Self hosted website only works when this firewall rule is enabled

so i followed the guide with For HAProxy and Let’s Encrypt on pfSense for more securely access to a self hosted website.
the website running on a virtual machine built on my TrueNas with HAproxy configured on pfsense
one of the thing that bothers me is that i can only access the website when this firewall rule is enabled:
firewall rules
when i typing my public ip address on the address bar i see this
image 2
its very suspicius to me and im concern that my traffic is exposed to anyone.
is it should be like that? i searched for this and i didnt find any answer
so i like some help from the experts
what do you guys think?

Easy to test that on your phone over a mobile network, whatever you can see with that rule enabled everyone else can see. No idea about the rest to get Let’s Encrypt to work with your setup.

How is that different from the expected result? Obviously, if you disable the firewall rule that allows access to the web server, the web server can no longer be reached. I see no problem here.

When you enter the IP address directly, you are served an error message from the proxy. This is also expected. The proxy expects you to use the domain name since there could potentially be multiple websites with different domain names available from the same IP address.

2 Likes