Nemesida WAF Release Notes 2024 | Nemesida WAF

Nemesida WAF Release Notes 2024

A list of updates of Nemesida WAF modules for 2024 Information about installing, updating and diagnosing the software is available in the manual.

22.11.2024

Dynamic module 5.1.4164 (nwaf-dyn)
Dynamic module:

  • Cumulative package of updates and improvements.

Nemesida AI MLA:

  • Improved the mechanism of monitoring the use of hardware resources.
Nemesida AI MLC 6.1.1538 (nwaf-mlc)
  • Improved the mechanism for analyzing the activity of parasitic bots;
  • Other fixes and improvements.

When certain types of events are detected, Nemesida AI MLC transmits the IP address and type of the detected event (for example, DDoS/Brute-force, etc.) to the service API (nemesida-security.com) to improve threat analysis.

11.11.2024

Dynamic module 5.1.4135 (nwaf-dyn)
Dynamic module:

  • Correcting the request processing with Content-type: multipart/form-data header;
  • Extended logging of interaction with the ClamAV and ICAP interfaces;
  • Extended the list of header Content-type values for the option nwaf_body_bin_exclude (deactivation of the analysis of the binary content of the BODY zone by the signature method, as well as sending the contents of the zone to the Nemesida AI MLA and Nemesida AI MLC modules);
  • Other fixes and improvements.
Nemesida AI MLC 6.1.1515 (nwaf-mlc)
Other fixes and improvements.

31.10.2024

Nemesida WAF API 3.0.729 (nwaf-api)
  • Fixes related with attack statistics output;
  • Added functionality to manage the result of the machine learning module and fine-tuning behavioral models through API calls;
  • Added automatic rotation of component log files.

21.10.2024

Dynamic module 5.1.4103 (nwaf-dyn)
Dynamic module:

  • Extended the list of header Content-type values for the option nwaf_body_bin_exclude (deactivation of the analysis of the binary content of the BODY zone by the signature method, as well as sending the contents of the zone to the Nemesida AI MLA and Nemesida AI MLC modules).

Nemesida AI MLA:

  • Minor changes related to the processing of the request data.
Nemesida AI MLC 6.1.1509 (nwaf-mlc)
Minor changes related to the processing of the request data.

17.10.2024

Nemesida WAF API 3.0.715 (nwaf-api)
Extended the receiving information about attacks functionality.
Nemesida WAF Cabinet 3.1.597 (nwaf-cabinet)
Other fixes and improvements.

07.10.2024

Dynamic module 5.1.4096 (nwaf-dyn)
Dynamic module:

  • Added support for Nginx Mainline 1.27.2;
  • Fixed the processing of duplicate virtual host values in the option nwaf_host_lm (activation of the monitoring mode for analyzing requests for a virtual host), received from the Nemesida WAF API.
Dynamic module Angie 5.1.4096 (nwaf-angie)
Dynamic module:

  • Fixed the processing of duplicate virtual host values in the option nwaf_host_lm (activation of the monitoring mode for analyzing requests for a virtual host), received from the Nemesida WAF API.

01.10.2024

Dynamic module 5.1.4090 (nwaf-dyn)
Dynamic module:

  • Fixes related to RabbitMQ settings for receiving big data.

Nemesida AI MLA:

  • Minor corrections related to the normalization of request data.
Nemesida AI MLC 6.1.1491 (nwaf-mlc)
  • Fixes related to RabbitMQ settings for receiving big data;
  • Minor corrections related to the normalization of request data.

27.09.2024

Dynamic module 5.1.4085 (nwaf-dyn)
Dynamic module:

  • Fixed the operation of the option nwaf_limit (the condition for automatically blocking an IP address).
Nemesida WAF API 3.0.703 (nwaf-api)
Fixed validation of the filtering node settings.

25.09.2024

After updating, the number of false positives may increase for some of the contents of the BODY zone. In this case, you must either export requests in the behavioral model settings section through your Nemesida WAF Cabinet, or retrain behavioral models.

Dynamic module 5.1.4079 (nwaf-dyn)
Dynamic module:

  • Fixed working with single IPv6 addresses when creating a list of blocked IP addresses;
  • Other fixes and improvements.

Nemesida AI MLA:

  • Improved the request decoding mechanism.
Nemesida AI MLC 6.1.1488 (nwaf-mlc)
  • Improved the request decoding mechanism.

27.08.2024

Nemesida WAF Cabinet 3.1.552 (nwaf-cabinet)
  • Fixes related to the processing of the Other_headers field in the extended request blocking rules;
  • Other fixes and improvements.

26.08.2024

Dynamic module 5.1.3905 (nwaf-dyn)
Dynamic module:

  • Improved the RAM usage controlling mechanism.
Nemesida WAF API 3.0.695 (nwaf-api)
Extended the functionality of validating the parameters of the filter node settings.

