Security

The world's most highly trafficked sites trust HAProxy as their frontline defense to a myriad of attacks. HAProxy users receive the benefits of SSL with less hardware while reducing the number of services exposed to the Internet.

We detect and stop DDoS, Brute Force and SQL/XSS attacks. With our advanced logging, we identify intrusions and assure protocol compliance.

Reverse Proxy

Proxies all traffic from the internet to your backends through HAProxy in order to ensure all open services are intended and requests logged.

HTTP Validation

Validates that requests comply with the protocol specifications before sending them on to backend servers.

Advanced Application-based DDoS Protection

Blocks requests from clients based on multiple metrics and arbitrary criteria, over a configurable time window.

Anomalous Behavior Protection

Combines multiple metrics about a client's behavior into information for backends or to make routing/access decisions.

Dynamic ACL Updates

Updates ACL, Map, or TLS ticket key files in memory normally loaded from disk during HAProxy startup during runtime.

Traffic Filtering

Uses ACLs to detect any condition in HTTP(S) traffic and route or block the request as desired.

Antibot Module

Sends JavaScript challenges to requests selected by ACL rules.

reCAPTCHA v2

Support for presenting clients who have exhibited anomalous traffic patterns with a Google reCAPTCHA v2 challenge.

Sanitize Module

Filters and verifies that HTTP header names and contents comply specifically with the HTTP specification.

Fingerprint Module

Generate a unique identifier based on a client request.

WAF Module

High performance Web Application Firewall that supports multiple modes including blacklist based signature support, whitelist only mode, and ModSecurity ruleset support.

Contact the authoritative experts on HAProxy who will assist you in finding the solution
that best fits your needs for deployment, scale, and security.