Announcing HAProxy ALOHA 17.0
HAProxy ALOHA 17.0 introduces the new UDP Module and extends network management to the Data Plane API, a new API-based approach to network configuration.
Articles by
Baptiste Assmann
Baptiste has focused on high-performance web architectures for more than a decade now, mainly on the front piece and through the angle of the Load-Balancer/Reverse proxies. Baptiste loves studying new use cases and finds solutions to make the magic happen with his software load-balancer of choice: HAProxy.
Twitter LinkedIn GitHub
Announcing HAProxy Enterprise 3.1
HAProxy Enterprise 3.1 delivers a brand new ADFSPIP Module and enhancements to the HAProxy Enterprise UDP Module, CAPTCHA Module, Global Profiling Engine, and more!
Announcing HAProxy 3.1
HAProxy 3.1 brings improvements to observability, reliability, performance, and flexibility.
Announcing HAProxy Enterprise 3.0
HAProxy Enterprise 3.0 extends HAProxy Enterprise’s legendary performance and flexibility and builds upon its cornerstone features.
HAProxy is Resilient to the HTTP/2 CONTINUATION Flood
Our implementation of the HTTP/2 protocol can effectively handle the CONTINUATION Flood.
HTTP Keep-Alive, Pipelining, Multiplexing & Connection Pooling
In this blog post, you will learn more about persistent TCP connections in an HTTP world and the various ways in which HAProxy supports it.
DNS for Service Discovery in HAProxy
Learn how to use DNS service discovery in HAProxy to detect server changes and automatically apply them to your configuration.
Using HAProxy as an API Gateway, Part 3 [Health Checks]
In the blog post, you'll learn various ways to health check your servers so that your APIs maintain a high level of reliability. This includes...
![Using HAProxy as an API Gateway, Part 3 [Health Checks]](https://cdn.haproxy.com/img/containers/partner_integrations/image2-2-%281%29.png/5ef4ef148b968f89804293c3d44312e7/image2-2-%281%29.png)
Using HAProxy as an API Gateway, Part 2 [Authentication]
In the blog post, you'll learn more about using HAProxy as an API gateway, leveraging it to secure your API endpoints using OAuth 2.
![Using HAProxy as an API Gateway, Part 2 [Authentication]](https://cdn.haproxy.com/img/containers/partner_integrations/image2-e1548174430466.png/3942e9fa498bb46e325ba72db6f9bd84/image2-e1548174430466.png)
Building a Service Mesh With HAProxy & Consul
In a service mesh, requests are passed to proxies that relay messages from one service to another. See how HAProxy can be used in the Consul service mesh.
Using HAProxy as an API Gateway, Part 1 [Introduction]
An API gateway routes client requests intelligently and handles functions such as load balancing, security, and rate limiting.
![Using HAProxy as an API Gateway, Part 1 [Introduction]](https://cdn.haproxy.com/img/containers/partner_integrations/2022/api-gateway-pt1/avalanche-area-1080x540.png/2b915c11c726470bf6e314e194c3a7ed/avalanche-area-1080x540.png)
HAProxy & Consul With DNS for Service Discovery
In this blog post, we will show you a zero-touch method for integrating HAProxy with Consul by using DNS for service discovery available in HAProxy 1.8.
Announcing HAProxy 1.8
The monumental stable release of HAProxy 1.8 is here! The HAProxy 1.8 release candidate 1 (RC1) has been published by the R&D team here at HAProxy Technologies.
HAProxy and ELK (Elasticsearch, Logstash and Kibana) Stack
This blog contains information and provides a technical guide for getting started with the ELK stack, configuring HAProxy, parsing the data and troubleshooting.
What is a Slow POST Attack & How to Prevent One? (Guide)
In a Slow POST attack, an attacker begins by sending a legitimate HTTP POST header to a Web server, exactly as they would under normal circumstances.
HAProxy & Container IP Changes in Docker
In this blog post, we will answer this question: how to follow up on a container IP change when restarting a container?
Announcing HAProxy 1.6
13th of October 2015, Willy Terrau announced the release of HAProxy 1.6.0, after 16 months of development. A total of 1156 commits from 59 people were committed.
HAProxy’s Load Balancing Algorithm for Static Content Delivery With Varnish
In this blog post, we will show how to use HAProxy's hash based load balancing algorithm for static content delivery with Varnish.
Microsoft Remote Desktop Services (RDS) Load Balancing
Remote Desktop Services is a technology from Microsoft that allows users to remotely access a session-based desktop, virtual machine-based desktop, or...
A HTTP Monitor Which Matches Multiple Conditions in HAProxy
Health checking is one of the most important features of a load balancer. Here we show how to match multiple conditions for HTTP health checking in HAProxy.
HAProxy and SSLv3 Poodle Vulnerability
This blog post explains how to use HAProxy to simply prevent using SSLv3 or to prevent those users to reach your applications and print them a message.
Mitigating the Shellshock Vulnerability With HAProxy
Today’s article will explain how to use HAProxy to protect your application from Bash shellshock vulnerability if you’re in a case where you have to be protected.
