Nemesida WAF Release Notes 2024 | Nemesida WAF

Nemesida WAF Release Notes 2024

A list of updates of Nemesida WAF modules for 2024 Information about installing, updating and diagnosing the software is available in the manual.

26.07.2024

Nemesida WAF API 3.0.691 (nwaf-api)
Minor fixes and improvements.

16.07.2024

Nemesida WAF Cabinet 3.1.535 (nwaf-cabinet)
Fixes related to setting conditions for automatic request blocking.

11.07.2024

Nemesida AI MLC 6.1.1467 (nwaf-mlc)
  • The functionality of detecting DDoS attacks has been expanded by defining attacks such as web scraping;
  • Other fixes and improvements.
Dynamic module 5.1.3796 (nwaf-dyn)
Dynamic module:

  • Reduced server RAM usage;
  • Other fixes and improvements.

Nemesida AI MLA:

  • Other fixes and improvements.
Dynamic module Angie 5.1.3796 (nwaf-angie)
Dynamic module:

  • Added support for Angie 1.6.0;
  • Reduced server RAM usage;
  • Other fixes and improvements.

Nemesida AI MLA:

  • Other fixes and improvements.

02.07.2024

Nemesida WAF API 3.0.686 (nwaf-api)
  • An improved mechanism for managing behavioral models has been added;
  • Other fixes and improvements.

25.06.2024

Changing the Python version for Nemesida WAF components

Starting from 25.06.2024, all released components of Nemesida WAF for the distribution Ubuntu 20.04 will use Python 3.9 version instead of Python 3.8.

Nemesida WAF API 3.0.671 (nwaf-api)
Updated versions of Python pip dependencies.

21.06.2024

Nemesida WAF Cabinet 3.1.522 (nwaf-cabinet)
Minor fixes related to the use of a list of blocked IP addresses.

19.06.2024

Adding support for Nemesida WAF components for Red Hat Enterprise Linux

Added support for Nemesida WAF components for Red Hat Enterprise Linux 8 and Red Hat Enterprise Linux 9, as well as derived distributions based on them.

End of Nemesida WAF component support for Centos 7

Nemesda WAF is discontinuing the release of components for CentOS 7 due to the end of distribution support.

14.06.2024

Nemesida AI MLC 6.1.1451 (nwaf-mlc)
  • The mechanism of interaction with the new version of Nemesida WAF API has been adapted;
  • The functionality of configuring the module for detecting attacks by brute force and flood has been expanded;
  • Other fixes and improvements.

For the component to work correctly, you must update the Nemesida WAF API before updating the component.

Nemesida WAF API 3.0.667 (nwaf-api)
  • An improved mechanism for managing the settings of Nemesida WAF has been added;
  • Fixed normalization of national domains used when configuring Nemesida WAF components;
  • Other fixes and improvements.

04.06.2024

Addition to the release: Dynamic module Angie 5.1.3650

Added support for Angie 1.5.2 due to its release.

31.05.2024

End of Nemesida WAF component support for Centos 8 Stream

Nemesda WAF is discontinuing the release of components for CentOS 8 Stream due to the end of distribution support.

Nemesida WAF Cabinet 3.1.518 (nwaf-cabinet)
  • Added the ability to exclude IP addresses from Bruteforce/Flood analysis;
  • Fixed an error that occurs when adding a duplicate user;
  • Added support for request blocking conditions based on the presence of an address in Tor/Proxy/VPN lists in the extended request blocking rules (ERL);
  • Other fixes and improvements.

30.05.2024

Dynamic module 5.1.3650 (nwaf-dyn)
Dynamic module:

  • Added support for Nginx 1.26.1 Stable, Nginx 1.27.0 Mainline and Nginx Plus R32.

Nemesida AI MLA:

  • Minor fixes.
Dynamic module Angie 5.1.3650 (nwaf-angie)
Nemesida AI MLA:

  • Minor fixes.

