HAProxy Enterprise Documentation 2.5r1

Web Application Firewall

A WAF or Web Application Firewall helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet.

HAProxy Enterprise provides the following modules to protect web applications from attacks:

Advanced WAF

Use the Advanced WAF for increased protection against web application attacks.

ModSecurity

Configure the ModSecurity web application firewall in HAProxy Enterprise.

SQL Injection/XSS

Use the HAProxy Enterprise WAF Offloader to block XSS and SQL Injection attacks.

The table below will help you decide which WAF implementation should better suit your needs.

WAF module

Request per second performance

Allowlist management

Advanced WAF with default core ruleset

Good

Manual

Advanced WAF with custom core ruleset

Good

Automatic

ModSecurity

Fair

Manual

SQL Injection/XSS (WAF Offloader)

Good

Automatic


Next up

Advanced WAF
HAProxyConf 2022 - Call for papers