A list of updates of Nemesida WAF modules for 2022. Information about installing, updating and diagnosing the software is available in the manual.

26.12.2022

Nemesida WAF 5.1.1920 (nwaf-dyn)
  • Added support for Nginx 1.23.3 Mainline and Nginx Plus R28;
  • Improved mechanism for processing the request body sent by the GET, HEAD, OPTIONS methods and an arbitrary method;
  • Improved stability of the dynamic module;
  • Fixes related to request processing with OpenAPI specification;
  • Improved the mechanism for applying the behavioral model. The behavioral model for a virtual host will also apply to its WWW alias. Example:
    • the model example.com will apply to example.com and www.example.com;
    • the model a.example.com will apply to a.example.com and www.a.example.com.
  • Other fixes and improvements.

25.12.2022

Nemesida AI MLC 6.1.1096 (nwaf-mlc)
Improved the mechanism for applying the behavioral model. The behavioral model for a virtual host will also apply to its WWW alias. Example:

  • the model example.com will apply to example.com and www.example.com;
  • the model a.example.com will apply to a.example.com and www.a.example.com.

02.12.2022

Nemesida WAF Scanner 6.0.170 (nwaf-scanner)
Minor fixes and improvements.

28.11.2022

Nemesida WAF API 3.0.90 (nwaf-api)
Minor improvements fixes, among other things, to the automatic conversion of IDN domains.
Nemesida WAF 5.1.1816 (nwaf-dyn)
Fixed a potential issue that could occur during authorization.
Nemesida AI MLC 6.1.1072 (nwaf-mlc)
  • Fixed a potential issue that could occur during authorization;
  • Improved training sample read/write mechanism in SQLite;
  • Other fixes and improvements.

23.11.2022

Nemesida WAF Cabinet 3.1.162 (nwaf-cabinet)
  • Added activation of two-factor authentication in user settings;
  • Added the ability to display requests from IP addresses from the list of blocked (Blocked IP) on the attacks page;
  • Added the ability to group attacks of the same type;
  • Added search filters t:oapi and t:bl to sort records from OpenAPI and Blocked IP sections;
  • Added support for “Deactivate IP-based geolocation detection” and “Deactivate zone decoding for URL” options;
  • Other fixes and improvements.

21.11.2022

It is necessary to update the Nemesida WAF API module before updating Nemesida WAF and Nemesida AI MLC for their correct operation.

Before upgrading packages on CentOS 7, you must install the centos-release-scl package with the command:

# yum install centos-release-scl
Nemesida WAF API 3.0.83 (nwaf-api)
Cumulative improvement package.
Nemesida WAF 5.1.1811 (nwaf-dyn)
  • Fixes related to request processing using the OpenAPI specification;
  • Multiple improvements related to the work of the machine learning module;
  • Ended support for the cloud WebApp and API, settings are managed using Nemesida WAF Cabinet and local API;
  • Other fixes and improvements.
Nemesida AI MLC 6.1.1045 (nwaf-mlc)
  • Fixes related to request processing using the OpenAPI specification;
  • Multiple improvements related to the work of the machine learning module;
  • Ended support for the cloud WebApp and API, settings are managed using Nemesida WAF Cabinet and local API;
  • Ended support for the Nemesida WAF Signtest module. Behavioral models are managed in Nemesida WAF Cabinet;
  • The list of virtual hosts is managed using the Nemesida WAF Cabinet and the local API;
  • Ended support for Nemesida AI MLS functionality;
  • Other fixes and improvements.

20.10.2022

Nemesida WAF 5.1.1709 (nwaf-dyn)
  • Added support for Nginx 1.22.1 Stable and Nginx 1.23.2 Mainline;
  • Fixed an issue where in some cases there was a timeout waiting for a response from Nemesida AI MLA.

16.10.2022

After updating the components it is recommended to use the script to migrate the Nemesida WAF configuration from the cloud WebApp to Nemesida WAF Cabinet. Before running the script it is necessary:

