diff --git a/packaging/aleph-vm/etc/haproxy/haproxy-aleph.cfg b/packaging/aleph-vm/etc/haproxy/haproxy-aleph.cfg
index 46ac1f37..96e425f0 100644
--- a/packaging/aleph-vm/etc/haproxy/haproxy-aleph.cfg
+++ b/packaging/aleph-vm/etc/haproxy/haproxy-aleph.cfg
@@ -52,13 +52,13 @@ frontend ft_ssl
 
     # Inspect SSL handshake
     tcp-request inspect-delay 5s
-    tcp-request content accept if { req_ssl_hello_type 1 }
+    tcp-request content accept if { req.ssl_hello_type 1 }
 
     # Extract SNI from TLS CLIENT HELLO and store it
-    acl has_sni req_ssl_sni -m found
-    tcp-request content set-var(txn.sni) req_ssl_sni if has_sni
+    acl has_sni req.ssl_sni -m found
+    tcp-request content set-var(txn.sni) req.ssl_sni if has_sni
+    log-format "HTTPS %ci : %cp %ft %b/%s %Tw/%Tc/%Tt %B %ts %ac/%fc/%bc/%sc/%rc %sq/%bq dst:%[var(txn.sni)]"
 
-    # Find the target server dynamically from SNI
     use_backend bk_ssl if has_sni
     default_backend bk_default_ssl
 
@@ -67,7 +67,6 @@ frontend ft_http
     bind :::80 v4v6
     mode http
 
-    # log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"
     # Extract Host header and store it
     http-request set-var(txn.host) hdr(host)
 
@@ -95,10 +94,9 @@ frontend ft_ssh
 
 # Dynamic backends that will be populated with servers at runtime
 backend bk_ssl
-    mode tcp
-
-    # Use the appropriate variable based on the traffic type
-    # For HTTPS - Use SNI
+   mode tcp
+    # Find the target server dynamically from SNI
+   tcp-request content set-var(txn.sni) req.ssl_sni
    acl server_found var(txn.sni),lower,map(/etc/haproxy/https_domains.map) -m found
    use-server %[var(txn.sni),lower,map(/etc/haproxy/https_domains.map)] if server_found
    use-server fallback_local unless server_found