Set up custom error pages in HAProxy to ensure consistent, branded messaging that supports any backend web stack. The memory is probably still fresh: You’re shopping online at your favorite website, looking for something specific, you’ve got it narrowed down to two or maybe three products, you make the final decision, click to checkout and then— Internal Server Error. A cryptic error has replaced the page you were expecting. More than surprised, you feel knocked off balance.

The OWASP ModSecurity Core Rule Set team has reported a Denial of Service vulnerability in ModSecurity version 3.x that allows an attacker to send a crafted payload that exploits a flaw in how regular expressions are matched within the software. A CVE (CVE-2020-15598) was assigned to this vulnerability and it has been rated with a CVSSv3 score of 7.5 (high).

Detect and stop fake web crawlers using HAProxy Enterprise’s Verify Crawler add-on. How your website ranks on Google can have a substantial impact on the number of visitors you receive, which can ultimately make or break the success of your online business. To keep search results fresh, Google and other search engines deploy programs called web crawlers that scan and index the Internet at a regular interval, registering new and updated content.

Guarantee strong encryption by enabling ‘FIPS mode’ with RHEL and HAProxy Enterprise. SSL and its successor TLS are protocols that safeguard web traffic as it crosses the Internet, encrypting communication and protecting it from tampering. However, the encryption algorithms within these protocols are subject to change over time as vulnerabilities are discovered or as better encryption methods become available.