How to enable the HAproxy statistics page in OPNsense

Step 1: Edit Global Settings

In the left-hand menu, go to Services , select HAPproxy and then and then Settings.

- Under the Settings tab, locate the Global Parameters
- Enable ' Advanced Mode' on the top left of the page
- Add or modify the following configuration line in the “Custom Options” field (on the bottom of the picture):
```
stats socket /var/run/haproxy.socket group proxy mode 775 level admin 
```
  This enables a UNIX socket for administrative purposes.

Step 2: Configure Statistics in Frontend Settings

- Go to Virtual Servers in the Top menu
- Click the + sign and add a new Public Service: 'StatsFrontend'
- In this frontend, configure it as follows:
  - Set Name: StatsFrontend
  - Set Listen Adressess: set to local IP address of OPNsense (e.g. 192.168.2.1) with the default port 8822
  - Set Type to default HTTP/HTTPS (SSL offloading) [default]
  - Scroll all the way down to “Advanced Settings”, add these lines in the “Option Pass-through” field:

- - ```
  stats enable
  stats uri /haproxy?stats
  stats realm Haproxy\ Statistics
  stats auth admin:password123
```
  Replace admin with your desired username and password with a strong password.
- Click on “Save” and then apply changes by clicking on “Apply”.

Step 2:3: Configure Firewall Rules

Allow Access to the Statistics Port:

Navigate to Firewall > Rules.

~~Select the appropriate interface (e.g.,~~> LAN ~~or WAN) where you want to allow access.~~

Create a new rule with these parameters:

Action: ~~Allow.~~Pass

Protocol: ~~TCP.~~

~~Source: Define specific IPs or networks allowed access (e.g., your management workstation’s IP).~~TCP

Destination: ~~The~~This ~~IP of your OPNsense instance running HAProxy.~~Firewall

Destination Port Range: ~~The~~Other ~~port~~and ~~you~~the ~~configured for statistics (e.g., 8404).~~

8822

Description:
~~Save~~Access ~~and~~the ~~Apply~~Statistics ~~Firewall~~page
~~Rule~~
Leave ~~Changes~~:
everything
else to the default values
Save the rule and click on “Apply Changes”.

Step 3:4: Test Access to the Statistics Page

Open a web browser from a device allowed by your firewall rules.

Enter the URL for accessing statistics, such as:

http://:8404/192.168.2.1:8822/haproxy?stats

Enter the username (admin) and password (password123) you configured earlier when prompted.

If everything is configured correctly, you should see HAProxy’s statistics page displaying real-time data about connections, backends, frontends, etc.