pfSense Support Subscription

Author Topic: HaProxy with Offloading - unable to login to web site  (Read 195 times)

0 Members and 1 Guest are viewing this topic.

Offline cjbujold

  • Full Member
  • ***
  • Posts: 140
  • Karma: +3/-0
    • View Profile
HaProxy with Offloading - unable to login to web site
« on: November 17, 2017, 12:32:21 pm »
Implemented Haproxy with SSL offloading with the backend web site being http. The web site works properly (wordpress) until I try to login.  The login screen reverts to a redirect which does not work.   Is there a way to fix this?

https://www.abc.com/wp-login.php?redirect_to=http%3A%2F%2Fwww.abc.com%2Fwp-admin%2F&reauth=1

Thanks

cjb

Offline battman

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: HaProxy with Offloading - unable to login to web site
« Reply #1 on: November 17, 2017, 12:55:03 pm »
You can try this
https://trick77.com/prevent-ssl-redirect-loop-using-wordpress-and-haproxy/

If that doesn't work try this: (dislaimer...not sure where I got this from, so use at your own risk, not that it's doing anything malicious)
Code: [Select]
/** wp-config.php */
/** FIX FOR HTTPS BEHIND A SSL OFFLOADING LOAD BALANCE */
$found = false;
foreach (getallheaders() as $name => $value) {
    //echo "$name: $value<br>";
    if ($name == 'X-Forwarded-Proto') {
        if ($value == 'https') {
          $_SERVER['HTTPS'] = 'on';
        } else {
            header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], true, 301);
            die();
        }
        $found = true;
        break;
    }
}
if ($found === false) {
  $oops=http_response_code(404);
}

Offline cjbujold

  • Full Member
  • ***
  • Posts: 140
  • Karma: +3/-0
    • View Profile
Re: HaProxy with Offloading - unable to login to web site
« Reply #2 on: November 21, 2017, 01:57:40 pm »
Where do I enter (screen in pfsense haproxy) the code

reqadd X-Forwarded-Proto:\ https

I am not seeing how or where I specify this setting, I'm using PFsense 2.4.1 and Haproxy 0.52_14

Thanks

cjb

Offline battman

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: HaProxy with Offloading - unable to login to web site
« Reply #3 on: November 21, 2017, 05:51:12 pm »
I dont have the the 2.4.x version on my pfSense boxes that use ha_proxy, but....
 I would venture a guess that on your front end, in Advanced pass-thru box - under Advanced settings.

Your GUI may be a bit different.  You'll need to see what's available to you.


Offline PiBa

  • Hero Member
  • *****
  • Posts: 787
  • Karma: +128/-1
  • PiBa-NL(on IRC)
    • View Profile
Re: HaProxy with Offloading - unable to login to web site
« Reply #4 on: November 22, 2017, 12:24:52 pm »
The 'Use "forwardfor" option' in the frontend might help?

Otherwise use a 'action' to perform a "http-request header set" with name: X-Forwarded-Proto and fmt: https