15.08.2024

Dynamic module 5.1.3866 (nwaf-dyn)
Dynamic module:

  • Added support for Nginx 1.26.2 Stable and Nginx 1.27.1 Mainline.

02.08.2024

Nemesida WAF Cabinet 3.1.544 (nwaf-cabinet)
  • Optimizing the use of server resources when loading a summary page;
  • Fixes related to obtaining GeoIP data about IP address;
  • Other fixes and improvements.

26.07.2024

Nemesida WAF API 3.0.691 (nwaf-api)
Minor fixes and improvements.

16.07.2024

Nemesida WAF Cabinet 3.1.535 (nwaf-cabinet)
Fixes related to setting conditions for automatic request blocking.

11.07.2024

Nemesida AI MLC 6.1.1467 (nwaf-mlc)
  • The functionality of detecting DDoS attacks has been expanded by defining attacks such as web scraping;
  • Other fixes and improvements.
Dynamic module 5.1.3796 (nwaf-dyn)
Dynamic module:

  • Reduced server RAM usage;
  • Other fixes and improvements.

Nemesida AI MLA:

  • Other fixes and improvements.

02.07.2024

Nemesida WAF API 3.0.686 (nwaf-api)
  • An improved mechanism for managing behavioral models has been added;
  • Other fixes and improvements.

25.06.2024

Changing the Python version for Nemesida WAF components

Starting from 25.06.2024, all released components of Nemesida WAF for the distribution Ubuntu 20.04 will use Python 3.9 version instead of Python 3.8.

Nemesida WAF API 3.0.671 (nwaf-api)
Updated versions of Python pip dependencies.

21.06.2024

Nemesida WAF Cabinet 3.1.522 (nwaf-cabinet)
Minor fixes related to the use of a list of blocked IP addresses.

19.06.2024

Adding support for Nemesida WAF components for Red Hat Enterprise Linux

Added support for Nemesida WAF components for Red Hat Enterprise Linux 8 and Red Hat Enterprise Linux 9, as well as derived distributions based on them.

End of Nemesida WAF component support for Centos 7

Nemesda WAF is discontinuing the release of components for CentOS 7 due to the end of distribution support.

14.06.2024

Nemesida AI MLC 6.1.1451 (nwaf-mlc)
  • The mechanism of interaction with the new version of Nemesida WAF API has been adapted;
  • The functionality of configuring the module for detecting attacks by brute force and flood has been expanded;
  • Other fixes and improvements.

For the component to work correctly, you must update the Nemesida WAF API before updating the component.

Nemesida WAF API 3.0.667 (nwaf-api)
  • An improved mechanism for managing the settings of Nemesida WAF has been added;
  • Fixed normalization of national domains used when configuring Nemesida WAF components;
  • Other fixes and improvements.

31.05.2024

End of Nemesida WAF component support for Centos 8 Stream

Nemesda WAF is discontinuing the release of components for CentOS 8 Stream due to the end of distribution support.

Nemesida WAF Cabinet 3.1.518 (nwaf-cabinet)
  • Added the ability to exclude IP addresses from Bruteforce/Flood analysis;
  • Fixed an error that occurs when adding a duplicate user;
  • Added support for request blocking conditions based on the presence of an address in Tor/Proxy/VPN lists in the extended request blocking rules (ERL);
  • Other fixes and improvements.

30.05.2024

Dynamic module 5.1.3650 (nwaf-dyn)
Dynamic module:

  • Added support for Nginx 1.26.1 Stable, Nginx 1.27.0 Mainline and Nginx Plus R32.

Nemesida AI MLA:

  • Minor fixes.

17.05.2024

Dynamic module 5.1.3544 (nwaf-dyn)
Dynamic module:

  • Added support for Nginx 1.25.5 Mainline;
  • Added support for request blocking conditions based on the presence of an address in Tor/Proxy/VPN lists in the extended request blocking rules (ERL);
  • Reduced the count of false positives when decoding data in Base64;
  • Other fixes and improvements.

Nemesida AI MLA:

  • Added support for downloading Tor/Proxy/VPN lists from the GeoIP server;
  • Fixes related to data decoding in Base64;
  • Other minor fixes.
Nemesida WAF API 3.0.586 (nwaf-api)
  • Added support for brute__wl_ip options for Nemesida AI MLC;
  • Added support for the block_tor and block_proxy options for extended request blocking rules (ERL);
  • Fixes related to wildcard domain validation;
  • Fixes related to the processing of the http2 parameter when managing Nginx settings via the Nemesida WAF API.
Nemesida AI MLC 6.1.1429 (nwaf-mlc)
  • Added the ability to exclude IP addresses from Bruteforce/Flood analysis;
  • Improvements related to request processing in detecting DDoS L7 and Bruteforce attacks;
  • Minor fixes related to file upload and processing;
  • Fixes related to the transmission of anomalies detected by the machine learning module to the Nemesida WAF API;
  • Fixes related to data decoding in Base64;
  • Other minor fixes.

