Unfortunately, that did not solve all the problems that proxypass and
proxypassreverse does in Apache's mod_proxy. It may be an artifact of
how we do our internal load balancing, but the information Baptiste sent
me about mirroring the proxypass rules here:
http://blog.haproxy.com/2014/04/28/h
we use "redirect scheme https code 301 if !{ ssl_fc }" on our SSL-only
backends, many of which are accessed by multiple hostnames. if i understand
correctly what you're trying to accomplish, i think that should do the
trick?
On Wed, May 27, 2015 at 8:38 AM Sean Patronis wrote:
> I have another q
I have another question to add to the mix. While attempting to
mirror the proxypass and proxypassreverse capabilities of Apache's
mod_proxy and force https connections across everything through haproxy,
I have run into a small snag and want to try and work around it.
We have multiple front
Hi Sean!
You're welcome :)
I still have in my TODO list to contact you about your AVI network experience ;)
Talk to you soon.
Baptiste
On Wed, Mar 18, 2015 at 7:06 PM, Sean Patronis wrote:
> Baptiste,
>
> Thanks for the links, I had run across them earlier this morning in my
> google searchin
Baptiste,
Thanks for the links, I had run across them earlier this morning in my
google searching, but your post made me pay more attention to them... I
have it working now, and the trick that seemed to do it for me was
making all the paths absolute (since I am forcing https anyhow, and each
Hi Sean,
You may find some useful information here:
http://blog.haproxy.com/2014/04/28/howto-write-apache-proxypass-rules-in-haproxy/
and here:
http://blog.haproxy.com/2013/02/26/ssl-offloading-impact-on-web-applications/
Baptiste
On Wed, Mar 18, 2015 at 3:39 PM, Sean Patronis wrote:
> Th
Thanks for the link. That looks promising, but testing did not change
anything and I am waiting on the developers to give me some indication
of what headers they may expect. Maybe we can tackle this a different
way since we know it works in apache. I am attempting to replace the
following Vi
Hi,
Le 17/03/2015 20:42, Sean Patronis a écrit :
Unfortunately that did not fix it. I mirrored your config and the
problem still exists. I am not quite sure how the URL is getting built
on the backend (the developers say it is all relative URL/URI), but
whatever haproxy is doing, it is doing i
Unfortunately that did not fix it. I mirrored your config and the
problem still exists. I am not quite sure how the URL is getting built
on the backend (the developers say it is all relative URL/URI), but
whatever haproxy is doing, it is doing it differently than apache (with
mod_proxy). Jus
Hi Sean,
I've got a setup that is somewhat like what you are after. I have
however, done it in a very dirrerent way for this very same reason.
Example below:
global
log /dev/log local4 debug
maxconn 4096
daemon
tune.ssl.default-dh-param 2048
ssl-defaul
10 matches
Mail list logo