### Detailed Description of the Problem
I use HAProxy to get access to NextCloud and Plex from outside the network.
but for some reason HAProxy thinks that Plex is down, and the status page
is inaccessible
### Expected Behavior
going to nextcloud.domain.com and plex.domain.com should redirect me to
each service respectively. however, only NextCloud is accessible:
```
Feb 19 16:18:21 localserver systemd[1]: Started HAProxy Load Balancer.
Feb 19 16:18:21 localserver haproxy[30087]: Proxy show-403 started.
Feb 19 16:18:21 localserver haproxy[30087]: Proxy letsencrypt started.
Feb 19 16:18:21 localserver haproxy[30087]: Proxy letsencrypt started.
Feb 19 16:18:21 localserver haproxy[30087]: Proxy nextcloud-http started.
Feb 19 16:18:21 localserver haproxy[30087]: Proxy nextcloud-http started.
Feb 19 16:18:21 localserver haproxy[30087]: Proxy plex-http started.
Feb 19 16:18:21 localserver haproxy[30087]: Proxy plex-http started.
Feb 19 16:18:22 localserver haproxy[30088]: [WARNING] 049/161822 (30088) :
Server plex-http/plex is DOWN, reason: Layer7 wron>
Feb 19 16:18:22 localserver haproxy[30088]: [ALERT] 049/161822 (30088) :
backend 'plex-http' has no server available!
```
trying to access Plex and the Status Page will always be redirected to an
error page:
```
503 Service Unavailable
No server is available to handle this request.
```
### Steps to Reproduce the Behavior
1. Run NextCloud Snap on port 81
2. Run Plex on port 32400
3. Use Haproxy with SSL termination
### Do you have any idea what may have caused this?
Plex is failing the Health Check preformed by HAProxy even when it is
running
I can not see why the Status Page is inaccessible
### Do you have an idea how to solve the issue?
1. Haproxy assumes always service is available
2. HAProxy preforms different Health Check on Service
### What is your configuration?
```haproxy
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /var/lib/haproxy/admin.sock mode 660 level admin
expose-fd listeners
stats timeout 30s
user haproxy
group haproxy
daemon
# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
# See:
https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate
ssl-default-bind-ciphers xxx>
ssl-default-bind-ciphersuites xxx
ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 500000
timeout server 500000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
frontend http
bind :::443 ssl crt /etc/haproxy/ssl-certs/cert.pem
reqadd X-Forwarded-Proto:\ https
acl letsencrypt-req path_beg /.well-known/acme-challenge/
use_backend letsencrypt if letsencrypt-req
acl path_dav path_beg /.well-known/caldav || path_beg
/.well-known/carddav
redirect location "https://nextcloud.domain.com/remote.php/dav"; if
path_dav
acl host_nextcloud hdr(host) -i nextcloud.domain.com
use_backend nextcloud-http if host_nextcloud
acl host_plex hdr(host) -i plex.domain.com
use_backend plex-http if host_plex
default_backend show-403
listen stats
bind localhost:1936
mode http
log global
maxconn 10
clitimeout 100s
srvtimeout 100s
contimeout 100s
timeout queue 100s
stats enable
stats hide-version
stats refresh 30s
stats show-node
stats auth admin:password
stats uri /haproxy?stats
backend show-403
mode http
http-request deny deny_status 403
backend letsencrypt
mode http
server letsencrypt localhost:10500
backend nextcloud-http
mode http
balance roundrobin
option forwardfor
option httpchk HEAD / HTTP/1.1\r\nHost:localhost
server nextcloud localhost:81 check
backend plex-http
mode http
balance roundrobin
option forwardfor
option httpchk HEAD / HTTP/1.1\r\nHost:localhost
server plex localhost:32400 check
```
### Output of `haproxy -vv`
```plain
HA-Proxy version 2.0.13-2ubuntu0.3 2021/08/27 - https://haproxy.org/
Build options :
TARGET = linux-glibc
CPU = generic
CC = gcc
CFLAGS = -O2 -g -O2
-fdebug-prefix-map=/build/haproxy-jeVpgs/haproxy-2.0.13=.
-fstack-protector-strong -Wformat -Werror=format-security -Wdate-time
-D_FORTIFY_SOURCE=2 -fno-strict-aliasing -Wdeclaration-after-statement
-fwrapv -Wno-address-of-packed-member -Wno-unused-label -Wno-sign-compare
-Wno-unused-parameter -Wno-old-style-declaration -Wno-ignored-qualifiers
-Wno-clobbered -Wno-missing-field-initializers -Wno-implicit-fallthrough
-Wno-stringop-overflow -Wno-cast-function-type -Wtype-limits
-Wshift-negative-value -Wshift-overflow=2 -Wduplicated-cond
-Wnull-dereference
OPTIONS = USE_PCRE2=1 USE_PCRE2_JIT=1 USE_REGPARM=1 USE_OPENSSL=1
USE_LUA=1 USE_ZLIB=1 USE_SYSTEMD=1
Feature list : +EPOLL -KQUEUE -MY_EPOLL -MY_SPLICE +NETFILTER -PCRE
-PCRE_JIT +PCRE2 +PCRE2_JIT +POLL -PRIVATE_CACHE +THREAD -PTHREAD_PSHARED
+REGPARM -STATIC_PCRE -STATIC_PCRE2 +TPROXY +LINUX_TPROXY +LINUX_SPLICE
+LIBCRYPT +CRYPT_H -VSYSCALL +GETADDRINFO +OPENSSL +LUA +FUTEX +ACCEPT4
-MY_ACCEPT4 +ZLIB -SLZ +CPU_AFFINITY +TFO +NS +DL +RT -DEVICEATLAS
-51DEGREES -WURFL +SYSTEMD -OBSOLETE_LINKER +PRCTL +THREAD_DUMP -EVPORTS
Default settings :
bufsize = 16384, maxrewrite = 1024, maxpollevents = 200
Built with multi-threading support (MAX_THREADS=64, default=24).
