diff --git a/templates/haproxy_cfg.jinja2 b/templates/haproxy_cfg.jinja2
index 0fabc57b6de8c22ff463b8c908baf2ec80c0cae3..e6df3f8cf82e72b54a2e061f641db63b2b4921c9 100644
--- a/templates/haproxy_cfg.jinja2
+++ b/templates/haproxy_cfg.jinja2
@@ -71,8 +71,9 @@ frontend http_in
 {% endfor %}
   http-request set-header x-routing-host undefined
   acl letsencrypt_challenge path_beg /.well-known/acme-challenge/
+  http-request redirect code 301 location %[capture.req.uri,map(/etc/haproxy/redirect.path.map)] if !letsencrypt_challenge { capture.req.uri,map(/etc/haproxy/redirect.path.map) -m
   http-request redirect code 301 location %[hdr(host),map(/etc/haproxy/redirect.domain.map)] if !letsencrypt_challenge { hdr(host),map(/etc/haproxy/redirect.domain.map) -m found }
-  http-request redirect code 301 location %[capture.req.uri,map(/etc/haproxy/redirect.path.map)] if !letsencrypt_challenge { capture.req.uri,map(/etc/haproxy/redirect.path.map) -m found }
+found }
 {% if haproxy_private is defined %}
 {% if haproxy_private.domain is defined %}
   acl privatedomain hdr(host) -i -n -f /etc/haproxy/privatelist.domain
@@ -190,8 +191,8 @@ frontend http_in
 frontend https_in_{{ cert.ip }}
   bind {{ cert.ip }}:443 ssl crt /etc/haproxy/certs/{{ cert.file }} no-sslv3
   http-request del-header Proxy
-  http-request redirect code 301 location %[hdr(host),map(/etc/haproxy/redirect.domain.map)] if { hdr(host),map(/etc/haproxy/redirect.domain.map) -m found }
   http-request redirect code 301 location %[capture.req.uri,map(/etc/haproxy/redirect.path.map)] if { capture.req.uri,map(/etc/haproxy/redirect.path.map) -m found }
+  http-request redirect code 301 location %[hdr(host),map(/etc/haproxy/redirect.domain.map)] if { hdr(host),map(/etc/haproxy/redirect.domain.map) -m found }
 {% if haproxy_private is defined %}
 {% if haproxy_private.domain is defined %}
   acl privatedomain hdr(host) -i -n -f /etc/haproxy/privatelist.domain