  • grant the rights to execute:
    # chmod +x migration.sh
  • make changes to the script:
    • lic_key – license key;
    • nw_api_url – address of the server with the Nemesida WAF API module installed;
    • sys_proxy – proxy server address (if used);
    • api_proxy – proxy server address (if used) to connect to the Nemesida WAF API server.
  • provide direct access to the server nemesida-security.com for access from the server where the configuration migration script will run.
Nemesida WAF API 3.0.72 (nwaf-api)
Fixed errors that occurred after the installation of the module before its configuration.
Nemesida AI MLC 6.0.159 (nwaf-mlc)
  • For Light and Business plans, has been added the possibility to manage module settings local, using Nemesida WAF API or Nemesida WAF Cabinet;
  • Fixed an issue with some IP addresses added to the whitelist (WL) when detecting DDoS attacks;
  • Improved machine learning module performance at higher loads.
Nemesida WAF 5.1.1692 (nwaf-dyn)
  • Added support for number type when analyzing requests for compliance with OpenAPI specification;
  • Increased speed of requests analysis for compliance with OpenAPI specification;
  • For Light and Business plans, has been added the possibility to manage module settings local, using Nemesida WAF API or Nemesida WAF Cabinet;
  • Fixed an issue with some IP addresses added to the whitelist (WL) when detecting DDoS attacks;
  • Improved machine learning module performance at higher loads.
Nemesida WAF Cabinet 3.1.126 (nwaf-cabinet)
  • For Light and Business plans, has been added the possibility to manage module settings local, using Nemesida WAF Cabinet;
  • Fixed an issue with incorrect display of behavioral model training status;
  • Added ability to block IP address during event handling when configuring models;
  • Other fixes and improvements.

28.09.2022

Nemesida WAF Scanner 6.0.159 (nwaf-scanner)
  • Added support for finding vulnerabilities Server Side Request Forgery (SSRF) and XML External Entity (XXE);
  • Other fixes and improvements.

26.09.2022

Nemesida WAF 5.1.1669 dynamic module (nwaf-dyn)
  • Improved request decoding mechanism;
  • Improved request processing mechanism in accordance with the OpenAPI/Swagger specification;
  • Cumulative package of fixes and improvements.
Nemesida AI MLC 6.1.812 (nwaf-mlc)
  • Improved request decoding mechanism;
  • Improved request processing mechanism in accordance with the OpenAPI/Swagger specification;
  • Other fixes and improvements.
Nemesida WAF API 3.0.54 (nwaf-api)
Cumulative package of fixes and improvements.
Nemesida WAF Cabinet 3.1.111 (nwaf-cabinet)
  • Added the ability to track detected/fixed vulnerabilities on the scanner page;
  • Improved the mechanism for adding parameters in the Nemesida WAF settings;
  • Improved IP address blocking functionality;
  • Added the ability to block an IP address by clicking on it on the attacks page;
  • Other fixes and improvements.

05.09.2022

Nemesida WAF API 3.0.45 (nwaf-api)
Updated WAF ID for Nemesida WAF Community Edition.
Nemesida WAF 5.1.1568 dynamic module (nwaf-in)
  • Changed the format of messages in the log file when working with Nemesida AI MLA;
  • Added Nginx 1.23.1 Mainline support;
  • The mechanism for detecting anomalies in a request based on the request schema in OpenAPI and Swagger format has been improved;
  • Added support for FreeBSD 12/13;
  • Other fixes and improvements.

02.09.2022

Nemesida WAF Cabinet 3.1.89 (nwaf-cabinet)
  • Improved the display of the result of the sensitive data search module;
  • Improved verification of signatures when setting up models;
  • Improved the functionality of creating WL for different plans;
  • Fixed errors when working with behavioral models (creation, retraining, deletion);
  • Other fixes and improvements.

22.08.2022

Nemesida WAF Cabinet 3.1.72 (nwaf-cabinet)
  • VTS module support removed;
  • Added automatic conversion of OpenAPI 2.0 (Swagger) schema to OpenAPI 3.0 on load;
  • Improved report generation mechanism in PDF format;
  • Other fixes and improvements.
Nemesida AI MLC 6.1.753 (nwaf-mc)
  • Fixed an issue with excluding data from the training sample when activating the list of virtual hosts in OpenAPI;
  • Other fixes and improvements.

31.07.2022

It is necessary to update the Nemesida WAF API module before updating Nemesida WAF, Nemesida AI MLC and Nemesida WAF Cabinet for their correct operation.
Before updating the Nemesida WAF API module, you need to add the client_max_body_size 32m; parameter to the /etc/nginx/conf.d/nwaf-api.conf file.

