Setting up authentication for HAProxy frontend

I’m trying to figure out how to add user authentication to my HAProxy setup. I’ve got a frontend called web_crawler listening on port 4000. Here’s what my config looks like right now:

frontend web_crawler
    bind *:4000
    mode http
    log global
    default_backend crawler_backend
    option httplog
    option http_proxy

I can use it like this:

curl -v --proxy 'http://localhost:4000' example.com/status

But I want to make it secure with a username and password, like:

curl -v --proxy 'http://user:pass@localhost:4000' example.com/status

How do I change my /etc/haproxy/haproxy.cfg to make this work? I’m new to HAProxy and could really use some help. Thanks!

To add user authentication to your HAProxy frontend, you’ll need to modify your configuration file. Here’s how you can achieve this:

Create a userlist in your global section:
userlist proxy_users
user myuser password mypassword

Modify your frontend section:
frontend web_crawler
bind *:4000
mode http
log global
default_backend crawler_backend
option httplog
option http_proxy
acl auth_ok http_auth(proxy_users)
http-request auth realm Proxy if !auth_ok

This setup creates a userlist and adds an authentication check to your frontend. The ‘acl auth_ok’ line checks if the provided credentials match those in the userlist. The ‘http-request auth’ line prompts for authentication if the check fails.

Remember to restart HAProxy after making these changes. This should allow you to use the proxy with authentication as you described.

hey, u can try using Basic Auth in HAproxy. add this to ur frontend:

acl auth_ok http_auth(users)
http-request auth unless auth_ok

then make a userlist:

userlist users
user bob insecure-password 123

restart haproxy n it should work. GL!