app-root config key configures the root path redirect in haproxy frontend. https redirect however is configured in the backend. Because of that haproxy is redirecting from the root path to the application path in plain http, before redirecting to https. This is not a good approach because it makes security scanners infer that the application does not have a secure proxy.
This update adds a https redirect before the application redirect, in the case the root path of the host renders its ssl-redirect to true.
jcmoraisjr
commented
2 months ago
app-rootconfig key configures the root path redirect in haproxy frontend. https redirect however is configured in the backend. Because of that haproxy is redirecting from the root path to the application path in plain http, before redirecting to https. This is not a good approach because it makes security scanners infer that the application does not have a secure proxy.This update adds a https redirect before the application redirect, in the case the root path of the host renders its ssl-redirect to true.