Below is my config sample. Can you please help me where should fix required.
global maxconn 20000 # Total Max Connections. This is dependent on ulimit daemon nbproc 8 # Number of processing cores. Dual Dual-core Opteron is 4 cores for example. #log 127.0.0.1 local0 #log 127.0.0.1 local1 notice log /dev/log local1 info log /dev/log local1 notice user apache-user group apache-user ssl-default-bind-options no-sslv3 no-tls-tickets ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS tune.ssl.default-dh-param 2048 defaults log global option httplog option redispatch mode http maxconn 25000 timeout connect 1200000 timeout client 1200000 timeout server 1200000 timeout http-request 1200000 timeout tarpit 1200000 listen stats bind 10.100.22.30:1234 stats enable maxconn 10 # Total Max Connections. This is dependent on ulimit stats auth user:password mode http stats uri /cl?welcome stats admin if TRUE backend my_cluster_mycom mode http option forwardfor fullconn 10000 option httpchk /test-alive option http-server-close option abortonclose #cookie ssid insert indirect nocache balance leastconn #server server0320 10.100.3.20:8080 weight 1 maxconn 512 check cookie t0320 check port 8080 inter 10s rise 3 fall 3 minconn 500 maxconn 3000 maxqueue 300 slowstart 15s #server server3320 10.100.33.20:8080 weight 1 maxconn 512 check cookie t3320 check port 8080 inter 10s rise 3 fall 3 minconn 500 maxconn 3000 maxqueue 300 slowstart 15s frontend loadbalancer_mycom bind 10.100.22.30:80 errorfile 400 /var/www/html/my_custom_error.html errorfile 403 /var/www/html/my_custom_error.html errorfile 503 /var/www/html/my_custom_error.html errorfile 502 /var/www/html/my_custom_error.html errorfile 504 /var/www/html/my_custom_error.html #default_backend my_cluster_mycom mode http acl correctdomain hdr(host) -i www.my.com my.com www.in.my.com redirect location https://origin-images.my.com/static/resize/geo/index1.php code 301 if correctdomain redirect scheme https if !{ ssl_fc } #acl reg_page path_reg ^$|^/$ #acl home_redirect path_beg -i /null /null/ frontend loadbalancer_mycom_https bind 10.100.22.30:443 ssl crt /home/apache-user/sslcert/my_com_2018.pem force-tlsv12 errorfile 400 /var/www/html/my_custom_error.html errorfile 403 /var/www/html/my_custom_error.html errorfile 503 /var/www/html/my_custom_error.html errorfile 502 /var/www/html/my_custom_error.html errorfile 504 /var/www/html/my_custom_error.html #default_backend my_cluster_mycom mode http compression algo gzip compression type text/html text/plain text/css image/png image/gif image/jpeg application/x-javascript text/xml application/xml application/xhtml+xml application/x application/javascipt image/jpg maxconn 20000 monitor-uri /haproxy_test timeout client 500000 option forwardfor except 10.100.22.30 capture request header True-Client-IP len 64 capture request header X-Forwarded-For len 15 capture request header Referer len 50 acl block path_beg -i /callcenter /hystrix.stream acl block path_sub -i /callcenter /hystrix.stream acl block_url path -i /go/world/investors /go/world/board /go/world/press acl block1 path_beg /itzlogin acl ip src 182.72.140.46 182.72.142.42 115.248.68.169 124.124.65.57 115.111.218.26 http-request deny if block !ip http-request deny if block_url http-request deny if block1 reqadd X-Forwarded-Proto:\ https acl being_scanned1 path_beg -i /visa acl being_scanned2 path_beg -i /citibank #acl being_scanned3 path_beg -i /mobileapp acl correctdomain hdr(host) -i www.my.com my.com www.in.my.com acl mycom_host hdr(Host) -i in.my.com acl originmycom_host hdr(Host) -i origin-in.my.com acl originmycom_robots path_sub -i /robots.txt acl originmycom_analytics path_sub -i /analytics.txt <BACKENDS> On Sat, Mar 9, 2019 at 12:58 PM Ciprian Dorin Craciun < ciprian.crac...@gmail.com> wrote: > On Sat, Mar 9, 2019 at 9:06 AM DHAVAL JAISWAL <dhava...@gmail.com> wrote: > > While doing network scan its showing internal IP disclosure > vulnerability. This internal IP is of ELB and not the HA proxy server. > > > > It is showing vulnerability on port 80. Following are the steps for > reproduce. > > > > Can some one help me to fix this? > > > Based on the source code of that script the leak seems to be based on > the `Location` header used in redirecting HTTP to HTTPS: > ( https://svn.nmap.org/nmap/scripts/http-internal-ip-disclosure.nse ) > > > However that happens only when the client doesn't send the `Host` header: > > printf 'GET / HTTP/1.0\r\n\r\n' \ > | socat stdio tcp:viacom-214916319.ap-south-1.elb.amazonaws.com:80 > > > Could you perhaps take a look at the HAProxy configuration where > you're doing HTTPS redirects? > > > Ciprian. > -- Thanks & Regards Dhaval Jaiswal
