to web2

                        Thank you again for all the help hope this helps others see picture

                        Clipboarder.2017.11.06-010.png
                        Clipboarder.2017.11.06-010.png_thumb

                        Tutorials:

                        https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.