diff --git a/templates/haproxy_cfg.jinja2 b/templates/haproxy_cfg.jinja2
index bd7ecacab6c5c915df71bd1f5c0a6d1cc7c7f4b9..7f69e1b751ecb15db32d05333e1b83a2d1dc6c80 100644
--- a/templates/haproxy_cfg.jinja2
+++ b/templates/haproxy_cfg.jinja2
@@ -82,7 +82,10 @@ frontend http_in
   http-request auth realm notprivate if !letsencrypt_challenge privatedomain !privateip !private_auth
 {% endif %}
 {% for redirect in proxy_redirect_search_replace|default([]) %}
-  http-request redirect code 301 location %[url,regsub(\"{{ redirect.search }}\",\"{{ redirect.replace }}\",i)] if !letsencrypt_challenge { path_reg {{ redirect.match }} }
+{% if redirect.extra is defined %}
+  acl {{ redirect.extra.variable }} {{ redirect.extra.condition }}
+{% endif %}
+  http-request redirect code 301 location %[url,regsub(\"{{ redirect.search }}\",\"{{ redirect.replace }}\",i)] if !letsencrypt_challenge {% if redirect.extra is defined %}{% if redirect.extra.negate|default(false) %}!{% endif %}{{ redirect.extra.variable }} {% endif %}{ path_reg {{ redirect.match }} }
 {% endfor %}
 {% for line in proxy_extra_lines|default([]) %}
   {{ line }}
@@ -221,7 +224,10 @@ frontend https_in_{{ cert.ip }}
   http-request auth realm notprivate if privatedomain !privateip !private_auth
 {% endif %}
 {% for redirect in proxy_redirect_search_replace|default([]) %}
-  http-request redirect code 301 location %[url,regsub(\"{{ redirect.search }}\",\"{{ redirect.replace }}\",i)] if { path_reg {{ redirect.match }} }
+  {% if redirect.extra is defined %}
+    acl {{ redirect.extra.variable }} {{ redirect.extra.condition }}
+  {% endif %}
+  http-request redirect code 301 location %[url,regsub(\"{{ redirect.search }}\",\"{{ redirect.replace }}\",i)] if !letsencrypt_challenge {% if redirect.extra is defined %}{% if redirect.extra.negate|default(false) %}!{% endif %}{{ redirect.extra.variable }} {% endif %}{ path_reg {{ redirect.match }} }
 {% endfor %}
 {% for line in proxy_extra_lines|default([]) %}
   {{ line }}