17.05.2024

Dynamic module 5.1.3544 (nwaf-dyn)
Dynamic module:

  • Added support for Nginx 1.25.5 Mainline;
  • Added support for request blocking conditions based on the presence of an address in Tor/Proxy/VPN lists in the extended request blocking rules (ERL);
  • Reduced the count of false positives when decoding data in Base64;
  • Other fixes and improvements.

Nemesida AI MLA:

  • Added support for downloading Tor/Proxy/VPN lists from the GeoIP server;
  • Fixes related to data decoding in Base64;
  • Other minor fixes.
Dynamic module Angie 5.1.3544 (nwaf-angie)
Dynamic module:

  • Added support for Angie 1.5.1;
  • Added support for request blocking conditions based on the presence of an address in Tor/Proxy/VPN lists in the extended request blocking rules (ERL);
  • Reduced the count of false positives when decoding data in Base64;
  • Other fixes and improvements.

Nemesida AI MLA:

  • Added support for downloading Tor/Proxy/VPN lists from the GeoIP server;
  • Fixes related to data decoding in Base64;
  • Other minor fixes.
Nemesida WAF API 3.0.586 (nwaf-api)
  • Added support for brute__wl_ip options for Nemesida AI MLC;
  • Added support for the block_tor and block_proxy options for extended request blocking rules (ERL);
  • Fixes related to wildcard domain validation;
  • Fixes related to the processing of the http2 parameter when managing Nginx settings via the Nemesida WAF API.
Nemesida AI MLC 6.1.1429 (nwaf-mlc)
  • Added the ability to exclude IP addresses from Bruteforce/Flood analysis;
  • Improvements related to request processing in detecting DDoS L7 and Bruteforce attacks;
  • Minor fixes related to file upload and processing;
  • Fixes related to the transmission of anomalies detected by the machine learning module to the Nemesida WAF API;
  • Fixes related to data decoding in Base64;
  • Other minor fixes.

24.04.2024

Addition to the release: Dynamic module 5.1.3229

Added support for Nginx 1.26.0 Stable due to its release.

22.04.2024

Nemesida WAF Scanner 7.0.251 (nwaf-scanner)
Minor fixes related to the processing of the PID file.
Nemesida WAF API 3.0.566 (nwaf-api)
Fixes related to obtaining specifications created by Nemesida AI MLC when accessing
/nw-api/get_openapi_schema_paths.

17.04.2024

Nemesida WAF Scanner 7.0.249 (nwaf-scanner)
Fixes related to the logging and configuration file processing system.
Nemesida WAF API 3.0.561 (nwaf-api)
Added a check that forbids the simultaneous use of the readOnly and writeOnly parameters with the value true in the OpenAPI specification.

12.04.2024

Dynamic module 5.1.3229 (nwaf-dyn)
Dynamic module:

  • Added compatibility with the satisfy any web-server option.
Dynamic module Angie 5.1.3229 (nwaf-angie)
Dynamic module:

  • Added compatibility with the satisfy any web-server option.
Nemesida WAF Scanner 7.0.243 (nwaf-scanner)
Minor fixes related to running the module in recheck mode.

29.03.2024

Dynamic module 5.1.3202 (nwaf-dyn)
Dynamic module:

  • Minor fixes and improvements.

Nemesida AI MLA:

  • Fixes related to the Nemesida API Firewall;
  • Other minor improvements.
Dynamic module Angie 5.1.3202 (nwaf-angie)
Dynamic module:

  • Added support for Angie 1.5.0;
  • Minor fixes and improvements.

Nemesida AI MLA:

  • Fixes related to the Nemesida API Firewall;
  • Other minor improvements.

26.03.2024

Nemesida WAF Cabinet 3.1.475 (nwaf-cabinet)
  • Minor fixes related to DBMS interaction;
  • Fixes related to the display of an extended description of the reason for blocking the request by the Nemesida API Firewall module with an empty value.
Nemesida AI MLC 6.1.1390 (nwaf-mlc)
  • Improved the mechanism of interaction with RabbitMQ;
  • Improved the mechanism of processing GeoCC data.
Nemesida WAF API 3.0.556 (nwaf-api)
Minor fixes related to the database structure and changes in the pandas library.

