Contributor(s): Alexander Gillis

HAProxy (High Availability Proxy), developed by HAProxy Technologies LLC, is an open source load balancer proxy for TCP and HTTP applications. Users can utilize HAProxy to improve the performance of servers by distributing their workloads. Performance improvements include minimized response times and increased throughput. HAProxy is used in high traffic services such as GitHub and Twitter.  

Content Continues Below

Load balancers can be used to distribute workloads across computers, networks, disk drives or CPU’s. HAProxy, included in many distributions of Linux, is one of the leading standards in open source load balancers.

Though HAProxy is open source, a commercial option is available through HAProxy Technologies, called HAProxy Enterprise. HAProxy Enterprise includes additional tools and support to enterprise organizations.

HAProxy load balancing


HAP proxy features include services such as:

  • Layer 4 and 7 load balancing (TCP and HTTP respectively).
  • Content switching and inspection.
  • A transparent proxy.
  • Log analyzers.
  • CLI for server management.
  • HTTP authentication.
  • Multi-threaded performance.
  • URL rewriting.
  • Health checking.

The content switching feature will allow users to select server pools on request. Additionally, setting up a transparent proxy will allow users to connect to a server directly with a client IP address. Content inspections will allow users to block any unexpected protocols. Users can request log analyzers to view a generated report from logs. The CLI will allow users to make changes such as turning on or off a server. HAProxy is also scalable to connect to thousands of back-ends.


HAProxy is considered to be secure by its users, having very few vulnerabilities. Any bugs are hard to execute reliably, making workarounds easier. HAProxy can also be used in areas to make other systems more secure. For example, docker .sock (the Unix socket which allows users to run Docker inside of a container), contains a large security risk of allowing anyone who hacks into a docker .sock container to gain access to all the information available in both Docker, and the underlying system. HAProxy can then be configured to listen, allow specified endpoints and remove access to docker.sock.

This was last updated in January 2019

Continue Reading About HAProxy

Dig Deeper on Network services

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

What features do you want to utilize in HAProxy?


File Extensions and File Formats

Powered by: