2025-11-03 14:35:20 +01:00
1 changed files with 10 additions and 10 deletions
--- a/utils/haproxy_config.py
+++ b/utils/haproxy_config.py
@@ -115,16 +115,7 @@ def update_haproxy_config(frontend_name, frontend_ip, frontend_port, lb_method,
                haproxy_cfg.write(f" ssl crt {ssl_cert_path}")
            
            haproxy_cfg.write("\n")
-            
-            # Mode
-            haproxy_cfg.write(f"    mode {protocol}\n")
-            
-            # ===== HOSTNAME ACL =====
-            acl_name_sanitized = None
-            if frontend_hostname:
-                acl_name_sanitized = f"is_{sanitize_name(frontend_hostname)}"
-                haproxy_cfg.write(f"    acl {acl_name_sanitized} hdr(host) -i {frontend_hostname}\n")
-            
+
            # ===== HTTP-REQUEST RULES (BEFORE REDIRECT) =====
            
            if is_no_lb:
@@ -138,7 +129,16 @@ def update_haproxy_config(frontend_name, frontend_ip, frontend_port, lb_method,
                
                if forward_for:
                    haproxy_cfg.write(f"    option forwardfor\n")
+
+            # Mode
+            haproxy_cfg.write(f"    mode {protocol}\n")
            
+            # ===== HOSTNAME ACL =====
+            acl_name_sanitized = None
+            if frontend_hostname:
+                acl_name_sanitized = f"is_{sanitize_name(frontend_hostname)}"
+                haproxy_cfg.write(f"    acl {acl_name_sanitized} hdr(host) -i {frontend_hostname}\n")
+        
            # DOS protection (BEFORE REDIRECT!)
            if is_dos:
                haproxy_cfg.write(f"    stick-table type ip size 1m expire {ban_duration} store http_req_rate(1m)\n")