Enable the input field to add your own security gate settings for a specific back-end group.
A security gate resource consists of a resource identifier (key) and a value. If the reserved value _UNDEFINED_ (without quotes!) is used, the resource is removed from the resource table. The security gate then operates as if the resource had never been set.
In the following example, a custom BackendConnectTimeout and the TLS version that is used for the back-end group are configured.
To use a custom connection timeout for this back-end group:BackendConnectTimeout "10"
To use TLS v1.2 for this back-end group: BackendSSLVersion "TLSv1.2"
Dynamic back-end group selection uses HTTP headers Host of requests to select the correct back-end group for routing. The HTTP header Host has to be set as Client Host Header Pattern condition on the Basic tab of each Back-end Group for the selection.
Path:
Back-end Group element >> tab Basic >> section Conditions
An additional priority value can be configured (low number = high priority).
A single Client Host Header Pattern is sufficient for most use cases. However, additional selection conditions can be required, i.e. for requests that carry the same Host header but should be routed to different back-end groups, additional HTTP headers in the Expert Settings must be configured.
Additional HTTP header types for back-end group selection can be added for each back-end group but also globally.
Selector.RequestHeader.{N}.Name.Pattern "{NamePattern}"
Selector.RequestHeader.{N}.Name.IgnoreCase "TRUE"
Selector.RequestHeader.{N}.Name.InvertPattern "FALSE"
Selector.RequestHeader.{N}.Value.Pattern "{ValuePattern}"
Selector.RequestHeader.{N}.Value.IgnoreCase "TRUE"
Selector.RequestHeader.{N}.Value.InvertPattern "FALSE"
Client Host Header Pattern and additional Expert Settings header patterns are logically AND-linked. The first back-end group that matches will be used.