Comment 1 for bug 1996913

I did a quick fix by adding a rule in haproxy public horizon :

frontend horizon_external_front
    mode http
    http-request del-header X-Forwarded-Proto
    use_backend acme_client_back if { path_reg ^/.well-known/acme-challenge/.+ }
    option httplog
    option forwardfor
    http-request set-header X-Forwarded-Proto https if { ssl_fc }
    bind XXXXXXXX:443 ssl crt /etc/haproxy/haproxy.pem
    default_backend horizon_external_back
+ http-request deny if { path -i -m beg /server-status }