> Am 08.11.2023 um 21:29 schrieb Shawn Heisey <elyog...@elyograg.org>: > > On 11/8/23 10:11, Christoph Kukulies wrote: >> frontend web80 >> bind 0.0.0.0:80 name web80 >> default_backend be-local-81 > > Normally you definitely would not want this in your production config... > typically any request coming in on port 80 should be redirected to https > without ever being sent to a backend webserver. > Hi Shawn, thanks. I was aware of this, of course. Just wanted to use it to verify the bind quic4 syntax, my haproxy was failing upon, for now known reasons (wrong binary on my side). But thanks again for explaining and supporting. -- Christoph > That config is only useful as-is for my CI pipeline. I have updated it so > it's much more in line with how my production setup is configured. This is > how I configure port 80: > > frontend web80 > description Redirect to https > bind 0.0.0.0:80 name web80 > redirect scheme https > default_backend be_deny > > backend be_deny > description Back end with no servers that denies all requests. > no log > log 127.0.0.1 len 65535 format rfc5424 local0 notice err > http-request deny > > Thanks, > Shawn > >
smime.p7s
Description: S/MIME cryptographic signature