Nemesida WAF 5.1.1515 (nwaf-dyn)
  • Added support for Nginx Plus R27;
  • Added OpenAPI support (available for the Business and Enterprise plan);
  • Added the ability to organize offline management of module settings using the Nemesida WAF API (information about settings is not transmitted outside the network perimeter, available for the Enterprise plan);
  • The module is launched in Free mode after an unsuccessful verification of the license key within 5 seconds;
  • Synchronization of blocked IP addresses between servers is now forcibly performed only using the Nemesida WAF API;
  • Fixed slowing down of request processing by signature analysis for Nginx 1.21 and later on Debian 10 and CentOS 8 Stream;
  • Added support for the NoMLA option when create exclusion rules;
  • Other fixes and improvements.
Nemesida AI MLC 6.1.746 (nwaf-mlc)
  • Added OpenAPI support;
  • Added the ability to organize offline management of Nemesida AI MLC settings and behavioral models using the Nemesida WAF API (information about settings, generation, storage and loading of behavioral models is not transmitted outside the network perimeter, available for the Enterprise plan);
  • Interaction with the configuration file nwaf.conf of the Nemesida WAF dynamic module has been terminated.
Nemesida WAF API 3.0.40 (nwaf-api)
  • Added OpenAPI support;
  • Added the ability to organize autonomous management of behavioral models, as well as Nemesida WAF and Nemesida AI MLC settings;
  • Added synchronization of blocked IP addresses between servers;
  • Improved the mechanism for processing signature descriptions;
  • Improved the mechanism for processing signature descriptions.

After updating this module, it is recommended to abandon the use of Nemesida WAF Signtest and configure behavioral models using Nemesida WAF Cabinet.

Nemesida WAF Cabinet 3.1.60 (nwaf-cabinet)
  • Added OpenAPI support;
  • Added functionality for configuring behavioral models of the Nemesida WAF Signtest module (the Nemesida WAF Signtest module has been removed from support);
  • Added the ability to organize offline management of Nemesida WAF and Nemesida AI MLC settings using the Nemesida WAF API;
  • Other fixes and improvements.

07.06.2022

Nemesida WAF 5.1.1258 (nwaf-dyn)
  • Added support for Nginx Plus R26 and Nginx 1.22.0 Stable;
  • Fixed the mechanism of the mla_score parameter when using Nemesida WAF Free (thanks to Artem Mishchenkov);
  • Added support for an additional header $nwaf_cc for Nginx, which defines the blocking of a request by country using an extended request blocking rule;
  • Added support for models copied via rep_models for the Nemesida AI MLA module;
  • Improved mechanism of normalization and decoding of query contents for the Nemesida AI MLA module;
  • Other fixes and improvements.
Nemesida AI MLC 6.1.590 (nwaf-mlc)
  • Added support for models copied via rep_models;
  • Improved mechanism for normalizing and decoding the content of requests;
  • Other fixes and improvements.

30.05.2022

Nemesida WAF Cabinet 3.0.438 (nwaf-cabinet)
  • Updated description of some types of vulnerabilities;
  • Improved the principle of displaying attacks on the page. The domains to be displayed on the page are sorted not by the number of attacks, but by the time of the last received event;
  • Added display of Sensitive Data Exposure search results (SDE) as a separate table;
  • A new country filter has been added to the country grouping section Country not defined. Displays attacks whose country could not be determined by IP address and which do not belong to Private IP;
  • Other fixes and improvements.

25.05.2022

Nemesida WAF Signtest 2.65 (nwaf-st)
Multiple fixes and improvements.

26.04.2022

Nemesida WEB Scanner 6.0.144 (nwaf-scanner)
  • Added support for finding vulnerabilities Unrestricted File Upload (UFU) and Sensitive Data Exposure (SDE);
  • Other fixes and improvements.

19.04.2022

Nemesida WAF Cabinet 3.0.398 (nwaf-cabinet)
  • Added descriptions of the types of attacks and vulnerabilities detected;
  • Other fixes and improvements.

14.04.2022

Nemesida WAF Signtest 2.58 (nwaf-st)
  • Added editing of BT 13 event records;
  • Fixed errors when exporting events;
  • Other fixes and improvements.

07.04.2022

Nemesida WAF 5.1.1056 (nwaf-dyn)
Optimization of the Nemesida AI MLA module under heavy loads.

06.04.2022

Nemesida WAF Cabinet 3.0.385 (nwaf-cabinet)
  • Redesigned the results page of the Nemesida WAF Scanner module;
  • Improved grouping of entries on the attacks page;
  • Other fixes and improvements.

30.03.2022

Nemesida AI MLC 6.1.539 (nwaf-mlc)
Added TLS support when interacting with a remote RabbitMQ server (parameter rmq_host).

28.03.2022

Nemesida WAF Cabinet 3.0.363 (nwaf-cabinet)
Fixed uncorrected display of attacks on the Attack page.
Nemesida WAF 5.1.1004 (nwaf-dyn)
  • Improved definition of CountryCode for the IP address of the request source
  • Improved the mechanism of unlocking using captcha;
  • The NoMLA zone for the WL and LM signature analysis rules has been removed;
  • Improvements to the Nemesida AI MLA module;
  • Other improvements and fixes.

