Skip to content

Webmin behind haproxy

After recent security updates, my webmin (now¬†1.903) served trough haproxy stopped working. Login page was not loading correctly…

Using opera developer tools I have debugged that index page is returned correctly, but then css and javascripts are requested but not returned correctly. No content was returned – request was endless. It seems there is some problem with gzip encoding between miniserv and haproxy?
Solution is disable gzip in webmin/miniserv.conf.



Other issue with webmin is login redirect problem. This can be fixed with this haproxy backend config:


backend webmin
mode http
option forwardfor
http-request set-header X-Forwarded-Port %[dst_port]
http-request set-header X-Forwarded-Proto https if { ssl_fc }
#fix stupid login redirect port problem
http-response replace-value Location (.*):.* \1
server webmin ssl verify none

frontend https
        bind *:443 ssl crt /etc/haproxy/ssl/ crt /etc/haproxy/ssl/ alpn h2,http/1.1
        use_backend apache if { hdr_dom(Host) -i }
        use_backend zabbix if { hdr_dom(Host) -i }
        use_backend cloud if { hdr_dom(Host) -i }
        use_backend webmin if { hdr_dom(Host) -i }
        use_backend avenger if { hdr_dom(Host) -i }
        http-response set-header X-SSL-Proxy haproxy
        default_backend apache

Webmin config shoud contain


1 thought on “Webmin behind haproxy”

  1. Thank-you for this, I was able to transpose the various settings into my setup that uses OPNsense that runs HAProxy and my Raspberry Pi 4 running Raspian and Webmin.

Leave a Reply

Your email address will not be published. Required fields are marked *