Announcing HAProxy ALOHA 17.5
HAProxy ALOHA 17.5 delivers powerful new capabilities that improve security and performance — while future-proofing HAProxy ALOHA to enable richer features and advanced functionality.
HAProxy ALOHA 17.5 delivers powerful new capabilities that improve security and performance — while future-proofing HAProxy ALOHA to enable richer features and advanced functionality.
HAProxy Enterprise 3.2 brings next-generation security intelligence, extends its industry-leading performance, and expands the native routing and integration capabilities in HAProxy Enterprise.
Upgrade to the lastest version of HAProxy Kubernetes Ingress Controller (KIC) to address a vulnerability allowing privilege escalation. Learn about affected versions, remediation, and workarounds.
The latest versions of HAProxy Community and Enterprise have patches for a critical denial of service vulnerability in the mjson library.
This year at Black Hat USA, the conversation focused on model context protocol (MCP), agentic workflows, and how security fundamentals still matter.
CVE-2025-53770 and CVE-2025-53771 are currently being exploited in the wild. However, users of HAProxy Enterprise WAF are protected automatically.
Mitigate SAP NetWeaver CVE-2025-31324 with HAProxy. Learn how to block unauthenticated file uploads and protect your systems from severe risk.
We are experimenting with AI for prompt security in AI Gateways. Discover key lessons, performance issues, and how to optimize for practical use.
A recently discovered security vulnerability requires attention from development teams using Next.js in production environments.
HAProxy Enterprise 3.1 delivers a brand new ADFSPIP Module and enhancements to the HAProxy Enterprise UDP Module, CAPTCHA Module, Global Profiling Engine, and more!
The latest versions of HAProxy Fusion fix multiple rsync vulnerabilities related to memory handling and file management in HAProxy Fusion’s Linux-based virtual images. We will cover these CVEs here.
AWS re:Invent 2024 has officially wrapped up, but not everything that happens in Vegas stays in Vegas. Here are some key takeaways from our five days spent with AWS and app delivery enthusiasts.
HAProxy ALOHA 16.5 is now available, bringing the new Bot Management Module, the new Network Management CLI, and more!
Though KubeCon North America 2024 has officially come to a close, the CNCF's flagship event has left us buzzing with residual excitement. Here's what we've learned throughout those four days.
HAProxy Enterprise 3.0 extends HAProxy Enterprise’s legendary performance and flexibility and builds upon its cornerstone features.
TikTok’s web scraper, Bytespider, is reportedly aggressively sucking up content to fuel generative AI models. We also noticed this while reviewing bot management analytics. Here's what we've learned.
HAProxy Fusion 1.3 is now available! New custom dashboards, high-performance Kubernetes service discovery, and optimized workflows bolster HAProxy Fusion's observability and flexibility.
HAProxy Enterprise lets you immediately drop connections and remove the client if their certificate is revoked. Here's how to strengthen security without disrupting other users and customers.
The latest versions of our products fix a vulnerability related to a possible endless loop in the HTTP/2 multiplexer when combined with zero-copy forwarding system in HAProxy, HAProxy Enterprise...
Learn how HAProxy Enterprise can help financial services uniquely identify requests as part of a greater end-to-end tracing strategy.
Securing traffic between systems is critical. Follow along as we explain how to use SPIFFE and SPIRE to automatically generate and renew identities that include mTLS certificates.
HAProxy Enterprise now supports RADIUS load balancing with the new HAProxy Enterprise UDP Module. We'll outline the challenges with implementing RADIUS load balancing and how to solve them.
AI crawlers from large language model (LLM) companies often ignore the contents of robots.txt and crawl your site. If blocking AI crawlers is your goal, HAProxy Enterprise is the answer. Here's how.
The introduction of ChatGPT caused sharply increased interest in large language models (LLMs). These AI apps also have unique deliverability concerns. Here's how an HAProxy AI gateway can help.
Read highlights from Jakub Suchy's talk describing how HAProxy Fusion enhances both scalability and security for applications, including Kubernetes applications, on AWS.
The latest versions of our products fix a vulnerability related to HTTP/1.1 response code mishandling in products written in golang.
The latest versions of our products fix a vulnerability related to OpenSSH’s server (sshd), which is used in the public/private cloud images of HAProxy Enterprise...
HAProxy 3.0 brings many improvements to simplicity, security, reliability, flexibility, and more. We'll dive into what’s new with detailed examples. It’s a long list, so get cozy and bring a snack!
HAProxy 3.0 maintains its edge over alternatives with best-in-class load balancing. Ready to upgrade? Here’s how to get started.
With HAProxy ALOHA 16 comes our next-generation WAF, new load balancing algorithms, upgraded Linux kernel to 6.1, and better isolation of admin services.
Introducing our next-generation HAProxy Enterprise WAF and HAProxy Enterprise Bot Management Module for unmatched security, performance, and reliability in a simple package.
Our implementation of the HTTP/2 protocol can effectively handle the CONTINUATION Flood.
In this post, we will show how you can use an HAProxy Enterprise load balancer to protect against CitrixBleed by placing it in front of your NetScaler instance(s).
We have received questions regarding CVE-2023-45539 issued in November 2023. The versions of our products released on Monday, 21 August 2023 to fix...
While there are core differences between web apps and APIs, a unified security strategy is crucial. In this blog, we'll discuss why both types of security appear different yet are inherently linked.
We show you how to implement rate limiting based on the ID of the Virtual Private Cloud in Amazon Web Services using HAProxy Enterprise.
Watch our Lightning Talk at AWS re:Invent 2023 on how HAProxy Fusion and HAProxy Enterprise enable simple and scalable load balancing and security on AWS.
To avoid overspending, businesses should reevaluate their security vendors and prioritize a more cost-effective approach.
CVE-2023-44487 found in the HTTP/2 protocol could allow a DoS attack against web servers, reverse proxies, or other software. HAProxy products are unaffected, but we're monitoring the situation.
HAProxy Technologies released new versions of its products to fix the vulnerability CVE-2023-40225. Learn more here.
HAProxy Technologies showcased its deep, targeted, and scalable security at Black Hat USA 2023.
The G2 Summer 2023 Grid Reports recognize HAProxy as a leader in the Web Application Firewall (WAF) and DDoS Protection categories.
Improvements in acme.sh integration allows you to manage TLS certificates with Let’s Encrypt without restarting HAProxy.
HAProxy Technologies has announced that HAProxy 2.0 or newer, HAProxy Enterprise 2.0 or newer, and HAProxy ALOHA 12.5 or newer are affected by CVE-2023-25725. If you are using an affected product you
This blog post will discuss web threats and how to protect yourself against DDoS attacks, web scraping, brute-force attacks, and vulnerability scanning.
Cookies have many usages, most notably user authentication and settings. This post will explain the best practices for how to secure your cookies.
In this blog post, you will learn that application acceleration is all about improving the responsiveness of a digital service.
Learn how to secure your APIs against unauthorized access. The OAuth 2 protocol uses JSON Web Tokens to convey a client’s permissions and HAProxy can verify whether a token can be trusted.
HAProxy enables mTLS, supporting client certificate authentication for both clients and backend servers. Learn how to set it up in this blog post.
HAProxy's high-performance security capabilities are utilized as a key line of defense by many of the world's top enterprises. Application layer DDoS attacks are aimed at overwhelming an application w
The below information is deprecated as HAProxy Enterprise now offers a fully functional native WAF module which supports whitelist-based rulesets, and more.