Deny access to URI in HAproxy - haproxy

I want to deny access for few URI for eg:- /info/some. below is the config i am using but still getting 200 when doing curl.
acl bl_info path,url_dec -m beg -i /info/some
acl bl_para path,url_dec -m beg -i /param/some
http-request deny if bl_para
http-request deny if bl_info
Please suggest what is wrong here and what i should do ? Thanks in advance

I believe you are looking for something like this
acl restricted_paths path -m beg -i /info/some /param/some
http-request deny if restricted_paths

Related

haproxy - URL redirect with same path

i need redirect http://example1.com/goofy in http://example2.com/goofy, I already use this line:
redirect location http://example2.com code 301 if { hdr(host) -i example1.com }
In this way if I go on http://example1.com/goofy I am redirect to http://example2.com and not http://example2.com/goofy, can anyone help me?
Thanks
Using pathq fetch from haproxy 2.2 will do this nicely:
redirect location http://example2.com%[pathq] code 301 if { hdr(host) -i example1.com }
https://cbonte.github.io/haproxy-dconv/2.2/configuration.html#7.3.6-pathq

How to print wget output to a file

I'm trying to print http headers to a text file. I tried :
wget -S --spider -O SESSIONS.txt 'mysite.com'
wget -S --spider 'mysite.com' > SESSIONS.txt
In both cases SESSIONS.txt remains empty. why?
"--spider" option does not download anything.
You can try this -
wget -S --spider -q mysite.com 2>Sessions.txt
This will save only the headers to "Sessions.txt"
However, you will have to use echo and other commands to figure out which request generated which headers.
Or, you can remove the -q option and then parse the file to remove unnecessary lines.
Another way is to use "curl -I". However, this sends a HEAD request instead of a GET request. So, it will only work if the server supports and responds to HEAD requests.

Yii2 cannot reach the backend part

I really don't get it how can i get to that backend .. How i installed the advanced template is like the way they show it in the official site : http://www.yiiframework.com/download/ . Everything step by step. When i try frontend.dev (in my case eshop) i am redirected to the front end part but when i try backend.dev(in my case eshop/admin) i am also redirected to the frontend.
This is my host file:
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
# 127.0.0.1 modules
127.0.0.1 eshop
127.0.0.1 eshop/admin
0.0.0.1 mssplus.mcafee.com
And the vhost.conf:
<VirtualHost *:80>
ServerName eshop
DocumentRoot "C:/xampp/htdocs/eshop/frontend/web/"
<Directory "C:/xampp/htdocs/eshop/frontend/web/">
# use mod_rewrite for pretty URL support
RewriteEngine on
# If a directory or a file exists, use the request directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Otherwise forward the request to index.php
RewriteRule . index.php
# use index.php as index file
DirectoryIndex index.php
# ...other settings...
# Apache 2.4
Require all granted
## Apache 2.2
# Order allow,deny
# Allow from all
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName eshop/admin
DocumentRoot "C:/xampp/htdocs/eshop/backend/web/"
<Directory "C:/xampp/htdocs/eshop/backend/web/">
# use mod_rewrite for pretty URL support
RewriteEngine on
# If a directory or a file exists, use the request directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Otherwise forward the request to index.php
RewriteRule . index.php
# use index.php as index file
DirectoryIndex index.php
# ...other settings...
# Apache 2.4
Require all granted
## Apache 2.2
# Order allow,deny
# Allow from all
</Directory>
</VirtualHost>
Where is my mistake ? A lot of thanks in advance!
Using a slash (/) in hostname is illegal, as it is defined in RFC 952. Therefore in the URL "http://eshop/admin" the server name is "eshop" and apache is using of course your first virtual server setting.
Summarized, your idea will never work. You should use eshop-admin as server name.

Tshark filtering http/https get request

i need to see only HTTP GET requests HOST once (only the webpage), only from defined source ip, not other information/data.
The first request to that url.
For example:
The first packet what goes from client to server.
GET / HTTP/1.1\r\n
What filters should i add? I have tried few, but still get too much information/data...
Is there any possibilities to look HTTPS first request packet too? To see where the client is sending the request?
If you're on a Un*x platform, you could try something like:
tshark -r file.pcap -Y 'ip.src == 1.2.3.4 and http.request.method == "GET"' -T fields -e http.request.method -e http.request.version -e http.request.uri | head -n 1
... or maybe you want to use http.request.full_uri instead of http.request.uri?
If you're on Windows, you may need to install Cygwin coreutils in order to use head, and you may have to quote things a bit differently, e.g.:
tshark -r file.pcap -Y "ip.src == 1.2.3.4 and http.request.method == \"GET\"" -T fields -e http.request.method -e http.request.version -e http.request.uri | head -n 1
For https, you'll need to decrypt the SSL. You can read how to do that on the Wireshark SSL wiki page.

redirecting index.html to the root using httpd.conf

I tried to redirect all index.html to root folder by configuring Apache webserver httpd.conf using settings below. It's able to redirect successfully, however it keeps pointing to testsite.com// instead of testsite.com/. Any idea why it kept forwarding to the url with 2 slash '/'? Appreciate your advice, Thanks!
RewriteEngine On
RewriteRule ^index\.html$ / [R=301,L]
RewriteRule ^(.*)/index\.html$ $1 [R=301,L]
Remove that monstrosity and use:
DirectoryIndex index.html
also for missing resources:
FallBackResource /index.html