On Sat, Mar 09, 2019 at 11:20:41AM +0200, Ciprian Dorin Craciun wrote: > On Sat, Mar 9, 2019 at 10:45 AM DHAVAL JAISWAL <dhava...@gmail.com> wrote: > > frontend loadbalancer_mycom > > bind 10.100.22.30:80 > > mode http > > > > redirect scheme https if !{ ssl_fc } > > > If this line is the one that makes the redirect (and exposes the > internal IP in case of HTTP/1.0) then you can't fix it as it's part of > HAProxy internal code.
Note that haproxy will not disclose addresses or whatever, it will simply build the redirect based on the Host and URI it received. This probably means that ELB itself has added the Host header with the internal address when it should not have done so, and is disclosing this info itself. Or maybe it's adding a Host header field with its own (ELB) listening address. Probably they need this to upgrade from 1.0 to 1.1 in order to reuse connections. Willy