PHP-fpm/FastCGI Probe Example (Binary Health Check With HAProxy 1.5)
In this blog post, we demonstrate how to enable binary health checks with HAProxy 1.5 by using a PHP-fpm/FastCGI probe example.
What is the HTTP 408 Request Timeout Error? (+ How to Fix it)
The HTTP 408 status code is an error returned by the server when it doesn't receive a timely request from the client.
How to Write Apache ProxyPass* Rules in HAProxy?
Some customers ask us to migrate the Apache mod_proxy configuration into HAProxy. This article explains how to translate ProxyPass-related rules.
Linux Asymmetric Routing Using Multiple Default Gateways
In this blog post, we will demonstrate how to perform asymmetric routing and multiple default gateways on Linux with HAProxy.
How to Protect Application Cookies While Offloading SSL
You don’t want your clients to send their cookies (understand their identity) clearly through the Internet. This is today’s article's purpose.
Emulating Active/Passive Application Clustering With HAProxy
In this blog post, we will show the different ways in which you can use the HAProxy load balancer to emulate an active/passive clustering mode.
HAProxy Advanced Redis Health Check
In this blog post, we demonstrate how to build a simple Redis infrastructure thanks to the HAProxy advanced send/expect health checks feature.
Failover & Worst Case Management With HAProxy
HAProxy allows to redirect traffic based on events and internal status. In this blog post we show how to use HAProxy for failover and worst-case management.
Configuring HAProxy & Nginx for SPDY
Basically, HAProxy uses the NPN (and later the ALPN) TLS extension to figure out whether the client can browse the website using SPDY.
Transparent Proxying & Binding With HAProxy & ALOHA Load Balancer
Here comes the transparent proxy mode: HAProxy can be configured to spoof the client IP address when establishing the TCP connection to the server.
SSL Client Certificate Information in HTTP Headers & Logs
In this blog post, we show how you can enable inserting client certificate information in HTTP headers and reporting them in the log line with HAProxy.
Apache Cdorked Backdoor Detection
In this blog post, we provide an HAProxy configuration that can help you detect the Apache Cdorked Backdoor attack in your systems and protect them against it.
Brute Force Attacks in WordPress (HAProxy Prevention Guide)
A brute force attack in WordPress consists of massively sending requests to a URL with different parameters each time. Here's how to prevent it using HAProxy...
Client IP Persistence or Source IP Hash Load Balancing
In this blog post, we show two ways of performing source IP affinity with HAProxy: through the hash load balancing algorithm and using HAProxy Stick Tables.
Configure Syslog-ng to Log Readable HTTP URL From HAProxy
In this blog post, we describe how you configure HAProxy to log URLs exactly the way they were sent by the client by using syslog-ng's flexible configuration.
IIS 6.0 Appsession Cookie and PCI Compliance
When setup by the application server, the HAProxy load balancer can be used to update cookies on-the-fly. In this blog post, we explain how.
SSL Offloading Impact on Web Applications
Performing SSL at the Load-Balancer Layer is called SSL offloading because you offload this process from your application servers. Here's what you should know.
Mitigating the SSL Beast Attack Using the ALOHA Load Balancer
The beast attack on SSL isn’t new, but we have not yet published an article to explain how to mitigate it with ALOHA or HAProxy.
Microsoft Exchange 2013 Load Balancing With HAProxy
In this blog post, we show how to perform load balancing with HAProxy on Microsoft Exchange 2013 Services hosted on single and multiple host names.
HAProxy, High MySQL Request Rate and TCP Source Port Exhaustion
In this blog post, we show how to use HAProxy with MySQL at high request rates, and how to prevent the common TCP source port exhaustion error.
Exchange Outlook Web Access (OWA) Cross-Site Request Forgery (CSRF) Protection
In this blog post, we will provide information on how to enable Exchange Outlook Web Access (OWA) Cross-Site Request Forgery (CSRF) protection with HAProxy.
Websockets Load Balancing With HAProxy
HTTP protocol is connection-less and only the client can request information from a server. In any case, a server can contact a client. Furthermore...
HAProxy Log Customization
Although HAProxy gives you detailed logging, sometimes you need a custom HAProxy log format. In this post, see how to define the template for logs.
HAProxy and Gzip Compression
Compression is used for reducing object size in order to reduce delivery delay for objects over the HTTP protocol. We show how to enable this in HAProxy.
High Performance WAF Platform With Naxsi and HAProxy
In this blog post, we will demonstrate how to create a highly performant WAF platform using Naxsi and the HAProxy load balancer.
Scalable WAF Protection With HAProxy & Apache With ModSecurity
The below information is deprecated as HAProxy Enterprise now offers a fully functional native WAF module which supports whitelist-based rulesets, and more.
SSL Client Certificate Management at Application Level
The main purpose of using client-side certificates is to increase the level of authentication. Since HAProxy is often in front of web platform, it is the right place to do this authentication.
