Knowledge Base | Security
Fundamentals: Application Acceleration and the Benefits for your Service Delivery
Application acceleration is all about improving the responsiveness of a digital service. When clients access web applications, they are expecting near-immediate feedback from servers. Maintaining that level of performance requires ensuring the right resources are...
Verify OAuth JWT Tokens with HAProxy
With HTTP REST APIs serving as the backbone of modern web applications, securing those APIs presents a critical challenge for organizations. APIs are typically designed to be discoverable, self-documenting, and easily consumed by a range of programming languages, and...
Restrict API Access with Client Certificates (mTLS)
An application programming interface (API) provides access to the features of a business application, but with the visual elements stripped away. By using APIs, devices like tablets, self-service kiosks, point-of-sale terminals, and robotic sensors can connect up to...
April/2022 – CVE-2022-22965: Spring4Shell Remote Code Execution Mitigation
Recently, a Remote Code Execution vulnerability was discovered in the Java Spring Core library. This vulnerability allows attackers to execute arbitrary code on affected systems. You can find more information on that vulnerability in the announcement on the Spring...
December/2021 – CVE-2021-44228: Log4Shell Remote Code Execution Mitigation
This post will be updated over the next several days. Recently, a Remote Code Execution vulnerability was discovered in the Apache Log4J library. This vulnerability, which is tracked in CVE-2021-44228, dubbed Log4Shell, allows attackers to execute arbitrary code on...
Rate Limiting with the HAProxy Kubernetes Ingress Controller
Add IP-by-IP rate limiting to the HAProxy Kubernetes Ingress Controller. DDoS (distributed denial of service) events occur when an attacker or group of attackers flood your application or API with disruptive traffic, hoping to exhaust its resources and prevent...
September/2021 – CVE-2021-40346: Duplicate ‘Content-Length’ Header Fixed
If you are using HAProxy 2.0 or newer, it is important that you update to the latest version. A vulnerability was found that makes it possible for an attacker to bypass the check for a duplicate HTTP Content-Length header, permitting a request smuggling attack or a...
August/2021 – HAProxy 2.0+ HTTP/2 Vulnerabilities Fixed
A vulnerability was found that makes it possible to abuse the HTTP/2 parser, allowing an attacker to prepend hostnames to a request, append top-level domains to an existing domain, and inject invalid characters through the :method pseudo-header.
![[On-Demand Webinar] Multilayered Security with HAProxy Enterprise](https://cdn.haproxy.com/wp-content/uploads/2021/06/Webinar-Multilayered-Security-with-HAProxy-Enterprise-2-1000x500.png)
[On-Demand Webinar] Multilayered Security with HAProxy Enterprise
Did you know that an HAProxy Enterprise load balancer can protect your applications from common threats? In this webinar, we'll give you an overview of the multilayered security solution provided by HAProxy Enterprise. We will cover how to: use the HAProxy...
![[On-Demand Webinar] HAProxy and the Financial Information eXchange (FIX) Protocol](https://cdn.haproxy.com/wp-content/uploads/2021/04/Webinar-FIX-Protocol-1.png)
[On-Demand Webinar] HAProxy and the Financial Information eXchange (FIX) Protocol
If you prefer to join the French version of the webinar on May 25th, register here. HAProxy 2.4 and HAProxy Enterprise 2.3 add support for the Financial Information eXchange (FIX) protocol. Financial organizations around the world use FIX as a shared vocabulary for...
