haproxy
gatekeeper
Our great sponsors
haproxy | gatekeeper | |
---|---|---|
16 | 3 | |
4,467 | 1,200 | |
2.7% | - | |
9.9 | 0.0 | |
1 day ago | about 1 month ago | |
C | C | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
haproxy
-
HAProxy is not affected by the HTTP/2 Rapid Reset Attack (CVE-2023-44487)
I wanted to try it out just now but hit a roadblock immediately - it cannot automatically obtain and maintain TLS certificates. You have to use an external client (e.g. acme.sh), set up a cron to check/renew them, and poke HAProxy to reload them if necessary. I'm way past doing this in 2023.
https://www.haproxy.com/blog/haproxy-and-let-s-encrypt
https://github.com/haproxy/haproxy/issues/1864
-
Why Haproxy is not build with PROMEX by default (Linux / BSD)
For context I think this might be useful: https://github.com/haproxy/haproxy/blob/master/addons/promex/README
-
minexmr2.com updated to p2pool v3.1, monerod v0.18.2.0, and ready for Mar 18 p2pool (not monero) hardfork
I turn on 1 relatively cheap cloud server to process DNS, https and stratum connections and route them via haproxy to one of N miner servers described above.
-
HAProxy Security Update (CVE-2023-25725) - HTTP content smuggling attack
Full technical writeup here: https://github.com/haproxy/haproxy/commit/a8598a2eb11b6c989e81f0dbf10be361782e8d32
- Request smuggling in HAProxy via empty header name
- Enormous session rate
- Update to haproxy 2.4.18 breaks WebDAV
-
HAProxy 2.7
With the recent discussions about memory safe languages, HAProxy is still surprisingly written in C [0].
[0]: https://github.com/haproxy/haproxy
-
35M Hot Dogs: Benchmarking Caddy vs. Nginx
It does not, because HAProxy does not perform any disk access at runtime and thus would be unable to persist the certificates anywhere. Disks accesses can be unpredictably slow and would block the entire thread which is not something you want when handling hundreds of thousands of requests per second.
See this issue and especially the comment from Lukas Tribus: https://github.com/haproxy/haproxy/issues/1864
Disclosure: Community contributor to HAProxy, I help maintain HAProxy's issue tracker.
-
Guide to Adapting HAProxy to openGauss
Code link: https://github.com/haproxy/haproxy
gatekeeper
-
opensource ddos protection appliance
Has anyone implemented https://github.com/AltraMayor/gatekeeper ? If yes what was your experiences?
- Ask HN: How to Compete with Cloudflare
- Gatekeeper – the first open source DoS protection system
What are some alternatives?
zstd - Zstandard - Fast real-time compression algorithm
dperf - dperf is a 100Gbps network load tester.
ClickHouse - ClickHouse® is a free analytics DBMS for big data
epiphany - A pre-DDoS security assessment tool
3proxy - 3proxy - tiny free proxy server
Nginx-Lua-Anti-DDoS - A Anti-DDoS script to protect Nginx web servers using Lua with a HTML Javascript based authentication puzzle inspired by Cloudflare I am under attack mode an Anti-DDoS authentication page protect yourself from every attack type All Layer 7 Attacks Mitigating Historic Attacks DoS DoS Implications DDoS All Brute Force Attacks Zero day exploits Social Engineering Rainbow Tables Password Cracking Tools Password Lists Dictionary Attacks Time Delay Any Hosting Provider Any CMS or Custom Website Unlimited Attempt Frequency Search Attacks HTTP Basic Authentication HTTP Digest Authentication HTML Form Based Authentication Mask Attacks Rule-Based Search Attacks Combinator Attacks Botnet Attacks Unauthorized IPs IP Whitelisting Bruter THC Hydra John the Ripper Brutus Ophcrack unauthorized logins Injection Broken Authentication and Session Management Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Security Misconfiguration Cross-Site Scripting (XSS) Insecure Deserializati
Caddy - Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
PoW-Shield - Project dedicated to fight Layer 7 DDoS with proof of work, with an additional WAF and controller. Completed with full set of features and containerized for rapid and lightweight deployment.
Jool - SIIT and NAT64 for Linux
j0lt - DNS amplification DDOS attack tool.
brotli - Brotli compression format
trex-core - trex-core site