HAProxy
The best open source load balancer, without a doubt
HAProxy
New year, new vulnerability: HAProxy critical security update
An incorrect frame length check could result in a read-past-bound which can cause a crash...
HAProxy
HAProxy critical security update — to avoid simple(ish) DoS attack (20 September 2018)
A critical security issue has been found in HAProxy, leaving certain systems vulnerable to remote attack. We want to keep you informed, and we understand that this news might cause you some anxiety. But be reassured - most of our customers won’t be affected...
HAProxy
What exactly is a 'Modern DevOps' load balancer?
It's really annoying when people believe that something traditional (proven to work) is somehow worse, than something that is modern (looks like a cool idea)...
Open source
Does the new multi-threaded support in HAProxy finally solve the 10G problem?
It’s no big secret that a single processor can only handle so much processing in a given time. So what happens when you reach the limits of what a single processor can handle? Simple, you add more processors...
AWS / Azure / GCP
How to add Cloudflare in front of HAProxy
Cloudflare provides a content delivery network (CDN). A CDN is a worldwide network of servers that delivers web content to clients based on the geographic location of the client...
Open source
Highly Available NFS based Kerberos KDC aka. Ganesha + GlusterFS + HAProxy.
Load balancing NFS is a real pain — especially when it comes to the locked mounts issue. In this blog I'll explain how to create a highly available NFS server for Kerberos...
Comparisons
NGINX vs HAProxy — a bit like comparing a 2CV with a Tesla?
As I design, build and sell load balancers based on LVS and HAProxy, it’s in my interests to combat the avalanche of NGINX+ marketing propaganda that I've seen over the last year. Let's call it an attempt to skewer fake news...
HAProxy
Breaking HAProxy with the help of a Spirent Avalanche and lots of very small packets...
HAProxy is awesome. So awesome in fact, that here at Loadbalancer.org HQ - I find it very difficult to generate enough load to break it...so let's try harder!..
Application Management
How to load balance Microsoft FTP Server with HAProxy
Open standards are awesome, and the File Transfer Protocol FTP (inspite of its flaws) has been in constant use for an amazing 40 years! FTP can be a pain to run over firewalls and load balancers, so this blog explains how to configure Microsoft FTP and HAProxy...
How-tos
Client Certificate Authentication with HAProxy
Using client certificates for security is a pretty cool idea! You can protect an entire application or even just a specific Uniform Resource Identifier (URI) to only those that provide a valid client certificate...
HAProxy
Loadbalancer.org must've been well behaved in 2016
HAProxy Technologies' ALOHA Pocket is a full-featured ALOHA Load Balancer running on a light USB-powered hardware that easily fits in a pocket, meaning it's possible to carry it everywhere to run tests and demos...
Open source
Transparent HAProxy in Azure using TProxy
HAProxy is an excellent choice if you need layer 7 functionality, but its a full reverse-proxy, so the application thinks that all of the traffic is coming from HAProxys IP - rather than the clients...
Open source
How to stop TPROXY when used with HAProxy breaking clients in the real server subnet
Once HAProxy is running transparently, it will allow the real server to see the client IP so the real server will reply directly back to the client bypassing the load balancer...
Security
Blocking invalid range headers using ModSecurity and/or HAProxy (MS15-034 - CVE-2015-1635)
Anomaly score based blocking is more flexible and effective than simple first error blocking...
Open source
Transparent Load balancing with HAProxy on Amazon EC2
One of our favorite methods of load balancing is using Layer 4 DR because it is transparent and fast. Unfortunately, because of Amazon's infrastructure, this is not possible in EC2 so we need to use another method which means we are left with layer 4 NAT and transparent HAproxy using TProxy...
Security
Simple Denial of Service DOS attack mitigation using HAProxy
Denial of Service (DOS) attacks can be used to degrade or cripple the functionality of a site...
Open source
Stunnel X-Forward-For (XFF) with HAProxy and the PROXY Protocol
By default, the source IP address of the packet reaching the web servers is the IP address of the load balancer and not the IP address of the client...
Open source
SSL offload testing with HAProxy and Stunnel
There are a lot of SSL offload throughput statistics available for appliances across the internet but rarely do they detail the way they were tested...
HAProxy
3 Ways To Send HAProxy Health Check Email Alerts
The ideal way to monitor the health of the real servers is to to have a dedicated monitoring system in place such as Nagios. However this isn’t always an option, so for some they require the loadbalancer to send an alert...
HAProxy
HAProxy load balancer feedback agent — We've Open Sourced both our Windows and Linux versions for you!
In general when you are load balancing a cluster you can evenly spread the connections through the cluster. However, with some applications, you might get very high load from just a few users doing heavy work, which can compromise performance...
Performance
What do you mean my pipe is saturated?
Some of the most common questions we get at Loadbalancer.org are performance related. It is quite difficult to give a straight answer to these questions as the real answer is often slightly unsatisfactory...
HAProxy
HAProxy email alerts guide
As of haproxy-1.6-dev1 it is now possible to send email alerts directly from HAProxy thanks to the excellent work done for us by Simon Horman...
HAProxy
Setting up HAProxy with Transparent Mode on Centos 6.x
Transparent mode with HAProxy allows you to see the IP Address of the clients computer while still having a high availability service using HAProxy...
Application Management
Load Balancing Exchange 2010 CAS Array with HAProxy (Quick Guide)
This Blog is for anyone wanting to load balance the Exchange 2010 CAS role using only open source software...