HAProxy

Waltham, MA, USA
2013
Sep 21, 2020   |  By Daniel Corbett
The OWASP ModSecurity Core Rule Set team has reported a Denial of Service vulnerability in ModSecurity version 3.x that allows an attacker to send a crafted payload that exploits a flaw in how regular expressions are matched within the software. A CVE (CVE-2020-15598) was assigned to this vulnerability and it has been rated with a CVSSv3 score of 7.5 (high).
Sep 15, 2020   |  By Nick Ramirez
Detect and stop fake web crawlers using HAProxy Enterprise’s Verify Crawler add-on. How your website ranks on Google can have a substantial impact on the number of visitors you receive, which can ultimately make or break the success of your online business. To keep search results fresh, Google and other search engines deploy programs called web crawlers that scan and index the Internet at a regular interval, registering new and updated content.
Sep 8, 2020   |  By Nick Ramirez
Guarantee strong encryption by enabling ‘FIPS mode’ with RHEL and HAProxy Enterprise. SSL and its successor TLS are protocols that safeguard web traffic as it crosses the Internet, encrypting communication and protecting it from tampering. However, the encryption algorithms within these protocols are subject to change over time as vulnerabilities are discovered or as better encryption methods become available.
Sep 1, 2020   |  By HAProxy
Head-to-head benchmarking evaluates performance across average requests per second, latency, CPU usage, and HTTP errors
Aug 31, 2020   |  By HAProxy Technologies
HAProxy Enterprise handles SAML single sign-on for your applications and integrates with identity providers like Azure Active Directory.
Aug 21, 2020   |  By Nick Ramirez
Use the HAProxy Runtime API to update SSL certificates in HAProxy without a reload. When you route traffic through an HAProxy load balancer, you gain the ability to terminate SSL at the load balancer. HAProxy encrypts communication between the client and itself and then sends the decrypted messages to your backend servers, which means less CPU work on the servers because there’s no encryption work left to do.
Aug 17, 2020   |  By HAProxy
HAProxy Technologies has published a new eBook that showcases the power of using HAProxy in a Kubernetes environment.
Aug 14, 2020   |  By Nick Ramirez
HAProxy gives you an arsenal of sophisticated countermeasures including deny, tarpit, silent drop, reject, and shadowban to stop malicious users. There are two phases to stopping malicious users from abusing your website and online applications. Step one is detection, step two is deploying countermeasures. HAProxy is more powerful than nearly every other load balancer when it comes to both detection and countermeasures.
Jul 31, 2020   |  By Nick Ramirez
The HAProxy Kubernetes Ingress Controller integrates with cert-manager to provide Let’s Encrypt TLS certificates. When it comes to TLS in Kubernetes, the first thing to appreciate when you use the HAProxy Ingress Controller is that all traffic for all services travelling to your Kubernetes cluster passes through HAProxy. Requests are then routed towards the appropriate backend services depending on metadata in the request, such as the Host header.
Jul 24, 2020   |  By Marko Juraga
Version 2.1 of the HAProxy Data Plane API expands support to all available request and response actions, adds Lua actions, and improves file handling. A year ago, we introduced version 1.0 of the HAProxy Data Plane API, enabling you to configure your HAProxy load balancers remotely through a modern RESTful HTTP API. That first version of the API focused on the essential behaviors for creating frontend proxies, backend server pools, ACLs and traffic switching rules.
Sep 2, 2020   |  By HAProxy
Performance has never been more important than in a cloud-native world. Cloud-hosted resources cost money and a slow-loading application can cause a suboptimal ROI. Have you taken the time to tune your Kubernetes ingress controller and proxy? Many organizations don't until it's absolutely necessary, and most users will typically run a default, out-of-the-box configuration. In this demo, we benchmark five popular ingress controllers and put them head-to-head against each other with their default configurations.
Aug 14, 2020   |  By HAProxy
Helm, the Kubernetes package manager, revamps the way teams manage their Kubernetes resources and allows them to deploy applications in a consistent and reliable way. It is a valuable tool in a continuous delivery pipeline, with support for quick updates and rollbacks. At HAProxy Technologies, we offer Helm as the preferred method for installing the HAProxy Kubernetes Ingress Controller, and we’ll show you how to customize that installation to fit your use case.
May 28, 2020   |  By HAProxy
This presentation will describe how Go and other developers can integrate with HAProxy via the HAProxy Data Plane API and it’s packages. We will explain the motivation behind this new product and provide an overview of how we used the OpenAPI specification, including how models and server stubs are generated using go-swagger. We will delve deeper with describing client-native and config-parser packages and explain how and when to use them, by showing how we use them in our HAProxy Kubernetes Ingress Controller. We will also briefly touch on how you can contribute to these projects.
May 21, 2020   |  By HAProxy
Process management in HAProxy has evolved since the beginning of the project; With the advent of new init systems and process managers, managing HAProxy processes became complicated due to the multi-processes architecture of the project. The Master Worker mode simplifies the process management and introduces interesting features. This talk will briefly review the history of the Master Worker mode and the new features it brought.
May 6, 2020   |  By HAProxy
This presentation will provide an overview of the new Data Plane API, which you can use to configure your load balancer using HTTP REST commands. You will learn how to get started and how to build tools to work with it. You will also learn how to configure a frontend/backend and modify a configuration using the API.
Apr 30, 2020   |  By HAProxy
In 2018, we migrated several video-on-demand/replay platforms from on-premise to the AWS cloud. HAProxy was the key to this migration, allowing us to move safely and without any downtime. We’ll take a deep dive through the configuration used to secure our migration, highlighting aspects such as our use of the “observe layer7” keyword. I’ll also cover how we use GOReplay to replicate traffic and our use of the HAProxy Ingress Controller in front of our Kubernetes clusters.
Apr 2, 2020   |  By HAProxy
At Criteo, we have been working on building a tight integration between HashiCorp Consul and HAProxy. In this talk, we will explain how we provision our HAProxy instances dynamically using Consul Connect, a new service mesh technology that allows HAProxy to talk to its peers from machine-to-machine without a traditional load balancer. We will detail how we are able to create a service with DNS, add load balancing, and configure SSL certificates in mere seconds. Since Criteo is working actively on enabling HAProxy with Consul Connect, we will explain the challenges of scaling Service Mesh architectures for large infrastructures.
Mar 26, 2020   |  By HAProxy
Oui.sncf sells tickets and passes for rail travel around Europe. We operate the #1 French e-commerce website with more than 83 million travel products sold and more than 12 million unique visitors per month. We’ve been using HAProxy since 2009. When we decided to build our own CDN solution in 2015, we knew we’d include HAProxy as a main component. In this talk, we will show you how HAProxy is integrated into our CDN infrastructure and how we use it daily to manage, update, configure, and troubleshoot our infrastructure.
Mar 26, 2020   |  By HAProxy
CenterDevice offers secure document storage and sharing with OCR, full-text indexing and automatic versioning. Our SREs use HAProxy to gain insights into the usage of our services, diagnose issues, and throttle or reject requests based on HAProxy ACLs. In this talk, you will see how we generate HAProxy configuration files using templates. We will describe our custom log format and demonstrate how we integrate HAProxy data with Kibana.
Mar 17, 2020   |  By HAProxy
At Willhaben, we run Austria’s largest classified advertising marketplace. We started using HAProxy due to our need to move to an all-HTTPS environment. Since then, we’ve leveraged HAProxy for geo-redundancy, HTTP/2, integration with Kubernetes, and blocking suspicious activity. In this talk, I will explain how we gradually shifted from basic HAProxy functionality to our current deployment, and will also describe where we encountered trouble in our production environment and how we overcame it. We are currently serving 5-6 gigabits per second of peak traffic via HAProxy, with about 20k requests per second.
Aug 18, 2020   |  By HAProxy
This whitepaper is designed for anyone evaluating the pros and cons of different types of application delivery controllers for web applications and services. The Software Versus Appliance Load Balancers whitepaper will give you basic definitions for different types of load balancers. It will also provide you with guidance on how to choose the load balancer that best meets the application delivery requirements for your applications.
Aug 18, 2020   |  By HAProxy
Your pods running in Kubernetes need to be exposed to the outside world. With the HAProxy Kubernetes Ingress Controller, you can route traffic to them faster, more reliably, and with improved security compared to any other ingress controller.
Aug 1, 2020   |  By HAProxy
This whitepaper is designed for anyone responsible for ensuring the quality of service and business continuity for web applications and services. The All About Load Balancing whitepaper will give you the keys to a comprehensive load balancing strategy. It will also provide you with guidance on how to tune your architecture based on your requirements or constraints.
Aug 1, 2020   |  By HAProxy
HAProxy gives you the building blocks to create a strong, layered defense against DDoS, malicious bot traffic, vulnerability scanners and more.
Jul 1, 2020   |  By HAProxy
One of the biggest challenges for organizations that have adopted microservice architecture is the lack of architectural, operational, and organizational standardization. After splitting a monolithic application or building a microservice ecosystem from scratch, many engineers are left wondering what's next. In this practical book, author Susan Fowler presents a set of microservice standards in depth, drawing from her experience standardizing over a thousand microservices at Uber. You'll learn how to design microservices that are stable, reliable, scalable, fault tolerant, performant, monitored, documented, and prepared for any catastrophe.

