A list of updates of Nemesida WAF modules for 2024 Information about installing, updating and diagnosing the software is available in the manual.
02.12.2024
27.11.2024
Addition to the release: Dynamic module 5.1.4164
Added support for
Nginx 1.27.3 Mainline
andNginx Plus R33
due to its release.
End of support for the Dynamic module component for deprecated versions of the Nginx web server.
Discontinued release the Dynamic module component for all versions of the Nginx web server older than
1.22.1
.
22.11.2024
- Cumulative package of updates and improvements.
Nemesida AI MLA:
- Improved the mechanism of monitoring the use of hardware resources.
- Improved the mechanism for analyzing the activity of parasitic bots;
- Other fixes and improvements.
When certain types of events are detected, Nemesida AI MLC transmits the IP address of the event source and its type (for example, DDoS/Brute-force, etc.) to the service API (nemesida-security.com) to improve threat analysis.
11.11.2024
- Correcting the request processing with
Content-type: multipart/form-data
header; - Extended logging of interaction with the
ClamAV
andICAP
interfaces; - Extended the list of header
Content-type
values for the optionnwaf_body_bin_exclude
(deactivation of the analysis of the binary content of the BODY zone by the signature method, as well as sending the contents of the zone to the Nemesida AI MLA and Nemesida AI MLC modules); - Other fixes and improvements.
31.10.2024
- Fixes related with attack statistics output;
- Added functionality to manage the result of the machine learning module and fine-tuning behavioral models through API calls;
- Added automatic rotation of component log files.
21.10.2024
- Extended the list of header
Content-type
values for the optionnwaf_body_bin_exclude
(deactivation of the analysis of the binary content of the BODY zone by the signature method, as well as sending the contents of the zone to the Nemesida AI MLA and Nemesida AI MLC modules).
Nemesida AI MLA:
- Minor changes related to the processing of the request data.
17.10.2024
07.10.2024
- Added support for
Nginx Mainline 1.27.2
; - Fixed the processing of duplicate virtual host values in the option
nwaf_host_lm
(activation of the monitoring mode for analyzing requests for a virtual host), received from the Nemesida WAF API.
- Fixed the processing of duplicate virtual host values in the option
nwaf_host_lm
(activation of the monitoring mode for analyzing requests for a virtual host), received from the Nemesida WAF API.
01.10.2024
- Fixes related to RabbitMQ settings for receiving big data.
Nemesida AI MLA:
- Minor corrections related to the normalization of request data.
- Fixes related to RabbitMQ settings for receiving big data;
- Minor corrections related to the normalization of request data.
27.09.2024
- Fixed the operation of the option
nwaf_limit
(the condition for automatically blocking an IP address).
25.09.2024
After updating, the number of false positives may increase for some of the contents of the
BODY
zone. In this case, you must either export requests in the behavioral model settings section through your Nemesida WAF Cabinet, or retrain behavioral models.
- Fixed working with single IPv6 addresses when creating a list of blocked IP addresses;
- Other fixes and improvements.
Nemesida AI MLA:
- Improved the request decoding mechanism.
- Improved the request decoding mechanism.
27.08.2024
- Fixes related to the processing of the
Other_headers
field in the extended request blocking rules; - Other fixes and improvements.
26.08.2024
- Improved the RAM usage controlling mechanism.
15.08.2024
- Added support for
Nginx 1.26.2 Stable
andNginx 1.27.1 Mainline
.
02.08.2024
- Optimizing the use of server resources when loading a summary page;
- Fixes related to obtaining GeoIP data about IP address;
- Other fixes and improvements.
26.07.2024
16.07.2024
11.07.2024
- The functionality of detecting DDoS attacks has been expanded by defining attacks such as web scraping;
- Other fixes and improvements.
- Reduced server RAM usage;
- Other fixes and improvements.
Nemesida AI MLA:
- Other fixes and improvements.
02.07.2024
- An improved mechanism for managing behavioral models has been added;
- Other fixes and improvements.
25.06.2024
Changing the Python version for Nemesida WAF components
Starting from 25.06.2024, all released components of Nemesida WAF for the distribution
Ubuntu 20.04
will usePython 3.9
version instead ofPython 3.8
.
Python pip
dependencies.
21.06.2024
19.06.2024
Adding support for Nemesida WAF components for Red Hat Enterprise Linux
Added support for Nemesida WAF components for
Red Hat Enterprise Linux 8
andRed Hat Enterprise Linux 9
, as well as derived distributions based on them.
End of Nemesida WAF component support for Centos 7
Nemesda WAF is discontinuing the release of components for
CentOS 7
due to the end of distribution support.
14.06.2024
- The mechanism of interaction with the new version of Nemesida WAF API has been adapted;
- The functionality of configuring the module for detecting attacks by brute force and flood has been expanded;
- Other fixes and improvements.
For the component to work correctly, you must update the Nemesida WAF API before updating the component.
