I recently had to prove ownership of a web domain at work. The suggested process was easy enough: Present a web page with your company name, and a way to send a mail to an address on the given domain. Now we do have a few web services running, but I didn’t want to mess with those. However, most things we present to the internet exist behind a HAProxy pair. That’s kinda-sorta a web server, isn’t it? Could we use its standard behavior to present a web page? Sure we can!
HAProxy has a feature to present custom error messages: It’s simply a hard-coded HTTP stream, so it’s lightning fast to serve, and any browser can interpret it into a web page. Let’s build one just for kicks:
HTTP/1.0 200 Found
Cache-Control: no-cache
Connection: close
Content-Type: text/html
<html>
<head><!--Just a test.--></head>
<body>
<h1>A fancy-schmancy header</h1>
<p>Hello world!
</body>
</html>
So how do we present this page? Elementary: We cause an error. Not finding a backend server should trigger a 503, for example, so let’s go with that:
(...)
frontend defaultlistener
(...)
use_backend bk_mystaticpage if { hdr(Host) -i hostname.mydomain.com }
backend bk_mystaticpage
mode http
errorfile 503 /etc/haproxy/errors/testpage.http
See how the backend definition doesn’t point at any servers? Instant 503. Et voilĂ : Our load balancer is now a rudimentary web server.