No more typing reviews! Try our Samantha, our new voice AI agent.

AWS Shield vs HAProxy comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cloudflare
Sponsored
Ranking in Distributed Denial-of-Service (DDoS) Protection
2nd
Average Rating
8.6
Reviews Sentiment
7.0
Number of Reviews
79
Ranking in other categories
CDN (1st), WAN Optimization (4th), Web Application Firewall (WAF) (10th), Managed DNS (1st), Domain Name System (DNS) Security (5th), Cloud Security Posture Management (CSPM) (15th)
AWS Shield
Ranking in Distributed Denial-of-Service (DDoS) Protection
5th
Average Rating
8.6
Reviews Sentiment
6.8
Number of Reviews
11
Ranking in other categories
No ranking in other categories
HAProxy
Ranking in Distributed Denial-of-Service (DDoS) Protection
7th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
48
Ranking in other categories
Application Delivery Controllers (ADC) (2nd), Web Application Firewall (WAF) (14th), Bot Management (6th), Service Mesh (3rd)
 

Mindshare comparison

As of July 2026, in the Distributed Denial-of-Service (DDoS) Protection category, the mindshare of Cloudflare is 12.9%, down from 19.1% compared to the previous year. The mindshare of AWS Shield is 2.9%, down from 6.3% compared to the previous year. The mindshare of HAProxy is 1.5%, up from 1.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Distributed Denial-of-Service (DDoS) Protection Mindshare Distribution
ProductMindshare (%)
Cloudflare12.9%
AWS Shield2.9%
HAProxy1.5%
Other82.7%
Distributed Denial-of-Service (DDoS) Protection
 

Featured Reviews

M.A. Faisal - PeerSpot reviewer
General Manager at bKash Limited
Advanced protection has secured critical web workloads and provides clear traffic visibility
From a security perspective, there remains a security loophole, as some browsers in the market can bypass the Turnstile solution, which requires approximately 40 seconds to do so. From a performance perspective, this is acceptable. We also tried Google reCAPTCHA, and that can also be bypassed. From a security perspective, I would say neither solution is completely secured. Regarding uptime, we have faced a couple of incidents due to Cloudflare in recent years, so I cannot say we receive 100% uptime for our region. We sometimes face challenges, including downtime and other issues. As a result, we are not receiving 100% uptime from Cloudflare's solution. Since most of our customers are in this region, we need alternatives. We need something more competitive than Cloudflare. Unfortunately, in Bangladesh, Cloudflare has three points of presence already, and we cannot find any other solution provider in Bangladesh as an alternative, which presents another challenge. Competitor solutions have more attack signatures, which ensure better security compared to Cloudflare's predefined configurations. Customers do not have options to modify any configuration parameters in Cloudflare, whereas other competitor solutions, such as F5 Distributed Cloud, allow customers to tune configurations according to their requirements. Cloudflare could improve in this area. Additionally, regarding visibility, Cloudflare has static visibility, but they could adopt dynamic graph features for their customers.
Pranav Telang - PeerSpot reviewer
DGM at Airtel Digital
Has enabled multi-layered threat mitigation but still lacks deeper visibility for advanced application attacks
AWS Shield has limited coverage as it only protects against common and high-volume network and transport layer attacks, such as SYN floods. It does not provide inherent protection against more sophisticated layer 7 attacks such as HTTP floods. In such cases, integration with WAF is necessary, which results in additional costs for customers. To protect layer 7, layer 4, and layer 3, customers must implement both solutions. The service also has difficulties with static detection thresholds, which may not be sensitive enough to detect smaller application-specific attacks. While AWS Shield is a key security service, AWS should enhance their expert support with 24/7 response for complex attacks, which is currently limited.
Shrinivas Devarkonda - PeerSpot reviewer
Head of DevOps at TripFactory
Handles high traffic efficiently and simplifies complex routing with rule-based logic
I think HAProxy is good as it stands now, but I believe there could be improvements. gRPC has recently been implemented, which is great, along with TLS 1.2 and 1.3 support, and HTTP 2.0 is also available. However, I'm unsure about the benchmark of those HTTP 2.0 requests on HAProxy. If there were any other protocol with better performance than HTTP 2.0, or perhaps mTLS and other similar features, including that in HAProxy would be really great. For improvements, I think that during setup and configuration, the steps provided are neat and clear. Anyone can easily install and configure it. There are many kernel tuning parameters also available, which is great. For specific improvement, in terms of logging, I think printing the full object of the request may help, or if there's a way to reference two requests, it would be beneficial to find a complete session history from a logged-in customer, as it would help analyze customer and user analytics.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of Cloudflare is that it has a free version. They give us the free version with the anti-DDoS features and also the load balancing solution."
"We're using dynamic components to build flexible pages to create and manage Git merge requests for code and reviews."
"If you don't want to spend too much time hosting your own DNS server or managing the domain, Cloudflare is a great way to rapidly get websites and services online."
"The most valuable feature of the solution is external DNS. It is also very secure. They have their own main server and once you configure it, the product takes care of everything. There are no issues in resolving IPs and low latency is also present."
"Cloudflare improves performance on my websites and is a great partner for cloud infrastructure for anyone who wants to use the security service and other features."
"Generally, I am satisfied with this product."
"The API gives us the ability to remote control our DNS settings."
"If someone is looking for a secure and optimized wrapper over an open website, I would suggest CloudFlare services."
"We have integrated the tool with Active Directory. The most important feature is that it's transparent and doesn't degrade the performance of our solution. Additionally, it's easy to configure, which is crucial for us. It's easy to use and set up and stops attacks on our servers. We haven't encountered any attack problems because the solution stops them in real-time. AWS Shield specifically focuses on defending against denial-of-service attacks, making it a great solution for that type of threat."
"The solution operates smoothly at its baseline level, and we do not encounter any issues at that level."
"It is quite scalable, and we have not faced any issues with its scalability."
"The product has a good mechanism to analyze trends and trigger events."
"The solution's ease of use is the most valuable feature."
"It is integrated with AWS. So, it gives you a good first step."
"I am impressed with the product's multiple features like security."
"AWS Shield offers numerous protection features that are crucial at the application layer, safeguarding users from distributed denial of service attacks, man-in-the-middle assaults, and hacker orchestrations."
"It improves our scalability and responsiveness services to meet our demanding customer requirements."
"HAProxy has positively impacted my organization because all of my applications are now centralized in one point, so I can manage it from my load balancer machine."
"HAProxy potentially has a good return on investment."
"It is fast, flexible, and rock solid."
"Very good value for the money. One of the simplest licensing schemes in this category of products."
"The most valuable feature of HAProxy is that its open source."
"Scalable and inexpensive."
"Tech support is super-quick to respond, and always on target with answers specific to the current issue."
 