- An improved mechanism for managing the settings of Nemesida WAF has been added;
- Fixed normalization of national domains used when configuring Nemesida WAF components;
- Other fixes and improvements.
31.05.2024
End of Nemesida WAF component support for Centos 8 Stream
Nemesda WAF is discontinuing the release of components for
CentOS 8 Stream
due to the end of distribution support.
- Added the ability to exclude IP addresses from Bruteforce/Flood analysis;
- Fixed an error that occurs when adding a duplicate user;
- Added support for request blocking conditions based on the presence of an address in
Tor
/Proxy
/VPN
lists in the extended request blocking rules (ERL); - Other fixes and improvements.
30.05.2024
- Added support for
Nginx 1.26.1 Stable
,Nginx 1.27.0 Mainline
andNginx Plus R32
.
Nemesida AI MLA:
- Minor fixes.
17.05.2024
- Added support for
Nginx 1.25.5 Mainline
; - Added support for request blocking conditions based on the presence of an address in
Tor
/Proxy
/VPN
lists in the extended request blocking rules (ERL); - Reduced the count of false positives when decoding data in
Base64
; - Other fixes and improvements.
Nemesida AI MLA:
- Added support for downloading
Tor
/Proxy
/VPN
lists from the GeoIP server; - Fixes related to data decoding in
Base64
; - Other minor fixes.
- Added support for
brute__wl_ip
options for Nemesida AI MLC; - Added support for the
block_tor
andblock_proxy
options for extended request blocking rules (ERL); - Fixes related to wildcard domain validation;
- Fixes related to the processing of the
http2
parameter when managing Nginx settings via the Nemesida WAF API.
- Added the ability to exclude IP addresses from Bruteforce/Flood analysis;
- Improvements related to request processing in detecting DDoS L7 and Bruteforce attacks;
- Minor fixes related to file upload and processing;
- Fixes related to the transmission of anomalies detected by the machine learning module to the Nemesida WAF API;
- Fixes related to data decoding in
Base64
; - Other minor fixes.
24.04.2024
Addition to the release: Dynamic module 5.1.3229
Added support for
Nginx 1.26.0 Stable
due to its release.
22.04.2024
PID
file.
/nw-api/get_openapi_schema_paths
.
17.04.2024
readOnly
and writeOnly
parameters with the value true
in the OpenAPI
specification.
12.04.2024
- Added compatibility with the
satisfy any
web-server option.
recheck
mode.
29.03.2024
- Minor fixes and improvements.
Nemesida AI MLA:
- Fixes related to the Nemesida API Firewall;
- Other minor improvements.
26.03.2024
- Minor fixes related to DBMS interaction;
- Fixes related to the display of an extended description of the reason for blocking the request by the Nemesida API Firewall module with an empty value.
- Improved the mechanism of interaction with
RabbitMQ
; - Improved the mechanism of processing
GeoCC
data.
pandas
library.
07.03.2024
- Removed support for the mechanism for unlocking an IP address using a captcha (
Captcha v1
); - The mechanism for unlocking an IP address using a captcha (
Captcha v2
) is outdated and is not recommended for further use; - Added support for a new mechanism for unlocking IP addresses using captcha (
Captcha v3
); - Added support for the
ICAP
protocol for interacting with antivirus solutions; - Other fixes and improvements.
05.03.2024
End of Docker сontainer support: nwaf-web and nwaf-web-pg
Due to the end of support for Docker containers
nwaf-web
/nwaf-web-pg
(Nemesida WAF API, Nemesida WAF Cabinet, PostgreSQL), the release of updates for them is discontinued. It is recommended to perform migration of components to new containers according to the instructions.
01.03.2024
- Fixes related to database interaction;
- Other minor improvements.
- Fixes related to functionality changes in the python library
netaddr
; - Fixes related to the operation of the API Firewall;
- Added blocking of requests during analysis by the API Firewall module if the request body is sent in JSON format with duplicate keys..
- Fixes related to sending requests with detected anomalies in the Nemesida WAF API;
- Fixes related to functionality changes in the python library
netaddr
; - Other fixes and improvements.
29.02.2024
End of component support for Debian 10
Due to the end of support for
Python 3.7
(security updates and bug fixes inPython
orpip
), the release of component updates for the distributionDebian 10
is discontinued. To prevent incorrect interaction of the Nemesida WAF components, we recommend updating the component servers to the distribution versions with the current version ofPython
. You can check the version status ofPython
here.
22.02.2024
- Fixed incorrect display of parameter values in the Nemesida WAF settings section;
- Added support for an extended description of the reason for blocking the request by the Nemesida API Firewall module;
- Added the ability to delete all entries in the behavioral model settings section;
- Other fixes and improvements.
- Minor fixes related to the functionality of configuring behavioral models;
- Fixes related to functionality changes in the python library
netaddr
.
16.02.2024
The update is only available for the package
nwaf-dyn-1.25.X
.
- Added support for Nginx 1.25.4 Mainline and Nginx Plus R31.