Block all other url's in HAPROXY

Question

I have a couple of rules defined in HAPROXY

acl want_server_oa path_dir ServerOA    
acl serveroa_avail nbsrv(ServerOA) ge 1
use_backend ServerOA if want_server_oa serveroa_avail 

acl is_root hdr_dom(host) -i mydomain.com
use_backend domainRoot if is_root

The first 3 rules were setup to route traffic to a certain subdomain

mydomain.com/ServerOA/

And the next 2 rules to route traffic to just

mydomain.com/

This works as expected. However, if I type in

mydomain.com/anypath/

It gives me a tomcat 404. I suspect the second set of rules match and forward traffic to tomcat which then returns a 404.

Based on the documentation, I did try defining some acls for blocking all other paths which didn't quite work (configuration wasn't accepted when starting haproxy).

block unless METH_GET or METH_POST want_server_oa
block unless METH_GET or METH_POST is_root

Any help would be much appreciated.

Answer 1

You must explicitly define the items you allow to be accessible under the root "mydomain.com/" and subfolders then block all others. (Shouldn't be a lot, right?)

acl want_server_oa path_beg /ServerOA
acl allow_html path_reg -i /.*\.html
acl allow_styles path_reg -i /css/.*\.css
block unless METH_GET want_server_oa or METH_POST want_server_oa or METH_GET allow_html or METH_POST allow_html or METH_GET allow_styles or METH_POST allow_styles

Additional note: You can check if your configuration have any errors by using the haproxy -c command. Like so:

haproxy -f /etc/haproxy/haproxy.cfg -c