Built with OpenSSL version : OpenSSL 1.1.1f 31 Mar 2020
Running on OpenSSL version : OpenSSL 1.1.1f 31 Mar 2020
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2 TLSv1.3
Built with Lua version : Lua 5.3.3
Built with network namespace support.
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT
IP_FREEBIND
Built with zlib version : 1.2.11
Running on zlib version : 1.2.11
Compression algorithms supported : identity("identity"),
deflate("deflate"), raw-deflate("deflate"), gzip("gzip")
Built with PCRE2 version : 10.34 2019-11-21
PCRE2 library supports JIT : yes
Encrypted password support via crypt(3): yes
Built with the Prometheus exporter as a service
Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.
Available multiplexer protocols :
(protocols marked as <default> cannot be specified using 'proto' keyword)
h2 : mode=HTX side=FE|BE mux=H2
h2 : mode=HTTP side=FE mux=H2
<default> : mode=HTX side=FE|BE mux=H1
<default> : mode=TCP|HTTP side=FE|BE mux=PASS
Available services :
prometheus-exporter
Available filters :
[SPOE] spoe
[COMP] compression
[CACHE] cache
[TRACE] trace
```
### Last Outputs and Backtraces
```plain
Feb 19 16:49:58 localserver systemd[1]: Starting HAProxy Load Balancer...
Feb 19 16:49:58 localserver haproxy[33386]: [WARNING] 049/164958 (33386) :
parsing [/etc/haproxy/haproxy.cfg:38] : 'bind :::443' :
Feb 19 16:49:58 localserver haproxy[33386]: unable to load default 1024
bits DH parameter for certificate '/etc/haproxy/ssl-certs/cert.pem'.
Feb 19 16:49:58 localserver haproxy[33386]: , SSL library will use an
automatically generated DH parameter.
Feb 19 16:49:58 localserver haproxy[33386]: [WARNING] 049/164958 (33386) :
parsing [/etc/haproxy/haproxy.cfg:39] : The 'reqadd' directive is
deprecated in favor of 'http-request add-header' and will be removed in
next version.
Feb 19 16:49:58 localserver haproxy[33386]: [WARNING] 049/164958 (33386) :
parsing [/etc/haproxy/haproxy.cfg:45] : a 'redirect' rule placed after a
'use_backend' rule will still be processed before.
Feb 19 16:49:58 localserver haproxy[33386]: [WARNING] 049/164958 (33386) :
parsing [/etc/haproxy/haproxy.cfg:62] : the 'clitimeout' directive is now
deprecated in favor of 'timeout client', and will not be supported in
future versions.
Feb 19 16:49:58 localserver haproxy[33386]: [WARNING] 049/164958 (33386) :
parsing [/etc/haproxy/haproxy.cfg:63] : the 'srvtimeout' directive is now
deprecated in favor of 'timeout server', and will not be supported in
future versions.
Feb 19 16:49:58 localserver haproxy[33386]: [WARNING] 049/164958 (33386) :
parsing [/etc/haproxy/haproxy.cfg:64] : the 'contimeout' directive is now
deprecated in favor of 'timeout connect', and will not be supported in
future versions.
Feb 19 16:49:58 localserver haproxy[33386]: Proxy http started.
Feb 19 16:49:58 localserver haproxy[33386]: Proxy http started.
Feb 19 16:49:58 localserver haproxy[33386]: Proxy stats started.
Feb 19 16:49:58 localserver haproxy[33386]: [NOTICE] 049/164958 (33386) :
New worker #1 (33387) forked
Feb 19 16:49:58 localserver haproxy[33386]: Proxy stats started.
Feb 19 16:49:58 localserver systemd[1]: Started HAProxy Load Balancer.
Feb 19 16:49:58 localserver haproxy[33386]: Proxy show-403 started.
Feb 19 16:49:58 localserver haproxy[33386]: Proxy show-403 started.
Feb 19 16:49:58 localserver haproxy[33386]: Proxy letsencrypt started.
Feb 19 16:49:58 localserver haproxy[33386]: Proxy letsencrypt started.
Feb 19 16:49:58 localserver haproxy[33386]: Proxy nextcloud-http started.
Feb 19 16:49:58 localserver haproxy[33386]: Proxy nextcloud-http started.
Feb 19 16:49:58 localserver haproxy[33386]: Proxy plex-http started.
Feb 19 16:49:58 localserver haproxy[33386]: Proxy plex-http started.
Feb 19 16:49:59 localserver haproxy[33387]: [WARNING] 049/164959 (33387) :
Server plex-http/plex is DOWN, reason: Layer7 wrong status, code: 401,
info: "Unauthorized", check duration: 0ms. 0 active and 0 backup servers
left. 0 sessions active, 0 requeued, 0 remaining in queue.
Feb 19 16:49:59 localserver haproxy[33387]: [ALERT] 049/164959 (33387) :
backend 'plex-http' has no server available!
```
### Additional Information
_No response_
