This post will be updated over the next several days. Recently, a Remote Code Execution vulnerability was discovered in the Apache Log4J library. This vulnerability, which is tracked in CVE-2021-44228, dubbed Log4Shell, allows attackers to execute arbitrary code on affected systems. While HAProxy Enterprise, HAProxy ALOHA, and other products within the HAProxy Technologies portfolio are not impacted by this (they do not use the Log4J library at all), you can use them to block the attack.

Register for our live webinar to learn more about this release. HAProxy 2.5 is now available! It adds improvements to a number of areas including better usability around setting variables, more descriptive error reporting and logging, and enhanced HTTP and WebSocket support. The HAProxy Runtime API has expanded its coverage of SSL-related commands and now includes the ability to add and remove CA files and revocation lists on-the-fly.

Willy Tarreau, the founder of the HAProxy load balancer, 20 years past its initial, open-source release, still guides the project, often submitting code patches and writing long and meticulous replies on the community forum. Over the years, he has been joined by a cast of regular contributors, but also newcomers. This collaboration has kept the project evolving over time. In this interview, Willy describes his views on the success of the project, and how it grew over the years.

Version 2.4 improves its e2e tests, revamps how logging in the HAProxy Data Plane API works, adds support for namespace filtering in Consul Service Discovery, improves runtime capabilities for maps and ACLs, adds server-template support and adds log_targets to global and defaults sections.

We’re proud to announce the release of version 1.7 of the HAProxy Kubernetes Ingress Controller! In this release, we added support for custom resource definitions that cover most of the configuration settings. Definitions are available for the global, defaults and backend sections of the configuration. This promotes a cleaner separation of concerns between the different groups of settings and strengthens validation of those settings.

It’s almost wild how two years have passed already since we first announced the HAProxy Ingress Controller for Kubernetes. Note that this project is different from the jcmoraisjr/haproxy-ingress HAProxy ingress controller project on GitHub. Our project is also an open-source project, but it is overseen by engineers at HAProxy Technologies, which has allowed us to streamline its release cycle.

HAProxy provides active, passive, and agent health checks. HAProxy makes your web applications highly available by spreading requests across a pool of backend servers. If one or even several servers fail, clients can still use your app as long as there are other servers still running. The caveat is, HAProxy needs to know which servers are healthy. That’s why health checks are crucial.

Add IP-by-IP rate limiting to the HAProxy Kubernetes Ingress Controller. DDoS (distributed denial of service) events occur when an attacker or group of attackers flood your application or API with disruptive traffic, hoping to exhaust its resources and prevent it from functioning properly. Bots and scrapers, too, can misbehave, making far more requests than is reasonable.

Learn how to test your HAProxy Configuration. Properly testing your HAProxy configuration file is a simple, yet crucial part of administering your load balancer. Remembering to run one simple command after making a change to your configuration file can save you from unintentionally stopping your load balancer and bringing down your services.