🎉New HAProxy SPOA Remediation Component!

We recently released the cs-haproxy-spoa-bouncer, allowing CrowdSec decisions (block, CAPTCHA, allow) to be applied directly in @haproxy through a cleaner, more efficient SPOE integration.

In our latest Dev Diaries, @iiamloz shares how we replaced a clever-but-complex setup with a streamlined, single-listener design powered by goroutines, making CrowdSec faster, more reliable, and easier to operate.

Read more 👉 https://crowdsec.net/blog/simplifying-haproxy-spoa-architecture

#HAProxy #cybersecurity #appsec #opensource

Morning thought: HAProxy’s caching may not be as advanced as other solutions (such as the excellent Varnish), but for some use cases it is fantastic.

#haproxy #Varnish #IT #SysAdmin #Caching

How to Install and Configure #HAProxy on Oracle Linux #VPS Servers

This article provides a guide for how to install and configure HAProxy on Oracle Linux VPS servers.
What is HAProxy?
HAProxy (High Availability Proxy) is an open-source software widely used for load balancing, proxying, and high availability in modern IT infrastructure. It is especially popular in web hosting, cloud platforms, and ...
Continued 👉 https://blog.radwebhosting.com/how-to-install-and-configure-haproxy-on-oracle-linux-vps-servers/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.raddemo.host #oraclelinux #loadbalancer #reverseproxy #loadbalancing

@amapanda for backend tls, you can use the same haproxy as an onloader:

https://varnish-cache.org/docs/trunk/users-guide/vcl-backends.html#connecting-through-a-proxy

tls should be used when you have an untrusted network inbetween your cache and backends. otherwise http is more efficient

#vinylcache #haproxy

Add /etc/haproxy/conf.d directory in the haproxy.service systemd unit file #systemd #haproxy

https://askubuntu.com/q/1560478/612

Updated #Orked, my collection of scripts to help set up a production-ready #RKE2 #Kubernetes cluster in your #homelab. This update brings general improvements to the scripts, improved documentation, #HAProxy load balancer support for load balancing multiple Master nodes, and upgraded all components including RKE2, #Longhorn, #Nginx Ingress, #Cert-manager, #MetalLB, #Rancher, etc. to their latest versions.

I still hope someday to support more Kubernetes distributions like #k3s, but haven't gotten around to it. I've also been planning to support more #Linux distros as the base too, instead of only #RockyLinux/#RHEL, but that'll have to wait as well for now. Regardless, I am quite happy with how mature and stable these scripts have turned out to be. If you'd like to set up a cluster of your own, maybe check it out!

🔗 https://github.com/irfanhakim-as/orked

🔗 https://github.com/irfanhakim-as/orked/pull/41

How to Install and Configure #HAProxy on Oracle Linux #VPS Servers

This article provides a guide for how to install and configure HAProxy on Oracle Linux VPS servers.
What is HAProxy?
HAProxy (High Availability Proxy) is an open-source software widely used for load balancing, proxying, and high availability in modern IT infrastructure. It is especially popular in web hosting, cloud platforms, and ...
Continued 👉 https://blog.radwebhosting.com/how-to-install-and-configure-haproxy-on-oracle-linux-vps-servers/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #loadbalancing #reverseproxy #oraclelinux #loadbalancer

How to Install and Configure #HAProxy on Oracle Linux #VPS Servers

This article provides a guide for how to install and configure HAProxy on Oracle Linux VPS servers.
What is HAProxy?
HAProxy (High Availability Proxy) is an open-source software widely used for load balancing, proxying, and high availability in modern IT infrastructure. It is especially popular in web hosting, cloud platforms, and ...
Continued 👉 https://blog.radwebhosting.com/how-to-install-and-configure-haproxy-on-oracle-linux-vps-servers/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #reverseproxy #loadbalancer #loadbalancing #oraclelinux

I’m curious how many of you are actively evaluating an exit strategy from #F5 #BigIP, now that it’s clear these appliances have been #compromised to a degree that makes long-term trust questionable. Are you already testing replacements, or at least mapping out contingency plans? And if so, which platforms are emerging as viable alternatives?

