HAProxy Technologies

06/03/2026

HAProxy 3.4 is out now! 🎉 This is a milestone release that advances all four pillars of what makes HAProxy the world's most trusted software load balancer: flexibility, performance, security, and reliability.

These powerful capabilities further solidify HAProxy's lead in G2 categories in Load Balancing, API Management, Container Networking, DDoS Protection, and Web Application Firewall (WAF).

The full release announcement covers every enhancement in detail, including dynamic backend config examples, ACME setup, CPU topology tuning, and more. Read it here:

HAProxy 3.4 brings important improvements to flexibility, performance, security, reliability, and more. Explore further by diving into our announcement.

06/02/2026

Every signature-based WAF has the same blind spot: the gap between when a vulnerability is disclosed and when a rule is written to block it. For sophisticated attackers, that window is an opportunity.

Zero-day vulnerabilities don't wait. On May 20th, the Drupal Security Team disclosed a critical SQL injection flaw affecting PostgreSQL-backed installations. Proof-of-concept exploits appeared on GitHub within hours. For organizations relying on signature-based protection, that gap was a live exposure period with no immediate remedy.

HAProxy Enterprise WAF was engineered from the ground up without reliance on conventional attack signatures. When proof-of-concept exploits surfaced, we tested multiple public and in-house variants against it. Each one was blocked without a single rule update. This Drupal vulnerability is the latest in a consistent track record of zero-day protection that stems directly from how the WAF was built.

Read more about the vulnerability in Drupal, and how HAProxy Enterprise WAF offers zero-day protection:

Protect your infrastructure from Drupal SQL Injection (CVE-2026-9082) using HAProxy Enterprise WAF. Learn about immediate mitigation strategies and automatic WAF protection.

06/01/2026

Public sector agencies running F5 are navigating a familiar set of pressures: rising costs, rigid infrastructure, and renewal cycles that strain fixed budgets.

If your agency is considering upgrading to HAProxy One but isn't sure where to start, this session was built for exactly that.

Join Jakub Suchy and Ron Northcutt on June 4th for a live, unrecorded office hours session on replacing F5 with HAProxy One. The session covers:
🔹 Live HAProxy configuration demos
🔹Performance at massive scale
🔹Next-gen security and observability
🔹High availability architecture
🔹A practical overview of the migration process

The collaborative format means each attendee gets personalized attention for their specific questions. Register today:

Join our informative session where we'll answer your questions about the HAProxy One platform — and discuss how switching to HAProxy can save your agency up to 90%.

05/29/2026

When Austin Ellsworth from Weller Truck Parts took the stage at HAProxyConf, he did something most infrastructure teams would never attempt: triggered a live failover in production, in front of an audience.

With their VDI servers disconnected, HAProxy Enterprise detected the failure instantly, traffic shifted to the secondary data center in under a second, and users reconnected to their Horizon environment without noticing a thing.

A team of four built and tested the entire architecture in under six months and walked away from a cloud alternative that would have cost $90,000 to $100,000 a month in compute.

Find out how they did it: https://hubs.la/Q04jlMg40

05/28/2026

Government organizations are under pressure to cut costs, replace aging technology, innovate, and protect against growing cybersecurity threats, all while ensuring high availability and operating within fixed budgets.

HAProxy One provides significant cost reductions in application delivery, the freedom to deploy anywhere without cloud lock-in, and a simple, single-vendor solution.

Software-first, stable pricing, deployable on-premises, in air-gapped environments, and in any cloud or container platform with multi-layered security, including DDoS protection, bot management, API security, and WAF built in.

First U.S. Air Force and Space Force Chief Software Officer, Nicholas Chaillan, who was a paid advisor at the time, had a unique perspective on how HAProxy works:
"HAProxy Technologies has built an enviable reputation for reliability over 23 years in the open source and enterprise software industries, serving customers such as the U.S. Air Force, NASA, and the Social Security Administration."

"The company is independent, and the technology is agnostic, so their customers have the freedom to build anywhere and avoid the risks of lock-in. Their global open source community ensures products are peer-reviewed and battle-tested with a transparency that proprietary 'black box' technology can't match. Finally, with ownership and operations in the U.S. and Europe, this is a platform and a vendor our nation can trust with its most valuable digital assets."

Find out what HAProxy One can do for your agency here:

Deploy low-cost, scalable app delivery and security anywhere. Enable rapid innovation across government, law enforcement, aerospace, defense, R&D, and more.

05/27/2026

Zero-trust security has become a practical requirement for any organization managing complex, distributed infrastructure.

The principle is straightforward: no user, app, service, or device is trusted by default, regardless of whether they're inside or outside the network. Every access request requires verification and every network segment requires authentication. The old "castle and moat" approach assumed that getting past the perimeter was enough. Zero trust assumes it isn't.

Attack surfaces keep growing, access points keep multiplying, and the assumption that an authenticated user is a legitimate one is exactly the kind of gap that bad actors exploit.

HAProxy supports a zero-trust approach across several layers — IP-based access lists, WAF, mTLS certificate automation, role-based access control, and rate limiting — giving teams the tools to enforce strict access controls without sacrificing performance.

Find the full breakdown of what zero-trust security means, how it works, and how HAProxy supports it here: https://hubs.la/Q04h_SMG0

05/26/2026

When your infrastructure moves faster than your config files can keep up with, the HAProxy Data Plane API is the missing piece.

📅 Join us on May 28th for a live session where Ron Northcutt is going to show you exactly how to use it.
⏰ Thursday, May 28th at 11 AM EST / 5 PM CET.

This session is for SREs and platform engineers who want practical, copy-paste-ready guidance they can put to work immediately.

The webinar includes:
🔹 A clear mental model of how the Data Plane API thinks about HAProxy
🔹 Live demos covering server registration, runtime map updates, and zero-downtime SSL certificate rotation
🔹 Three automation patterns SREs are using today across CI/CD, service discovery, and custom controllers
🔹 A clear framework for when to reach for the API and when to reach for a control plane.

Register now:

This session is designed for SREs and platform engineers who want direct and practical guidance on automating HAProxy.

05/25/2026

If you're in London and working in or around Kubernetes, containers, or cloud-native infrastructure, June 3rd is worth putting in the calendar. Cloud Native London brings together the kind of people who actually build things, hold genuine talks, and the practical conversations tend to reflect that. There'll also be pizza, which never hurts!

Come find the HAProxy team on the night. We'd love to talk infrastructure, swap stories, or just catch up over a slice. 🍕

05/22/2026

What if you could take your data center recovery window from four hours to under a second? 📉

This was the reality for Weller Truck Parts, the largest heavy-duty truck parts remanufacturer in North America. When their infrastructure goes down, 46 locations and 1,150 employee-owners feel it immediately.

Austin Ellsworth, Infrastructure Manager at Weller, had one goal: infrastructure should never get in the way of the business. Achieving it meant taking a four-hour recovery window and eliminating it entirely.

Today, Weller runs an active-active data center architecture capable of failing over in under a second, built on the world’s fastest application delivery and security platform, HAProxy One.

Its flexible data plane, HAProxy Enterprise, handles high-performance application delivery, while HAProxy Fusion Control Plane provides centralized management and observability across the entire deployment from a single interface.

From four hours down to subsecond data center failover.⚡ Read the full story:

Subsecond data center failover is possible with the right routing. See how Weller Truck Parts achieved it using HAProxy One and Anycast BGP.