Highly Available RTMP Platform With HAProxy & crtmpserver
In this blog, we share how to build a high-available RTMP platform for delivering video content with HAProxy and crtmpserver.
eCommerce Application Delivery Controller (Configuration Guide)
In this blog post, we will show how to use HAProxy's layer 7 features to improve eCommerce website performance and provide the best end-user experience.
How to Get SSL With HAProxy Getting Rid of Stunnel, Stud, NGINX or Pound
HAProxy is a high-performance reverse proxy and load balancer commonly used on web platforms and even as a replacement for hardware load balancers like F5 appliances.
How to: SSL Native in HAProxy
HAProxy can support SSL offloading. Today, I’ll focus on how to install and configure HAProxy to offload SSL processing from your servers.
How to Use HAProxy & Varnish Together on a Single Domain Name
In this blog post, we'll explain how to use both HAProxy and Varnish on a web application hosted on a single domain name.
HAProxy vs Varnish (Complete Comparison)
Despite being “competitors”, each of them has its own very well performing: HAProxy is a Reverse-proxy Load-Balancer and Varnish is a Reverse-proxy cache.
HTTP Request Flood Mitigation
In this blog post, we will provide a configuration that you can use to protect your applications against HTTP request flood attacks.
Use the GeoIP Database With HAProxy (Easy to Follow Guide)
Geolocation is the process of linking a third party to a geographical location. In easier words: know the country of a client's IP address. On the Internet, such a base is called GeoIP.
Efficient SMTP Relay Infrastructure With Postfix & Load Balancers
In this blog post, we will explain how to configure the HAProxy load balancer to build an efficient SMTP relay infrastructure with Postfix.
Preserve Source IP Address Despite Reverse Proxies (Guide)
In this blog post, we aim to demonstrate how to preserve source IP addresses when using the reverse-proxy mode in HAProxy.
Hypervisors Performance Comparison & Benchmarking (Unbiased)
In this blog post, we summarize the findings of a hypervisors virtual network performance comparison from a virtualized load balancer point of view.
Enhanced SSL Load Balancing With Server Name Indication (SNI) TLS Extension
In this blog post, we show how to enable enhanced SSL load balancing with the Server Name Indication (SNI) TLS Extension in HAProxy and HAProxy ALOHA.
Load Balancing, Affinity, Persistence & Sticky Sessions
This blog post shows why and how to use a load balancer, the differences between Affinity, Persistence, and Sticky Sessions, and how to enable them in HAProxy.
Microsoft Terminal Server / RemoteApp Load Balancing
Microsoft Terminal Services or remoteapps both use the RDP protocol. One issue when using RDP is being able to stick a user to a server.
Using ALOHA Load Balancer as a Reverse Proxy (Guide)
This blog post will show you how to use HAProxy ALOHA as a reverse proxy for accessing multiple websites or apps behind a single public IP address.
Benchmarking SSL Performance
In this blog post, we explain how one can improve SSL/TLS performance by adding some functionality to SSL open-source software with HAProxy.
Layer 4 Load Balancing Direct Server Return Mode
In this blog post, we explain what the Layer 4 Load Balancing Direct Server Return (DSR) Mode is, its pros and cons and when and how to use it.
Layer 4 Load Balancing Tunnel Mode
In this blog post, we explain what the Layer 4 Load Balancing Tunnel Mode is, how it works, when to use it, as well as its pros and cons.
Layer 4 Load Balancing NAT Mode
In this blog post, we explain what the Layer 4 Load Balancing NAT Mode is, its pros and cons and when to use this type of architecture.
Send Users to the Same Server for IMAP & SMTP
In this blog post we will demonstrate how you can send users to the same server for imap and smtp by using HAProxy ALOHA.
Send User to the Same Backend for both HTTP & HTTPS
Your application uses both HTTP and HTTPS, depending on the pages. SSL encryption is achieved by your backend server directly. Here's how.
Protect Your Web Server Against Slowloris Attack
Slowloris is a script which opens TCP connections and sends HTTP headers very slowly to force web servers to keep connections opened. The purpose is to...
Maintain Affinity Based on SSL Session ID
HAProxy ALOHA allows you to maintain HTTPS sessions based on SSL connection ID. In this blog post, we show you how to configure HAProxy ALOHA for this.
How to Play With Maxconn to Avoid Server Slowness or Crash
In this blog post we demonstrate how to protect any application or web server against unexpected high load using HAProxy ALOHA.
Smart Content Switching for a News Website
Build a scalable architecture for a news website using these components: A load balancer with content switching capability, cache server and application server.
HAProxy Aloha Layer 7 IPv6 to IPv4 Configuration (Guide)
In this blog post, we show how to configure HAProxy Aloha to use it as an IPv6 to IPv4 gateway without modifying anything on your current platform.
Layer 4 vs Layer 7 Load Balancing (Differences Explained)
Layer 4 is related to the transport layer of the OSI model, and layer 7 is related to the application level. A layer 7 load balancer makes routing decisions based on...