From what I’m seeing, teams are weighing several directions — anything from #HAProxy, #NGINX/#OpenResty, or Envoy-based solutions, to #cloudnative forms and #opensource service meshes. None is a drop-in replacement, but each represents a different set of tradeoffs depending on how much control, transparency, and verifiability you want going forward.
#loadbalancer #security #cybersecurity

one of the main problem in transition to #IPv6 only is people running their #mailserver on #IPv4 .

could #NAT64 my own #mail servers pretty easy, but inbound #smtp is the only #protocol I found no way to run multiple servers behind e.g. #haproxy .

All the web stuff could be easy run behind 1 IPv4 and haproxy.

Looks like there is no working solution for multiple smtp port 25 behind a #reversed #proxy

⚠️ CVE-2025-11230: HIGH severity flaw in HAProxy Community Edition (2.4.0–3.2.0) lets remote attackers cause DoS via crafted JSON. Monitor for patches, rate-limit, and filter JSON traffic. More: https://radar.offseq.com/threat/cve-2025-11230-cwe-407-inefficient-algorithmic-com-994b4ebb #OffSeq #HAProxy #Vuln #DoS

Scaling AI Interactions: How to Load Balance Streamable MCP

The Model Context Protocol (MCP) is evolving. With the recent adoption of Streamable HTTP in early 2025, the…
#NewsBeep #News #Headlines #haproxy #Latvia #LV #post-contributed
https://www.newsbeep.com/256664/

Just published a deep dive on hardening WordPress using a full defense-in-depth stack:

🔐 Wordfence + Really Simple Security
🌩️ Cloudflare WAF + Turnstile
🛡️ pfSense & HAProxy ACL enforcement
📌 Cloudflare CDN-CGI fixes
📁 Network-layer path blocking
…all working together without breaking themes, plugins, or REST API.

If you run WordPress, this is how you keep it fast and locked down in 2025.

Read here:
https://jonahmay.net/defense-in-depth-wordpress-hardening-with-wordfence-really-simple-security-cloudflare-and-pfsense-haproxy/

#WordPress #Security #Cloudflare #pfSense #HAProxy #WAF

Setting up #HAProxy on #pfSense . Unsure if it woks for #smtp #imap and other non http stuff too......

Now that #dotnet10 is RTM, I just open sourced (AGPL3) a neat #booking management backend I enjoyed building with it in my spare time. The REST API is AOT-compiled to an Alpine image, with #Postgres in the back and #HAProxy/LetsEncrypt up front for hassle-free GDPR -friendly #selfhosting.
Source: https://github.com/klinkby/booqr
Demo: https://www.booqr.dk/

Finally making progress on my #KeyHelp, #HAproxy, VPN, reverse proxy, #Anubis, #CrowdSec web host.

Until now I've only used CrowdSec, with rather aggressive User-Agent rules (blocking all the dark visitors).
Finally managed to get HAproxy to subrequest auth against Anubis working.
Last thing remaining: automated SSL certs.

I have decided to disallow all #LLM #AI crawlers on my sites using #haproxy and this list: https://robotstxt.com/ai

Below is how you configure this:

frontend www-https
bind :::80 v4v6
bind :::443 v4v6 ssl crt /etc/ssl/haproxy/

acl is_robots_txt path /robots.txt
use_backend robotstxt if is_robots_txt

backend robotstxt
mode http
http-request return status 200 content-type "text/plain" file "/etc/haproxy/robots.txt" hdr "cache-control" "no-cache"

@randahl @saarmuller For now, most of these LLM search engine / crawlers adhere to robots.txt

Meaning, blocking these activities of stealing traffic and content is largely solved by a well crafted robots.txt file:

https://robotstxt.com/ai

You can easily setup a proxy like #haproxy to always serve a particular static robots.txt for all your domains in one go.

Additionally, with or without enterprise features, you can block all LLM traffic entirely in haproxy.

https://www.haproxy.com/blog/how-to-reliably-block-ai-crawlers-using-haproxy-enterprise

#llm

How to Install and Configure #HAProxy on Oracle Linux #VPS Servers

This article provides a guide for how to install and configure HAProxy on Oracle Linux VPS servers.
What is HAProxy?
HAProxy (High Availability Proxy) is an open-source software widely used for load balancing, proxying, and high availability in modern IT infrastructure. It is especially popular in web hosting, cloud platforms, and ...
Continued 👉 https://blog.radwebhosting.com/how-to-install-and-configure-haproxy-on-oracle-linux-vps-servers/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #loadbalancing #loadbalancer #reverseproxy #oraclelinux