HAProxy

frontend www_http
    mode            http
    bind            *:80
    bind            *:443 ssl crt /etc/ssl/certs/mycompany.pem

    # passing on that browser is using https
    reqadd X-Forwarded-Proto:\ https
    # for Clickjacking
    rspadd X-Frame-Options:\ SAMEORIGIN

    # prevent browser from using non-secure
    rspadd Strict-Transport-Security:\ max-age=15768000
    redirect        scheme https code 301 if !{ ssl_fc }

    stats enable
    stats refresh 30s
    stats show-node
    stats realm Haproxy\ Statistics
    stats uri /haproxy?stats

    acl app1 hdr(host) -i app1.mycompany.com
    acl app2 hdr(host) -i app2.mycompany.com
    acl app3 hdr(host) -i app3.mycompany.com

    # Just incase if you are using path instead of subdomain. But it's commented.
    # acl app1 url_beg /app1
    # acl app2 url_beg /app2
    # acl app3 url_beg /app3

    use_backend app_1_backend if app1
    use_backend app_2_backend if app2
    use_backend app_3_backend if app3

# backend for app 1
backend app_1_backend
    timeout client  300000
    timeout server  300000
    redirect scheme https if !{ ssl_fc }
    server app-1 127.0.0.1:8081 check
    http-response set-header X-TS-Server-ID %s

# backend for app 2
backend app_2_backend
    timeout client  300000
    timeout server  300000
    redirect scheme https if !{ ssl_fc }
    server app-2 127.0.0.1:8082 check
    http-response set-header X-TS-Server-ID %s

# backend for app 3
backend app_3_backend
    timeout client  300000
    timeout server  300000
    redirect scheme https if !{ ssl_fc }
    server app-3 127.0.0.1:8083 check
    http-response set-header X-TS-Server-ID %s