well the application behind haproxy in this case is wordpress on apache2.2, any 
settings there?





On Friday, February 28, 2014 4:57 AM, Baptiste <bed...@gmail.com> wrote:
 
It may not fix the issue.
But at least the configuration will do what you expect from it...

That said, the issue may be in the application too :)
It is commonly seen that applications don't behave properly when SSL
offloading is enabled in front of them.

Baptiste



On Thu, Feb 27, 2014 at 4:16 PM, Amol <mandm_z...@yahoo.com> wrote:
> Thanks Baptiste, let me give that a try
>
>
>
> On Thursday, February 27, 2014 9:37 AM, Baptiste <bed...@gmail.com> wrote:
> Hi Amol,
>
> There are a few improvement you can do.
> First update your frontend acl to:
>   acl host_xx hdr(host) -i xx.com
>
> then in your backend, this ACL should never match: "acl login_page
> url_beg  /xyz"
> replace url_beg by path_beg.
>
> Your problem is not there as well.
> I think your application server is sending hardcoded data or Location
> headers.
> analyzing the body of the pages and HAProxy logs may help here.
>
> Baptiste
>
>
>
> On Tue, Feb 25, 2014 at 4:56 PM, Amol <mandm_z...@yahoo.com> wrote:
>> Hi i am using HA-Proxy version 1.4.12 and i have an issue trying to
>> redirect
>> my website to "http"
>> requirement : when a user types in http://<website_name>.com he should not
>> be redirected to https://<website_name>.com
>> currently it does that and some of the video links on our main page do not
>> work (basically vimeo has http links while our page is https so it throws
>> a
>> security exception)
>>
>> at the same time we need users with http://<website_name>.com/xyz to be
>> redirected to https://<website_name>.com/xyz (this helps users login to
>> secure application)
>>
>> so under my current configurations i cannot get the first part to work,
>> basically (www.<website_name>.com works and stays http but when i type
>> http://<website_name>.com it does a redirection to https)
>>
>> frontend http-in
>>        bind xx.xx.xx.xx:80 name http
>>        bind 10.xx.xx.xx:8000 name https # forwared by stunnel
>>
>>        acl host_xx hdr_beg(host) -i xx.com
>>        use_backend xx-http if host_xx
>>        default_backend xx-https
>>
>> backend xx-http
>>        balance roundrobin
>>        cookie BALANCEID insert indirect nocache
>>        option http-server-close
>>        option httpchk OPTIONS /check.txt HTTP/1.1\r\nHost:\ www
>>        server xx-app1 xx.xx.xx.xx:80 cookie A check
>>        server xx-app6 xx.xx.xx.xx:80 cookie B check backup
>>        acl secure dst_port eq 8000
>>        acl login_page url_beg  /xyz
>>        redirect prefix https://xx.com if login_page !secure
>>
>> backend xx-https
>>        mode http
>>        balance roundrobin
>>        cookie BALANCEID insert indirect nocache
>>        option http-server-close
>>        # option forwardfor except 127.0.0.1
>>        option httpchk OPTIONS /check.txt HTTP/1.1\r\nHost:\ www
>>        server xx-app1 xx.xx.xx.xx:80 cookie s1 weight 1 maxconn 5000 check
>>        server xx-app6 xx.xx.xx.xx:80 cookie s2 weight 1 maxconn 5000 check
>> backup
>>
>> any suggestions?
>>
>
>
>

Reply via email to