Actually
deny if url_hastats !location_trusted !magic_cookie_trusted
You could have another backend with a go away message and use_backend that
rather than deny
On 22 Apr 2015 03:54, "CJ Ess" wrote:
> Very cool, thank you for the snippets!
>
> On Tue, Apr 21, 2015 at 6:55 PM, Neil - HAProxy Lis
Very cool, thank you for the snippets!
On Tue, Apr 21, 2015 at 6:55 PM, Neil - HAProxy List <
maillist-hapr...@iamafreeman.com> wrote:
> heres are some relevent snips
> I run this in with same address as the service
>
> frontend SSL
> ...
> acl url_hastats url_beg /hastats
> acl locat
heres are some relevent snips
I run this in with same address as the service
frontend SSL
...
acl url_hastats url_beg /hastats
acl location_trusted src 123.123.123.0/24
acl magic_cookie_trusted hdr_sub(cookie)
magicforthissiteonly=foobar_SHA1value_etc
use_backend hastats if url
Hello
Yep there is
Have a frontend
Send say /hastats to a hastats backend
have the backend have its stats URL be /hastats too
Set the acls in the frontend
I'll post a config example in a bit.
Neil
On 21 Apr 2015 20:09, "CJ Ess" wrote:
> Is there a way to setup an ACL for the haproxy stats
Is there a way to setup an ACL for the haproxy stats page? We do have
authentication set up for the URL, but we would feel better if we could
limit access to a white list of local networks. Is there a way to do that?
5 matches
Mail list logo
