Knowledge Base | Security
Enable TLS with Let’s Encrypt and the HAProxy Kubernetes Ingress Controller
The HAProxy Kubernetes Ingress Controller integrates with cert-manager to provide Let's Encrypt TLS certificates. When it comes to TLS in Kubernetes, the first thing to appreciate when you use the HAProxy Ingress Controller is that all traffic for all services...
PacketShield: A Tool for Superior DDoS Protection
PacketShield provides stateful packet filtering and protects your network against DDoS. Packet floods are DDoS attacks in which large numbers of packets are sent to a target with the goal of saturating the target's resources. They can heavily impact the system's...
Enabling CORS in HAProxy
The HAProxy Cross-Origin Resource Sharing (CORS) Lua module streamlines adding CORS to your APIs. What is CORS? Read on to learn more. It doesn't matter whether you're using Angular, React, Vue or simple, vanilla JavaScript. You're guaranteed to need to fetch or...
HAProxy Rate Limiting: Four Examples
Use rate limiting in HAProxy to stop clients from making too many requests and promote fair usage of your services. Rate limiting in HAProxy stops a client from making too many requests during a window of time. You might have a policy that stipulates how many requests...
HAProxy SSL Termination
The HAProxy load balancer provides high-performance SSL termination, allowing you to encrypt and decrypt traffic. You can quickly and easily enable SSL/TLS encryption for your applications by using HAProxy SSL termination. HAProxy is compiled with OpenSSL, which...
IP Masking in HAProxy
An HAProxy load balancer allows you to mask IP addresses in order to protect the privacy of your users. Read on to learn more. How do load balancers fit into the larger debate over data privacy and security? It helps to step back and consider how HAProxy adds a layer...
Bot Protection with HAProxy
HAProxy is a high-performance load balancer that provides advanced defense capabilities for detecting and protecting against malicious bot traffic to your website. Combining its unique ACL, map, and stick table systems with its powerful configuration language allows...
Application-Layer DDoS Attack Protection with HAProxy
HAProxy’s high-performance security capabilities are utilized as a key line of defense by many of the world’s top enterprises. Application-layer DDoS attacks are aimed at overwhelming an application with requests or connections, and in this post we will show you how...
Using HAProxy with the Proxy Protocol to Better Secure Your Database
The Proxy protocol is a widely used invention of our CTO at HAProxy Technologies, Willy Tarreau, to solve the problem of TCP connection parameters being lost when relaying TCP connections through proxies. Its primary purpose is to chain proxies and reverse-proxies...
What is a Slow POST Attack and How to Turn HAProxy into your First Line of Defense?
One of the biggest security challenges that companies face in today's modern climate is the POST attack. Unlike a more traditional "Denial-of-Service" attack, POST attacks target a servers logical resources - making them particularly powerful when executed. What is a...
