[jdub]

HAProxy is a TCP/HTTP load balancer, so the entire perspective of the software (from configuration to feature emphasis) stems from that.

Squid is a caching HTTP proxy, which began with forward proxying but also supports reverse proxying. I wouldn't regard it as relevant to modern, dynamic architectures as HAProxy or Varnish (another caching-focused project).

There's no real difference in open source purity between any of these projects, unless you dislike the stewardship of a company. HAProxy has existed for a long time without such stewardship (as has Varnish). Indeed, Squid's lack of commercial backing might be a hint as to its current relevance.

[A010]

Varnish is a good HTTP caching server, but with the rise of HTTPS and soon HTTP/2 I'm not sure it'll change since last time I heard its developers don't intend to support TLS at all.

[poooogles]

I disagree, Poul-Henning Kamp's HTTPS/HTTP2 rant is well known, but he's not going to abandon the project. He has steered it to follow the unix ideals of doing one thing well. They (varnish) forked stud and bought it up to date as hitch [1] which covers TLS. At some point they will incorporate HTTP2 once the demand is there.

https://github.com/varnish/hitch

[ZoF]

Poul-Henning Kamp's HTTPS/HTTP2 rant ->https://queue.acm.org/detail.cfm?id=2716278

[olavgg]

Good read about Varnish and SSL(again). https://www.varnish-cache.org/docs/trunk/phk/ssl_again.html

[jdub]

Still true, but you can use HAProxy (or Pound, or...) to terminate TLS, and pass the TCP connection through to Varnish 4.1 using the PROXY protocol (so you get the client IP).