Operations | Monitoring | ITSM | DevOps | Cloud

How to enable post-quantum cryptography and TLS termination with HAProxy

Every time a client connects to your server, a small negotiation happens before a single byte of application data moves. That negotiation, the TLS handshake, is what makes encrypted web traffic possible. It's also at risk of being recorded. Not the content of your sessions, but the handshake itself. And that's enough. A well-resourced attacker doesn't need to break your encryption today.

How Liftoff cut costs by 87% and latency by 75% with HAProxy

Liftoff, a mobile advertising company, processes 1.5 trillion bid requests every month. Their platform touches 275 million unique devices daily across 150 geographies. At that scale, the proxy layer is a core part of the business. For years, Liftoff relied on a managed enterprise proxy vendor. It worked, until it didn’t.

AWS Summit London & NYC: what engineers want

Across two AWS Summit events in London and New York City, we had the chance to speak with more than 1,000 engineers. They came from startups building their first production stack, and enterprises managing large AWS and multi-cloud deployments. The energy was exactly what you'd expect: major AWS launches, dozens of new service announcements, wall-to-wall cloud conversations. And HAProxy right in the middle of it.

How Clover moved beyond blue-green deployments with HAProxy Fusion Control Plane

Clover’s platform handles more than just payments: inventory, employee management, online sales, and customer loyalty programs are all running on a single monolith called the Clover Operating System (COS). Releasing updates to that platform reliably and without disrupting merchants is one of the hardest operational problems a platform team can face. For a decade, Clover ran HAProxy at the center of its infrastructure.

Protecting against HTTP/2 Bomb vulnerability (CVE-2026-49975) with HAProxy

On June 2, 2026, security researchers disclosed a remote denial-of-service (DoS) exploit named the HTTP/2 Bomb. This flaw allows unauthenticated remote attackers to rapidly exhaust server memory, rendering major web servers inaccessible.

Announcing HAProxy 3.4

HAProxy 3.4 is a milestone release that significantly advances HAProxy’s legendary flexibility, performance, security, reliability, and observability. Dynamic backend management simplifies integration with modern architectures, memory efficiency improves across a broader range of workloads, native cryptographic operations at the proxy layer open new possibilities for API security architectures, and OpenTelemetry support makes HAProxy a first-class participant in distributed tracing pipelines.

HAProxy Enterprise WAF protects against Drupal core SA-CORE-2026-004 SQL Injection (CVE-2026-9082)

On May 20th, 2026, the Drupal Security Team published a new advisory disclosing a security vulnerability report in the database driver of the Drupal content management system. The issue affects installations configured to use PostgreSQL as their database, leading to a possible SQL Injection.

How HAProxy built its modern application delivery architecture

Let’s be real: building reliable tech products is hard. Modernizing that same tech without compromising the user experience is even harder. The "rip and replace" approach to modernization can severely disrupt your customers’ integration efforts and workflows. When it doesn’t work, reversing course might be the least-worst option. By contrast, the evolution of the HAProxy One application delivery platform architecture at HAProxy Technologies over 25 years has been gradual and consistent.

How Criteo handles 23M requests per second (RPS) with HAProxy Runtime API automation

Criteo handles 23 million requests per second (RPS) while maintaining peak performance and minimizing downtime. For most organizations, handling that level of traffic is just a theoretical stress test — a what-if scenario should their infrastructure ever be overwhelmed by an unexpected wave of requests. But for Criteo, 23 million RPS is just another Tuesday.