We are the company behind HAProxy, the world’s fastest and most widely used software load balancer. Organizations rapidly deploy HAProxy products to deliver websites and applications with the utmost performance, observability, and security at any scale and in any environment.

HAProxy One is an industry-first end-to-end application delivery platform designed to simplify and secure modern application architectures. It features a suite of products consisting of application delivery software, appliances and turnkey services managed and observed through a unified control plane. It provides load balancing, application acceleration, CDN, DDoS protection, bot management, and WAF capabilities.

HAProxy Powers the Uptime of the Cloud Era:

  • Load Balancing: Load balance your services at any scale and in any environment with our feature-rich application delivery controllers.
  • High Availability: Deliver optimal user experiences regardless of volume of visitors, number of hits, or complexity of request.
  • Application Acceleration: High performance SSL offloading, advanced timings, high performance lookup maps, HTTP compression, device detection and HTTP routing.
  • Administration: Utilize HAProxy’s RESTful Data Plane API and Runtime API to manipulate your load balancer’s configuration or to drain traffic. Make changes dynamically without risking impact to other services.
  • Security: Receive the benefits of SSL with less hardware, reduce the number of services exposed to the Internet, stop DDoS and Brute Force attacks, detect and block SQL/XSS attacks, ensure protocol compliance and identify intrusions with our advanced logging.
  • Microservices: HAProxy is at the core of application delivery for some of the largest and most complex microservices architectures in the world and constantly releases new features to support these dynamic environments.

Powering the future of secure application delivery.