DEV Community

loading...
Cover image for HAProxy Basic Login Authentication

HAProxy Basic Login Authentication

vumdao profile image Vu Dao ・2 min read

- In haproxy config, there is no limit to the number of http-request statements per instance so we can add the rules to request basic login to the site but whitelist specials IPs


🚀 Setup HAProxy config which contains basic login to access the dashboard and allow access for special resource IP

  • Generate haproxy encrypted password
printf "thepassword" | mkpasswd --stdin --method=sha-256
Enter fullscreen mode Exit fullscreen mode
  • Modify haproxy.cfg which allow access for requests from source 18.69.61.21 but requires login for others
userlist AuthUsers
        user haproxyreport password $5$3VeorK1XxvgRseQ$VBkOPCY2enWZsas.C6X9Iif0FPHDknXXXXXXXXX

frontend fe-verify
        bind *:443 ssl crt /etc/certs

        acl haproxy_report hdr(host) haproxy-report.cloudopz.co

        http-request set-header X-Forwarded-Proto https if { ssl_fc }
        use_backend haproxy-report-backend if haproxy_report

# haproxy-report-backend
backend haproxy-report-backend
        acl authorized http_auth(AuthUsers)
        acl nagios src 18.69.61.21
        http-request allow if nagios
        http-request auth realm haproxyreport if !authorized
        server haproxy-report 127.0.0.1:1800
Enter fullscreen mode Exit fullscreen mode

More about haproxy

Reference

🌠 Blog · Github · Web · Linkedin · Group · Page · Twitter 🌠

Discussion (0)

pic
Editor guide