HAProxy-将一个域的流量重定向到https，将其他域的流量重定向到仅http

Question

I am using dedicated servers to host 4 domains and 3 subdomains on Centos & WHM. Recently planned to use HAProxy for load balancing between them.

What I am trying to achieve is to redirect all the traffic of one particular domain to https using HAProxy configuration on frontend because I am terminating the SSL of that one particular domain at HAProxy.

here's what i have used

frontend www-https
    bind haproxy_www_public_IP:443 ssl crt /etc/ssl/private/example.com.pem
    reqadd X-Forwarded-Proto:\ https
    default_backend www-backend


backend www-backend
    redirect scheme https if !{ ssl_fc }
    server www-1 www_1_private_IP:80 check
    server www-2 www_2_private_IP:80 check

I have googled for solution but most of the solution available are telling to redirect all the traffic to https or http.

Answer 1

If I understand correctly, you want one domain (in the configuration below it is httpsonlydomain.com ) to only be accessible by https and all http requests to that domain get forwarded onto https. For the other domains they can work by either http or https with no forwarding. Finally I have assume that all four domains (including httpsonlydomain.com ) will use the www-backend backend.

If that is the case then this should do the trick:

frontend www-http
    bind haproxy_www_public_IP:80
    acl https_domain hdr(host) -i httpsonlydomain.com
    redirect scheme https if !{ ssl_fc } https_domain
    default_backend www-backend

frontend www-https
    bind haproxy_www_public_IP:443 ssl crt /etc/ssl/private/example.com.pem
    default_backend www-backend

backend www-backend
    server www-1 www_1_private_IP:80 check
    server www-2 www_2_private_IP:80 check

Hope that helps.