24.04.2024

Addition to the release: Dynamic module 5.1.3229

Added support for Nginx 1.26.0 Stable due to its release.

22.04.2024

Nemesida WAF Scanner 7.0.251 (nwaf-scanner)
Minor fixes related to the processing of the PID file.
Nemesida WAF API 3.0.566 (nwaf-api)
Fixes related to obtaining specifications created by Nemesida AI MLC when accessing
/nw-api/get_openapi_schema_paths.

17.04.2024

Nemesida WAF Scanner 7.0.249 (nwaf-scanner)
Fixes related to the logging and configuration file processing system.
Nemesida WAF API 3.0.561 (nwaf-api)
Added a check that forbids the simultaneous use of the readOnly and writeOnly parameters with the value true in the OpenAPI specification.

12.04.2024

Dynamic module 5.1.3229 (nwaf-dyn)
Dynamic module:

  • Added compatibility with the satisfy any web-server option.
Nemesida WAF Scanner 7.0.243 (nwaf-scanner)
Minor fixes related to running the module in recheck mode.

29.03.2024

Dynamic module 5.1.3202 (nwaf-dyn)
Dynamic module:

  • Minor fixes and improvements.

Nemesida AI MLA:

  • Fixes related to the Nemesida API Firewall;
  • Other minor improvements.

26.03.2024

Nemesida WAF Cabinet 3.1.475 (nwaf-cabinet)
  • Minor fixes related to DBMS interaction;
  • Fixes related to the display of an extended description of the reason for blocking the request by the Nemesida API Firewall module with an empty value.
Nemesida AI MLC 6.1.1390 (nwaf-mlc)
  • Improved the mechanism of interaction with RabbitMQ;
  • Improved the mechanism of processing GeoCC data.
Nemesida WAF API 3.0.556 (nwaf-api)
Minor fixes related to the database structure and changes in the pandas library.

07.03.2024

Dynamic module 5.1.3155 (nwaf-dyn)
Dynamic module:

  • Removed support for the mechanism for unlocking an IP address using a captcha (Captcha v1);
  • The mechanism for unlocking an IP address using a captcha (Captcha v2) is outdated and is not recommended for further use;
  • Added support for a new mechanism for unlocking IP addresses using captcha (Captcha v3);
  • Added support for the ICAP protocol for interacting with antivirus solutions;
  • Other fixes and improvements.

05.03.2024

End of Docker сontainer support: nwaf-web and nwaf-web-pg

Due to the end of support for Docker containers nwaf-web/nwaf-web-pg (Nemesida WAF API, Nemesida WAF Cabinet, PostgreSQL), the release of updates for them is discontinued. It is recommended to perform migration of components to new containers according to the instructions.

01.03.2024

Nemesida WAF Cabinet 3.1.469 (nwaf-cabinet)
Fixes related to the use of python libraries and interaction with the database.
Nemesida WAF API 3.0.550 (nwaf-api)
  • Fixes related to database interaction;
  • Other minor improvements.
Dynamic module 5.1.3139 (nwaf-dyn)
Nemesida AI MLA:

  • Fixes related to functionality changes in the python library netaddr;
  • Fixes related to the operation of the API Firewall;
  • Added blocking of requests during analysis by the API Firewall module if the request body is sent in JSON format with duplicate keys..
Nemesida AI MLC 6.1.1353 (nwaf-mlc)
  • Fixes related to sending requests with detected anomalies in the Nemesida WAF API;
  • Fixes related to functionality changes in the python library netaddr;
  • Other fixes and improvements.

29.02.2024

End of component support for Debian 10

Due to the end of support for Python 3.7 (security updates and bug fixes in Python or pip), the release of component updates for the distribution Debian 10 is discontinued. To prevent incorrect interaction of the Nemesida WAF components, we recommend updating the component servers to the distribution versions with the current version of Python. You can check the version status of Python here.

22.02.2024

Nemesida WAF Cabinet 3.1.465 (nwaf-cabinet)
  • Fixed incorrect display of parameter values in the Nemesida WAF settings section;
  • Added support for an extended description of the reason for blocking the request by the Nemesida API Firewall module;
  • Added the ability to delete all entries in the behavioral model settings section;
  • Other fixes and improvements.
Nemesida WAF API 3.0.531 (nwaf-api)
  • Minor fixes related to the functionality of configuring behavioral models;
  • Fixes related to functionality changes in the python library netaddr.

16.02.2024

The update is only available for the package nwaf-dyn-1.25.X.

Dynamic module 5.1.2996 (nwaf-dyn)
Dynamic module:

  • Added support for Nginx 1.25.4 Mainline and Nginx Plus R31.
Nemesida WAF Scanner 7.0.239 (nwaf-scanner)
Minor fixes related to the processing of the configuration file.