Cons

"It would be good if Cloudflare could have more servers for better traffic routing or an increase in the traffic routed. This is what I'd like to improve in Cloudflare."
"Honestly the product has not really improved the way of my organisation."
"The one feature that is paid is the custom nameservers instead of using the default ones, I want to use a custom one."
"The solution could be more user-friendly."
"Support response time could be improved."
"There are some issues with the CDN services."
"Regarding uptime, we have faced a couple of incidents due to Cloudflare in recent years, so I cannot say we receive 100% uptime for our region."
"I would like Cloudflare to offer a dedicated account manager for large enterprise clients like us."
"AWS Shield Standard requires improvement, particularly regarding its dashboard since it currently provides limited coverage against comprehensive DDoS attacks."
"There is an area for improvement regarding health checks. AWS Shield does not come with its own health check functionality."
"The product should give users more flexibility to customize their security policies according to their requirements."
"The product needs to improve its logs and reports to make it read better."
"The management of it is a bit hard. If you don't engineer it on the front side, it is hard to go back in and change it."
"The time taken to detect anomalies must be reduced."
"The management of it is a bit hard. If you don't engineer it on the front side, it is hard to go back in and change it. It could be improved in terms of architecture requirements and then ongoing support requirements as a secondary component to it. People tend to set up things like this, and they just expect it to work without the care and feeding that needs to go back into it either from an application team or a network environment team."
"Perhaps the time required to detect anomalies can be reduced. Presently, it takes some time to determine whether a situation is normal or abnormal."
"There is room for improvement in the pricing model. It could be cheaper."
"We've changed solutions as it doesn't fit with our current needs."
"Full layer 7 SSL termination is limited to a single core, which is a problem."
"The configuration should be more friendly, perhaps with a Web interface. For example, I work with the ClusterControl product for Severalnines, and we have a Web interface to deploy the HAProxy load-balancer."
"Maybe HAProxy could be more modular."
"The logging functionality could use improvement, as it is a little cryptic."
"Dynamic update API. More things should be possible to be configured during runtime."
"HAProxy could do with some good combination integrations."
 

