HAProxy Basic Login Authentication

Generate haproxy encrypted password

printf "thepassword" | mkpasswd --stdin --method=sha-256

Modify haproxy.cfg which allow access for requests from source 18.69.61.21 but requires login for others

userlist AuthUsers
        user haproxyreport password $5$3VeorK1XxvgRseQ$VBkOPCY2enWZsas.C6X9Iif0FPHDknXXXXXXXXX

frontend fe-verify
        bind *:443 ssl crt /etc/certs

        acl haproxy_report hdr(host) haproxy-report.cloudopz.co

        http-request set-header X-Forwarded-Proto https if { ssl_fc }
        use_backend haproxy-report-backend if haproxy_report

# haproxy-report-backend
backend haproxy-report-backend
        acl authorized http_auth(AuthUsers)
        acl nagios src 18.69.61.21
        http-request allow if nagios
        http-request auth realm haproxyreport if !authorized
        server haproxy-report 127.0.0.1:1800

More about haproxy

How To Set HTTP-Request Header In Haproxy
How To Block IP Addresses In HAProxy
HAProxy With Resolvers In Case Of AWS Application LoadBalancer
Use GoAccess To Analyze HAProxy Logs

Reference

HAProxy Basic Login Authentication

Blog · Github · Web · Linkedin · Group · Page · Twitter

Comments

More from this blog

Single-Sign-On By Vouch Proxy And AWS Cognito

FastApi With AWS Serverless powered by CDK Typescript

Amazon ECS Farget with Blue-Green Deployments by CDK Typescript - Part 2

Hands-on Amazon ECS for Blue-Green Deployments With CDK Typescript - Part 1

Manage IAM Access Key Of AWS Service Connection In Azure Devops Pipeline

Command Palette

In haproxy config, there is no limit to the number of http-request statements per instance so we can add the rules to request basic login to the site but whitelist specials IPs

🚀 Setup HAProxy config which contains basic login to access the dashboard and allow access for special resource IP

Blog · Github · Web · Linkedin · Group · Page · Twitter

Comments

More from this blog