haproxy | Browser says ERR_TOO_MANY_REDIRECTS

tn1rpi3

Hi there.

Trying to get haproxy to serve a .com domain incl. subdomains, but keep getting browser errors

• "ERR_TOO_MANY_REDIRECTS" in Chromium, and
• "page isn’t redirecting properly" in Firefox, respectively.
  Browsers suggest to purge cookies, which I did, but it seems that's not causing the prob.

Here's haproxy.cfg haproxy_settings.txt

#backends
I've played with ports 80 and 443, plus a random port, e.g. 9000.
My observations:
--> Using 80 will block local http access, using 443 blocks local https access.
With random port 9000 the sites test successfully when accessed locally.

Via WAN, however, sites will not show and produce the browser error described above.

I'd be happy to hear your suggestions.
Thanks a lot.

---

p.s.:
Versions used:
HaProxy 1.7.11, pfsense 2.4.4-RELEASE-p3

FWIW: Here are my frontend definitions:

tn1rpi3

@tn1rpi3
Did some more research on the topic.
Here's what I found. - Seems I'm almost there..

• troubleshooting redirect errors
  --> c/o cloudflare link below:
  Change Flexible SSL encryption mode@Cloudflare SSL/TLS app to "FULL"

Solving that gave rise to HTML error 503, so next I dug into ACL settings.

• getting rid of 503 "Service unavailable"
  --> c/o stackoverflow link:
  adapt Frontend ACL from
  "Host matches my_site.com" to "Host regex { hdr(host) -i sub1.my_domain.com }"

Still not entirely happy, because redirect does not lead to desired apache2 subfolders.

• messing with multiple ACLs + custom ACLs <-- DOES NOT YET SOLVE THE ISSUE.
  --> c/o haproxy documentation
  ACL1a "Host matches my_site.com"
  ACL1b "Custom ACL { path_dir -i apache2_subfolder_name }

BOTTOM LINE:
All sites are responsive now.
However, apache2 does not yet redirect to the desired content.
For now it only shows the folders containing it.

Can anyone give me a hint as to how I can redirect to the correct server path?

Thanks a bunch!

sources:
https://support.cloudflare.com/hc/en-us/articles/115000219871-Why-does-Flexible-SSL-cause-a-redirect-loop-#h_dfa85774-c19f-4f49-b11b-bf9bacf6e831
https://stackoverflow.com/questions/58405188/pfsense-haproxy-redirect-unmatched-to-url
https://www.haproxy.com/documentation/aloha/10-0/traffic-management/lb-layer7/acls/

tn1rpi3

@tn1rpi3 said in haproxy | Browser says ERR_TOO_MANY_REDIRECTS:

BOTTOM LINE:
All sites are responsive now.
However, apache2 does not yet redirect to the desired content.

After some extensive trial and error with ACL settings I've come full circle.
meaning that
I added an "http-request set uri" action to my_site.com
and under fmt I put "/subfolder_name"

--> This finally sets the desired path on the server.
Alas, now the error message "ERR_TOO_MANY_REDIRECTS" has returned.

Since the initial cause of above error was solved, I will declare this topic as solved.
I would appear appropriate to open another topic on this.