SECURITY
The world’s most highly trafficked sites trust HAProxy as their frontline defense to a myriad of attacks. HAProxy users receive the benefits of SSL with less hardware while reducing the number of services exposed to the Internet.
We detect and stop DDoS, Brute Force and SQL/XSS attacks. With our advanced logging, we identify intrusions and assure protocol compliance.
REVERSE PROXY
Having a reverse proxy protects your infrastructure from probing and attacks, enabling you to keep all your infrastructure hidden from the attackers, limiting their ability.
HTTP VALIDATION
Validates that the request is in full compliance with HTTP standards, protecting your application from being targeted by sophisticated attacks that exploit HTTP parsers.
APPLICATION-BASED DDOS PROTECTION
Provides application-based DDoS protection protecting your infrastructure from resource exhaustion and keeping your application working.
ANOMALOUS BEHAVIOR PROTECTION
With simple rulesets you can prevent attackers from brute forcing passwords or scraping the content off your sites.
TRAFFIC FILTERING
Filtering of any element of from the IP to the application layer. You can filter based on IPs, SSL information or any element of HTTP/HTTPS request or response
ANTIBOT MODULE
Send JavaScript challenges to suspicious clients to help distinguish between legitimate users and automated bots, giving the real users a chance to validate themselves to avoid being blocked.
SANITIZE MODULE
Filter and verify HTTP headers to ensure application security by blocking attackers that abuse HTTP headers.
FINGERPRINT MODULE
Efficiently separate real search engine crawlers from DDoS bots pretending to be search engine crawlers, as well as uniquely identify users behind a single IP.
WAF OFFLOADER MODULE
Detect and protect your sites against SQL injection and XSS attacks with this high-performance blacklist-based WAF module.
ADVANCED WAF MODULE (BETA)
Ensure a very high level of protection for even the most insecure web applications with this high-performance whitelist-based WAF module.
SSL
Unparalleled SSL stack with full ECC/RSA, RFC5077, OCSP stapling, on-the-fly certificate generation and much more. Keep up with the latest Internet security standards while making sure you deliver full performance to your users.
PROTOCOL AND VOLUMETRIC DDOS
With PacketShield, stop any protocol based attack before it even reaches the kernel. Its performance enables you to deal with full 10G line-rate floods with minimal CPU usage.
STICK TABLE AGGREGATOR
Aggregate view of in memory counters across your whole load balancing infrastructure allows you to define cluster wide tracking policies that efficiently detect problematic or malicious behavior.
Contact the authoritative experts on HAProxy who will assist you in finding the solution
that best fits your needs for deployment, scale, and security.