HAProxy is Resilient to the HTTP/2 CONTINUATION Flood
Our implementation of the HTTP/2 protocol can effectively handle the CONTINUATION Flood.
Articles in category
Security
Protect Against Netscaler Vulnerability CitrixBleed
In this post, we will show how you can use an HAProxy Enterprise load balancer to protect against CitrixBleed by placing it in front of your NetScaler instance(s).
December 2023 - CVE-2023-45539: HAProxy Accepts # as Part of the URI Component Fixed
We have received questions regarding CVE-2023-45539 issued in November 2023. The versions of our products released on Monday, 21 August 2023 to fix...
Web App Security vs. API Security: Unified Approaches Reign Supreme
While there are core differences between web apps and APIs, a unified security strategy is crucial. In this blog, we'll discuss why both types of security appear different yet are inherently linked.
Rate limiting based on AWS VPC ID
We show you how to implement rate limiting based on the ID of the Virtual Private Cloud in Amazon Web Services using HAProxy Enterprise.
Scalable Load Balancing & Security Made Simple at AWS re:Invent 2023
Watch our Lightning Talk at AWS re:Invent 2023 on how HAProxy Fusion and HAProxy Enterprise enable simple and scalable load balancing and security on AWS.
Why Implementing App Security Can Lead To Spiraling Costs
To avoid overspending, businesses should reevaluate their security vendors and prioritize a more cost-effective approach.
HAProxy is Not Affected by the HTTP/2 Rapid Reset Attack (CVE-2023-44487)
CVE-2023-44487 found in the HTTP/2 protocol could allow a DoS attack against web servers, reverse proxies, or other software. HAProxy products are unaffected, but we're monitoring the situation.
August 2023 - CVE-2023-40225: Empty content-length header vulnerability fixed
HAProxy Technologies released new versions of its products to fix the vulnerability CVE-2023-40225. Learn more here.
Black Hat USA: Adaptable Security From HAProxy
HAProxy Technologies showcased its deep, targeted, and scalable security at Black Hat USA 2023.
G2’s Most Recommended WAF & DDoS Protection
The G2 Summer 2023 Grid Reports recognize HAProxy as a leader in the Web Application Firewall (WAF) and DDoS Protection categories.
HAProxy and Let’s Encrypt: Improved Support in acme.sh
Improvements in acme.sh integration allows you to manage TLS certificates with Let’s Encrypt without restarting HAProxy.
