acl example_domains var(req.hdr_host) -m str example.com
    acl example_domains2 var(req.hdr_host) -m str example.org www.example.org
    ### acl example_maintenance_ips src -f /etc/haproxy/sites/{{ site }}/maintenance_ips

    # Redirect to HTTPS without Let's Encrypt certificate
    ### http-request redirect scheme https code 301 if example_domains !{ ssl_fc }

    # Redirect to HTTPS with Let's Encrypt certificate (exclude LE challenge from redirection)
    ### http-request redirect scheme https code 301 if example_domains !{ ssl_fc } !letsencrypt

    # Redirect a domain to another without Let's encrypt certificate
    ### http-request redirect prefix https://example-to.org code 301 if { var(req.hdr_host) -m str example-from.org }

    # Redirect a domain to another with a Let's encrypt certificate (exclude LE challenge from redirection)
    ### http-request redirect prefix https://example-to.org code 301 if { var(req.hdr_host) -m str example-from.org } !letsencrypt
    
    # HSTS (31536000 seconds = 1 year)
    ### http-response set-header Strict-Transport-Security max-age=31536000 if example_domains

    # Custom directives, all conditionned by at least the "example_domains" ACL
    # Example: reject request from a specific IP
    ### http-request deny if example_domains { src 203.0.113.1 }

    # routing directives, all conditionned by (at least) the "example_domains" ACL
    # Maintenance mode (### -> uncomment BUT define example_maintenance_ips acl before)
    ### use_backend example_maintenance if example_domains !example_maintenance_ips !maintenance_ips
    # Use Varnish if available
    use_backend varnish if example_domains varnish_available varnish_http_verb

    # … or use normal backend
    use_backend example if example_domains