Home / server / Questions / 502443
In Process
MikeyB
Asked: 2013-04-25 18:12:02 +0800 CST

Ignore port numbers in haproxy host header matches

  • 772

Using haproxy-1.5, I have the following partial config:

    acl is_api hdr(host) -i api.example.com
    acl is_app hdr(host) -i app.example.com

Unfortunately, the above doesn't match a request that looks like:

GET / HTTP/1.1
Host: api.example.com:80

Far as I can tell, I need to do:

    acl is_api hdr(host) -i api.example.com
    acl is_api hdr(host) -i api.example.com:80
    acl is_app hdr(host) -i app.example.com
    acl is_app hdr(host) -i app.example.com:80

UGH. NO! HATE!

Is there a nicer way of doing this? Can I just tell haproxy to ignore the port in the host header?

haproxy

2 Answers

  1. You might be able to get this to work by checking hdr_dom (https://code.google.com/p/haproxy-docs/wiki/MatchingLayer7) instead of hdr:

    acl is_api hdr_dom(host) -i api.example.com
acl is_app hdr_dom(host) -i app.example.com

    Just be careful because I believe this would also match things like "otherstuff.api.example.com".

    • 8

  2. To solve this problem, I've used this on the frontend:

    http-request set-header host %[hdr(host),field(1,:)]

    This won't match extraneous URLs and doesn't rely on a regular expression.

    From https://discourse.haproxy.org/t/strip-port-in-host-header/4414/10

    • 0