HAProxy - Forbid root path but allow subpaths

[Hunduster]

Hello everyone,

I am using a Proxmox Mail Gateway behind HAProxy.

This sends a spam report to the users once a day. The spam report contains a link that is structured something like this:

https://spamreport.domain.com/quarantine?ticket=hjdsah233eda35f4we5f4few

If the link is called up, the user ends up in his spam quarantine and the link changes statically to:

https://spamreport.domain.com/quarantine#pmgSpamQuarantine

My problem is that when someone accesses the top level domain https://spamreport.domain.com, the Proxmox Mailgateway login screen appears, which is also used for administration.

This login screen should not be accessible from the internet, as the users work with tickets as mentioned above.

I have already tried several things here to block only the root directory, unfortunately without success. According to Chat-GPT, the following REGEX would be the solution:

Code Select Expand

acl allow_quarantine path_reg -i ^/quarantine[?#].+
http-request allow if allow_quarantine
http-request deny


but unfortunately HA Proxy says that the synthax is wrong.

Does anyone have any advice on how to implement this?