Pricing and Cost Advice

"When you compare Cloudflare DNS to other solutions, such as Akamai, the price is reasonable."
"So far I use free tier and happy with it. You can subscribe to business package if needed."
"The price is reasonable."
"That is one of the great features. I was able to access the majority of the features and services for free."
"The pricing depends on the usage, but the cheapest would be around 5,000 USD a month."
"Cloudflare's pricing is not much higher and is good for middle-level organizations."
"It's a premium model. You can start at zero and work your way up to the enterprise model, which has a very high pricing level."
"The pricing for the service is reasonable, neither excessively cheap nor prohibitively expensive. It aligns well with the value of their solution."
"We pay $3000 per month for the solution."
"The cost depends on traffic each month, so on average, it costs us between US$200 and US$300 per month."
"The tool's pricing is good."
"It depends on your subscription level and the volume that you're spending with AWS. So, it is very relative to the consumption alignment in your subscription level. It is a well-constructed, scalable pricing option, but it is relative to how much you're spending on AWS. Because the more you spend, typically, the more you get off on services like this. I find it to be comparable to other solutions."
"The tool is cheap."
"We use NGINX as well. However, because the health checks are a paid feature, I like to avoid it whenever possible​."
"When it comes to pricing HAProxy is free."
"The tool is open-source."
"HAProxy is an open-source solution."
"We are using HAProxy as an open-source."
"The price is well worth it. HAProxy Enterprise Edition paid for itself within months, simply due to the resiliency it brings. It was a bit more expensive than we were originally interested in paying, but we are thankful we chose to go with HAProxy."
"I think that the pricing is very fair, I would definitely recommend buying the Enterprise license."
"I use the open-source version of the product. I don't have experience with the licensed version of the solution."
report
Use our free recommendation engine to learn which Distributed Denial-of-Service (DDoS) Protection solutions are best for your needs.
902,894 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
10%
Comms Service Provider
10%
Manufacturing Company
8%
Computer Software Company
8%
Comms Service Provider
16%
Computer Software Company
9%
Financial Services Firm
8%
Manufacturing Company
7%
Computer Software Company
11%
Financial Services Firm
10%
Comms Service Provider
10%
Manufacturing Company
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise11
Large Enterprise26
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise1
Large Enterprise7
By reviewers
Company SizeCount
Small Business18
Midsize Enterprise15
Large Enterprise16
 

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
Cloudflare. We are moving from Akamai prolexic to Cloudflare. Cloudflare anycast network outperforms Akamai static GR...
Which would you choose - Cloudflare DNS or Quad9?
Cloudflare DNS is a very fast, very reliable public DNS resolver. It is an enterprise-grade authoritative DNS service...
What is your experience regarding pricing and costs for Cloudflare DNS?
The pricing, setup cost, and licensing for Cloudflare are a bit on the higher side overall.
What is your experience regarding pricing and costs for AWS Shield?
The pricing structure for AWS Shield is fair, yet it depends on the specific protections chosen. Enabling Shield Adva...
What needs improvement with AWS Shield?
Services always benefit from improvements, including AWS Shield. With respect to the Web Application Firewall, curren...
What is your primary use case for AWS Shield?
What do you use it for? How do you use it?
Do you recommend HAProxy?
I do recommend HAProxy for more simple applications or for companies with a low budget, since HAProxy is a free, open...
What is your experience regarding pricing and costs for HAProxy?
Since we used the open-source version, we were not concerned about pricing, setup cost, or licensing.
What needs improvement with HAProxy?
HAProxy already provides many of the features that other solutions in the market are providing, such as Nginx, so I d...
 

Comparisons

 

Also Known As

Cloudflare DNS
No data available
HAProxy Community Edition, HAProxy Enterprise Edition, HAPEE
 

Overview

 

Sample Customers

Trusted by over 9,000,000 Internet Applications and APIs, including Nasdaq, Zendesk, Crunchbase, Steve Madden, OkCupid, Cisco, Quizlet, Discord and more.
netflix, dow jones, mapbox, pearson, rovio, youview, moviestar planet, asurion, payplug, hour of code
Booking.com, GitHub, Reddit, StackOverflow, Tumblr, Vimeo, Yelp
Find out what your peers are saying about AWS Shield vs. HAProxy and other solutions. Updated: June 2026.
902,894 professionals have used our research since 2012.