SECURITY

 

The world’s most highly trafficked sites trust HAProxy as their frontline defense to a myriad of attacks. HAProxy users receive the benefits of SSL with less hardware while reducing the number of services exposed to the Internet.

We detect and stop DDoS, Brute Force and SQL/XSS attacks. With our advanced logging, we identify intrusions and assure protocol compliance.

REVERSE PROXY

Having a reverse proxy protects your infrastructure from probing and attacks, enabling you to keep all your infrastructure hidden from the attackers, limiting their ability.

HTTP VALIDATION

Validates that the request is in full compliance with HTTP standards, protecting your application from being targeted by sophisticated attacks that exploit HTTP parsers.

APPLICATION-BASED DDOS PROTECTION

Provides application-based DDoS protection protecting your infrastructure from resource exhaustion and keeping your application working.

ANOMALOUS BEHAVIOR PROTECTION

With simple rulesets you can prevent attackers from brute forcing passwords or scraping the content off your sites.

TRAFFIC FILTERING

Filtering of any element of from the IP to the application layer. You can filter based on IPs, SSL information or any element of HTTP/HTTPS request or response

ANTIBOT MODULE

Send JavaScript challenges to suspicious clients to help distinguish between legitimate users and automated bots, giving the real users a chance to validate themselves to avoid being blocked.

SANITIZE MODULE

Filter and verify HTTP headers to ensure application security by blocking attackers that abuse HTTP headers.

FINGERPRINT MODULE

Efficiently separate real search engines from DDoS bots pretending to be search engine, as well as uniquely identify users behind a single IP.

WAF OFFLOADER MODULE

Detect and protect your sites against SQL injection and XSS attacks with this high-performance blacklist-based WAF module.

PROTOCOL AND VOLUMETRIC DDOS

With PacketShield, stop any protocol based attack before it even reaches the kernel. Its performance enables you to deal with full 10G line-rate floods with minimal CPU usage.

SSL

Unparalleled SSL stack with full ECC/RSA, RFC5077, OCSP stapling, on-the-fly certificate generation and much more. Keep up with the latest Internet security standards while making sure you deliver full performance to your users.

STICK TABLE AGGREGATOR

Aggregate view of in memory counters across your whole load balancing infrastructure allows you to define cluster wide tracking policies that efficiently detect problematic or malicious behavior.

Contact the authoritative experts on HAProxy who will assist you in finding the solution
that best fits your needs for deployment, scale, and security.
Contact a Representative