I did a quick fix by adding a rule in haproxy public horizon :
frontend horizon_external_front mode http http-request del-header X-Forwarded-Proto use_backend acme_client_back if { path_reg ^/.well-known/acme-challenge/.+ } option httplog option forwardfor http-request set-header X-Forwarded-Proto https if { ssl_fc } bind XXXXXXXX:443 ssl crt /etc/haproxy/haproxy.pem default_backend horizon_external_back + http-request deny if { path -i -m beg /server-status }
I did a quick fix by adding a rule in haproxy public horizon :
frontend horizon_ external_ front known/acme- challenge/ .+ } haproxy. pem external_ back
mode http
http-request del-header X-Forwarded-Proto
use_backend acme_client_back if { path_reg ^/.well-
option httplog
option forwardfor
http-request set-header X-Forwarded-Proto https if { ssl_fc }
bind XXXXXXXX:443 ssl crt /etc/haproxy/
default_backend horizon_
+ http-request deny if { path -i -m beg /server-status }