Ran tcpdump on the proxy in search of useful detail. Saw these unfamiliar (to me) headers on the PH/500 'd request :
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90" sec-ch-ua-mobile: ?0 Googled, found : https://www.chromium.org/updates/ua-ch, was a tad FUD'd by === Possible Site Compatibility Issue UA-CH is an additive feature, which adds two new request headers that are sent by default: `sec-ch-ua` and `sec-ch-ua-mobile`. Those request headers are based off of Structured Field Values, an emerging standard related to HTTP header values. They contain characters that, though permitted in the HTTP specification, weren’t previously common in request headers, such as double-quotes (“), equal signs (=), forward-slashes (/), and question marks (?). Some Web-Application-Firewall (WAF) software, as well as backend security measures, may mis-categorize those new characters as “suspicious”, and as such, block those requests. === HAProxy tends to be up on all such things, but any chance the PH/500 could be related ? Thanks, ...jfree