23.03.2022

Nemesida WAF Cabinet 3.0.355 (nwaf-cabinet)
  • Added localization in Russian language;
  • Added grouping of attacks;
  • Other changes and improvements.

21.03.2022

Nemesida AI MLC 6.1.536 (nwaf-mlc)
Cumulative package of improvements.

09.03.2022

Nemesida WAF Scanner 6.0.111 (nwaf-scanner)
  • Added support for vulnerability search RFI;
  • Improved performance of the SQLi module;
  • Fixed errors in the operation of the Recheck functionality.

01.03.2022

Nemesida WAF Cabinet 3.0.267 (nwaf-cabinet)
  • Improved performance when generating the Summary page;
  • Improved operation of filters;
  • Other fixes and improvements.

24.02.2022

Nemesida AI MLC 6.1.506 (nwaf-mlc)
  • Improved stability and performance when working with high loads;
  • Added automatic normalization for internationalized domain names;
  • Other fixes and improvements.
Nemesida WAF 5.1.769 (nwaf-dyn)
  • Improved stability and performance when working with high loads;
  • Added automatic normalization for internationalized domain names;
  • Improved compatibility with Nginx debugging mode;
  • Other fixes and improvements.

22.02.2022

Nemesida WAF 3.0.255 (nwaf-cabinet)
  • Fixed bugs and optimized page generation Summary;
  • Improved the interface for removing attacks;
  • Added the CC filter, which filters attacks by country. Example: cc:ru will remove all attacks from Russia;
  • Added full-text search. When used, all matches will be searched;
  • Other changes and corrections.

16.02.2022

Nemesida WAF Signtest 2.49 (nwaf-st)
  • Added compatibility with Django 4.0.2 LTS;
  • Other fixes and improvements.

14.02.2022

Nemesida WAF Scanner 6.0.87 (nwaf-scanner)
  • Improved the web application page search module;
  • Added support for SSTI vulnerability search;
  • Improved authorization module;
  • When using the Recheck functionality, domains with www are also checked (for example, www.example.com).

09.02.2022

Nemesida WAF API 2.83 (nwaf-api)
  • Added functionality for loading GeoIP-data;
  • Minor changes and improvements.
Nemesida AI MLC 6.1.416 (nwaf-mlc)
  • Reduced resource consumption when detecting anomalies by the machine learning module;
  • The DDoS section has added support for wildcard values «*» for the virtual host parameter wl_url;
  • Other fixes and improvements.

03.02.2022

Nemesida WAF Cabinet 3.0.217 (nwaf-cabinet)
  • Added a relevant display of the search filters used;
  • Added the functionality of automatic delete attacks;
  • The result of the filter mz:url now includes a search by uri;
  • Other fixes and improvements.

01.02.2022

Nemesida WEB Scanner 6.0.30 (nwaf-scanner)
  • Fixed a problem with running in Debian 11;
  • For the auth_uri parameter, support for URI has been added if authentication occurs in another web application (example: example.com/login.php);
  • Improved the work of the vulnerability search module SQLi;
  • Other improvements and fixes.

31.01.2022

Nemesida AI MLC 6.1.396 (nwaf-mlc)
Cumulative package of fixes and improvements.
Nemesida WAF 5.1.665 (nwaf-dyn)
  • Added Nginx 1.21.6 Mainline support;
  • Added the ability to set IP address blocking lists using the cloud API;
  • Cumulative package of fixes and improvements for the Nemesida AI MLA module;
  • Other fixes and improvements.

19.01.2022

Nemesida WAF 3.0.190 Cabinet (nwaf-cabinet)
  • Added sorting of filters by frequency of their use;
  • Optimized report generation;
  • The format of applying negation to filters has been changed. Now the negation must be specified before the filter, for example: !h:example.com;
  • Multiple fixes and improvements.

After updating the module, for correct operation, it is necessary to restart the Memcache service with the command: service memcached restart.

08.01.2022

Nemesida WAF 5.1.562 (nwaf-dyn)
  • Added Nginx 1.21.5 Mainline support;
  • Added virtual environment support for pip-dependencies;
  • Multiple fixes and improvements.
Nemesida AI MLC 6.1.361 (nwaf-mlc)
  • Added virtual environment support for pip-dependencies;
  • Multiple fixes and improvements.

08.01.2022

Nemesida WAF Signtest 2.40 (nwaf-st)
  • Fixed an issue when processing some types of IP addresses.