redirect 301 multiple domain name haproxy - redirect

I have a lot of domain names (example.com, www.example.com, example.net, www.example.net, etc...).
How can I redirect all these domains with haproxy ?
For the moment, I am able to redirect domain name by domain name with :
redirect prefix http://www.example.com code 301 if { hdr(host) -i example.fr }
redirect prefix http://www.example.com code 301 if { hdr(host) -i www.example.fr }
But I'd like to have just one line with all my domain names...
Regards

Try an if statement that checks if the host is not www.example.com
redirect prefix http://www.example.com code 301 if !{ hdr(host) -i www.example.com }

Related

Haproxy redirect and fowarding the subdomain

I have an Haproxy server and I need when the user type any_word.registro.myserver.com.br on the browser, the Haproxy redirect to https://app2.otherserver.com.br/register/**any_word**
The any_word is a captcha (*.registro.myserver.com.br)
Today I have the following redirect that doesn't forward:
acl fqdn_register_all hdr_dom(host) -i registro.myserver.com.br
redirect prefix https://app2.otherserver.com.br/register code 302 if fqdn_register_all
How should i change the above code?
Best regards
this rule should do the work:
acl fqdn_register hdr_dom(host) -i registro.myserver.com.br
capture request header Host len 128
redirect prefix https://app2.otherserver.com.br/register/%[capture.req.hdr(0)] code 302 if fqdn_register
hope it helps.

Haproxy URL redirect

Using haproxy 2.0.13-2
Having an issue with ACL's and redirect
I want to ACL on stuff.xyz.com/mycrap.aspx and redirect that to junk.abc.com
As a test I have an
ACL acl_stuff hdr(host) -i stuff.xyz.com/junk.aspx
use_backend be_stuff if acl_stuff
backend be_stuff
stats enable
option forwardfor
http-response add-header X-Backend ohs1docker01
server ohs1docker01 ohs1docker01.def.com:80 check
However even the ACL with the backend isnt working. I hit that page and I get a 404 which leads me to believe the ACL is not getting hit so the traffic is not getting to the backend.
Im hoping someone can give me some direction on this
Looks like you want to use http-response redirect
http-response redirect code 301 location https://www.junk.abc.com if { hdr_beg(host) -i stuff.xyz.com }
The acl acl_stuff hdr(host) -i stuff.xyz.com/junk.aspx can't match because there is a mix of host and path.
To match host and path try this.
acl match_path path_beg /junk.aspx
acl match_host hdr_beg(host) -i stuff.xyz.com
http-response redirect code 301 location https://www.junk.abc.com if match_host match_path

HAProxy routes requests to wrong server

We are using HAProxy for our app. We have a separate server for site, API, docs and blog.
We have following HAproxy configurations
frontend http
mode http
bind *:80
redirect prefix https://www.kbook.com code 301 if { hdr(host) -i kbook.com }
redirect scheme https code 301 if { hdr(host) -i www.kbook.com } !{ ssl_fc }
redirect scheme https code 301 if { hdr(host) -i docs.kbook.com } !{ ssl_fc }
redirect scheme https code 301 if { hdr(host) -i api.kbook.com } !{ ssl_fc }
acl www hdr(host) -i www.kbook.com
acl docs hdr(host) -i docs.kbook.com
acl api hdr(host) -i api.kbook.com
acl blog path -i -m beg /blog
use_backend blog_server if www blog
use_backend site_server if www
use_backend api_server if api
use_backend docs_server if docs
frontend https
mode http
bind *:443 ssl crt /etc/ssl/live/wildcard_kbook.pem alpn h2,http/1.1
redirect prefix https://www.kbook.com code 301 if { hdr(host) -i kbook.com }
use_backend blog_server if { ssl_fc_sni -i www.kbook.com } { path -i -m beg /blog }
use_backend site_server if { ssl_fc_sni -i www.kbook.com }
use_backend api_server if { ssl_fc_sni -i api.kbook.com }
use_backend docs_server if { ssl_fc_sni -i docs.kbook.com }
HAProxy Version: 2.2.0-1ppa1~bionic
Issue:
When we access the site (www.kbook.com), it works sometimes. Sometimes it goes to blog server, says 404 not found. I expect "www.kbook.com" should always go to the site server.
This happens even to docs and API requests. Those requests are also going to the blog server sometimes.
HAproxy directs the requests to the wrong server. Why does it happen? is there any issue with configurations?
This was a bug in 2.2.0 and it should be fixed in 2.2.1

HAproxy redirect exact URL

Hi i need redirect only www.example.com/foo in foo.example.com, if try in this way:
redirect location http://foo.example.com code 301 if { path_beg /foo }
all /foo (include foo.example.com/foo) redirect to wrong URL, how can redirect only www.example.com/foo?
Thanks

haproxy redirect both scheme and location together

I need to redirect a specific http URL first to its equivalent https and then on to a completely different https URL (don't ask why I can't just redirect the original http straight to the final https URL, this is what the client wants and the client is always right!). Additionally I need to be able to redirect the original https to the different https too.
So, what I need is the ability to redirect http://foo.bar.com => https://foo.bar.com and then https://foo.bar.com => https://another.foobar.com, as well as redirecting https://foo.bar.com => https://another.foobar.com.
Currently to redirect just https://foo.bar.com => https://another.foobar.com I'm using this:
acl is_new_portal hdr(host) -i foo.bar.com
redirect location https://another.foobar.com code 302 if is_new_portal
with an initial bind on port 443, and I know to redirect http to https I would use:
redirect scheme https code 302 if !{ ssl_fc }
(using code 302 rather than 301 as eventually another.foobar.com will be removed, so I don't want the redirection permanently cached in clients' browsers)
but I need to be able to do both relocations, and I'm not sure how you combine the two?
I am not certain to understand if your issue is related to the binding or to the ACLs. You already have all the answers to your question. You can wrap them in a simple frontend:
frontend main
bind :80
bind :443 ssl crt yourCertFile
acl is_new_portal hdr(host) -i foo.bar.com
redirect scheme https code 302 if !{ ssl_fc } is_new_portal
redirect location https://another.foobar.com code 302 if { ssl_fc } is_new_portal
http-response set-header Strict-Transport-Security max-age=31536000;\ includeSubDomains;\ preload; if { ssl_fc }
The space between ACLs after the if is interpreted as a AND. So you will get something like:
redirect to https IF the host is foo.bar.com AND NOT using ssl
redirect to https://another.foobar.com IF the host is foo.bar.com AND using ssl