Operations | Monitoring | ITSM | DevOps | Cloud

HAProxy 3.2 is here, and this release gives you more of what matters most: exceptional performance and efficiency, best-in-class SSL/TLS, deep observability, and flexible control over your traffic. These powerful capabilities help HAProxy remain the G2 category leader in API management, container networking, DDoS protection, web application firewall (WAF), and load balancing.

A critical vulnerability in SAP NetWeaver (CVE-2025-31324) is currently being exploited in the wild. Disclosed on April 24, 2025, this vulnerability has the highest possible CVSS score of 10.0, indicating severe risk. The vulnerability affects SAP NetWeaver Application Server Java's Visual Composer Framework (version 7.50), allowing unauthenticated attackers to upload arbitrary files to NetWeaver servers. This can lead to remote code execution and complete system compromise.

A paper on this topic was prepared for internal use within HAProxy last year, and this version is now being shared publicly. Given the critical role of SSL in securing internet communication and the challenges presented by evolving SSL technologies, reverse proxies like HAProxy must continuously adapt their SSL strategies to maintain performance and compatibility, ensuring a secure and efficient experience for users. We are committed to providing ongoing updates on these developments.

AI is no longer just a buzzword. According to a 2024 McKinsey survey, 72% of companies now use AI in at least one area of their business. By 2027, nearly all executives expect their organizations to use generative AI for both internal and external purposes. However, with this rapid adoption comes significant security risks. As organizations rush to implement AI solutions, many overlook a critical vulnerability: prompt security.

A decision-making framework breaking down the strengths, weaknesses and ideal use cases to help users choose the proper protocol for their systems. Initially published in The New Stack We often think of protocol choice as a purely technical decision, but it's a critical factor in the user experience and how your application is consumed. This is a high-impact business decision, making it crucial for the technical team to first understand the business situation and priorities.

Last week, the cloud-native jamboree that is KubeCon descended on London, UK (my home city), and HAProxy Technologies set out to be the life of the party. This year’s event was our biggest yet, so we brought our A-game – with a huge booth, a lot to show off, and thousands and thousands of T-shirts to fold and give away.

If you’ve worked with VMware Horizon (now Omnissa Horizon), you know it’s a common way for enterprise users to connect to remote desktops. But for IT engineers and DevOps teams? It’s a whole different story. Horizon’s custom protocols and complex connection requirements make load balancing a bit tricky. With its recent sale to Omnissa, the technology hasn’t changed—but neither has the headache of managing it effectively.

A recently discovered security vulnerability requires attention from development teams using Next.js in production environments. Let’s discuss the vulnerability and look at a practical HAProxy solution that you can implement with just a single line of configuration. These solutions are easy, safe, and incredibly fast to deploy while planning more comprehensive framework updates.

HAProxy ALOHA 17.0 is now available, delivering powerful new features that improve UDP load balancing, simplify network management, and enhance performance. With this release, we’re introducing the new UDP Module and extending network management to the Data Plane API, a new API-based approach to network configuration. The Network Management CLI is enhanced with exit status codes and contextual help.

HAProxy Enterprise 3.1 is now available! With every release, HAProxy Enterprise redefines what to expect from a software load balancer, and 3.1 is no different. With a brand new ADFSPIP Module and enhancements to the HAProxy Enterprise UDP Module, CAPTCHA Module, Global Profiling Engine, Stream Processing Offloading Engine, and Route Health Injection Module, this version improves HAProxy Enterprise's legendary performance and provides even greater flexibility and security.