07.03.2024

Dynamic module 5.1.3155 (nwaf-dyn)
Dynamic module:

  • Removed support for the mechanism for unlocking an IP address using a captcha (Captcha v1);
  • The mechanism for unlocking an IP address using a captcha (Captcha v2) is outdated and is not recommended for further use;
  • Added support for a new mechanism for unlocking IP addresses using captcha (Captcha v3);
  • Added support for the ICAP protocol for interacting with antivirus solutions;
  • Other fixes and improvements.
Dynamic module Angie 5.1.3155 (nwaf-angie)
Dynamic module:

  • Removed support for the mechanism for unlocking an IP address using a captcha (Captcha v1);
  • The mechanism for unlocking an IP address using a captcha (Captcha v2) is outdated and is not recommended for further use;
  • Added support for a new mechanism for unlocking IP addresses using captcha (Captcha v3);
  • Added support for the ICAP protocol for interacting with antivirus solutions;
  • Other fixes and improvements.

05.03.2024

End of Docker сontainer support: nwaf-web and nwaf-web-pg

Due to the end of support for Docker containers nwaf-web/nwaf-web-pg (Nemesida WAF API, Nemesida WAF Cabinet, PostgreSQL), the release of updates for them is discontinued. It is recommended to perform migration of components to new containers according to the instructions.

01.03.2024

Nemesida WAF Cabinet 3.1.469 (nwaf-cabinet)
Fixes related to the use of python libraries and interaction with the database.
Nemesida WAF API 3.0.550 (nwaf-api)
  • Fixes related to database interaction;
  • Other minor improvements.
Dynamic module 5.1.3139 (nwaf-dyn)
Nemesida AI MLA:

  • Fixes related to functionality changes in the python library netaddr;
  • Fixes related to the operation of the API Firewall;
  • Added blocking of requests during analysis by the API Firewall module if the request body is sent in JSON format with duplicate keys..
Dynamic module Angie 5.1.3139 (nwaf-angie)
Nemesida AI MLA:

  • Fixes related to functionality changes in the python library netaddr;
  • Fixes related to the operation of the API Firewall;
  • Added blocking of requests during analysis by the API Firewall module if the request body is sent in JSON format with duplicate keys.
Nemesida AI MLC 6.1.1353 (nwaf-mlc)
  • Fixes related to sending requests with detected anomalies in the Nemesida WAF API;
  • Fixes related to functionality changes in the python library netaddr;
  • Other fixes and improvements.

29.02.2024

End of component support for Debian 10

Due to the end of support for Python 3.7 (security updates and bug fixes in Python or pip), the release of component updates for the distribution Debian 10 is discontinued. To prevent incorrect interaction of the Nemesida WAF components, we recommend updating the component servers to the distribution versions with the current version of Python. You can check the version status of Python here.

22.02.2024

Nemesida WAF Cabinet 3.1.465 (nwaf-cabinet)
  • Fixed incorrect display of parameter values in the Nemesida WAF settings section;
  • Added support for an extended description of the reason for blocking the request by the Nemesida API Firewall module;
  • Added the ability to delete all entries in the behavioral model settings section;
  • Other fixes and improvements.
Nemesida WAF API 3.0.531 (nwaf-api)
  • Minor fixes related to the functionality of configuring behavioral models;
  • Fixes related to functionality changes in the python library netaddr.

16.02.2024

The update is only available for the package nwaf-dyn-1.25.X.

Dynamic module 5.1.2996 (nwaf-dyn)
Dynamic module:

  • Added support for Nginx 1.25.4 Mainline and Nginx Plus R31.
Dynamic module Angie 5.1.2996 (nwaf-angie)
Dynamic module:

  • Added support for Angie 1.4.1.
Nemesida WAF Scanner 7.0.239 (nwaf-scanner)
Minor fixes related to the processing of the configuration file.