HAProxy - We love open source!!
A+ Qualys with HAProxy — The Secret Sauce
Want to know how to achieve an A+ rating for your SSL web server on Qualys? Read on.
How to load balance Microsoft Dynamics using HAProxy
Microsoft Dynamics is a critical ERP and CRM tool. It, therefore, needs to be highly available and scalable. Here's how you can achieve that.
Thinking about moving from HAProxy to a proprietary load balancer?
Here our Loadbalancer.org Founder, Malcolm Turnbull, offers advice to anyone thinking of moving from HAProxy to a proprietary load balancer.
How to install and configure HAProxy on RHEL 7
Follow our clear instructions if you want to use HAProxy with Red Hat Enterprise Linux.
Loadbalancer.org releases Open Source SNMP MIB and Agent for HAProxy
We’re always keen to give back to the community that writes such great software – our new SNMP agents and MIBs for HAProxy make monitoring your Virtual Services and Real Servers a breeze.
Layer 4 vs Layer 7 load balancing - we still love DSR, but…
Direct server return, direct routing - no matter what you call it, using DSR maximises the throughput of return traffic and allows for near endless scalability. Here's why we still love it.
Update on HAproxy HTTP/2 HPACK Decoder Vulnerability (2 April 2020)
A critical vulnerability in HAProxy’s HTTP/2 HPACK decoder in versions 1.8 and above has been discovered. This does not impact the majority of Loadbalancer.org customers.
HAProxy Conference 2019
We recently attended the inaugural HAProxy Conference in Amsterdam. Loadbalancer.org are proud to be part of the HAProxy community and we were glad to be involved with the event.
A modern Feedback Agent for HAProxy
We recently released a completely rewritten version of our Windows Feedback Agent for HAProxy. This blog sets out to explore the issues caused by the previous Feedback Agent, and more importantly why the new Feedback Agent is better. Where can I get it? (Updated 05/11/2018) As always the
How to write an external health check script for HAProxy
There's a saying you've probably heard: "Give a man a fish, and you feed him for a day. Teach a man to fish, and you feed him for a lifetime." Health checks are an important part of load balancing your application, and in many other circumstances too. We
New year, new vulnerability: HAProxy critical security update
The Christmas tree is still up, you’ve barely swept away the used party poppers and champagne corks from your New Year celebrations - and already, there’s a new security issue to be aware of. A vulnerability has been found which could enable a hacker to crash HAProxy when
HAProxy critical security update — to avoid simple(ish) DoS attack (20 September 2018)
A critical security issue has been found in HAProxy, leaving certain systems vulnerable to remote attack. We want to keep you informed, and we understand that this news might cause you some anxiety. But be reassured - most of our customers won’t be affected.
What exactly is a 'Modern DevOps' load balancer?
If you Google 'modern load balancer', you will quickly find the awesome blog from Matt Klein — followed by some marketing fluff from AVI Networks and NGINX+. It's really annoying when people believe — that something traditional (proven to work) is somehow worse, than something that is modern (looks like a cool
Does the new multi-threaded support in HAProxy finally solve the 10G problem?
The best thing about HAProxy is its single process event driven architecture. It gives amazing performance in most real world scenarios and happily saturates gigabit+ networks... But the single process design is also the worst thing about HAProxy, because until now the way of scaling to 10G+ has been to
Highly Available NFS based Kerberos KDC aka. Ganesha + GlusterFS + HAProxy.
Load balancing NFS is a real pain — especially when it comes to the locked mounts issue. In this blog I'll explain how to create a highly available NFS server for Kerberos.
NGINX vs HAProxy — a bit like comparing a 2CV with a Tesla?
As I design, build and sell load balancers based on LVS and HAProxy, it’s in my interests to combat the avalanche of NGINX+ marketing propaganda that I've seen over the last year. Let's call it an attempt to skewer fake news.
Breaking HAProxy with the help of a Spirent Avalanche and lots of very small packets...
HAProxy is awesome. So awesome in fact, that here at Loadbalancer.org HQ - I find it very difficult to generate enough load to break it...so let's try harder!
How to load balance Microsoft FTP Server with HAProxy
Open standards are awesome, and the File Transfer Protocol FTP (inspite of its flaws) has been in constant use for an amazing 40 years! FTP can be a pain to run over firewalls and load balancers, so this blog explains how to configure Microsoft FTP and HAProxy.
Client Certificate Authentication with HAProxy
Using client certificates for security is a pretty cool idea! You can protect an entire application or even just a specific Uniform Resource Identifier (URI) to only those that provide a valid client certificate.
Loadbalancer.org must've been well behaved in 2016
Loadbalancer.org must've been well behaved in 2016. Or at least that's the opinion of the hard working elves down at HAProxy Technologies. Our good friends across the channel very kindly sent us a Christmas gift, in the form of their ALOHA Pocket load balancer... HAProxy Technologies' ALOHA Pocket is
Transparent HAProxy in Azure using TProxy
We all know that the built-in Azure load balancer is perfectly functional, but sometimes you need a proper load balancer. HAProxy is an excellent choice if you need layer 7 functionality, but its a full reverse-proxy, so the application thinks that all of the traffic is coming from HAProxys IP
How to stop TPROXY when used with HAProxy breaking clients in the real server subnet
Dealing with clients coming from the same subnet as the real servers when using Tproxy can be a pain. It creates an issue because once Haproxy is running transparently, it will allow the real server to see the client IP so the real server will reply directly back to the
Blocking invalid range headers using ModSecurity and/or HAProxy (MS15-034 - CVE-2015-1635)
Microsoft quietly patched a fairly nasty little bug (MS15-034) in IIS last month: A simple HTTP request with an invalid range header field value to either kill IIS, reveal data or remotely execute code! We haven't seen one of these in a while and obviously you are safe if you
Transparent Load balancing with HAProxy on Amazon EC2
This is a quick guide on how to setup transparent mode on HAProxy in Amazon's EC2. One of our favored methods of load balancing is using Layer 4 DR because it is transparent and fast. Unfortunately because of Amazon's infrastructure this is not possible in EC2 so we need to
Simple Denial of Service DOS attack mitigation using HAProxy
Denial of Service (DOS) attacks can be especially effective against certain types of web application. If an application is highly dynamic or database-intensive it can be remarkably simple to degrade or cripple the functionality of a site. This blog describes some simple methods of mitigating single-source IP DOS attacks using