A list of updates of Nemesida WAF modules for 2021. Information about installing, updating and diagnosing the software is available in the manual.

07.06.2022

Nemesida WAF 5.1.1258 (nwaf-dyn)
  • Added support for Nginx Plus R26 and Nginx 1.22.0 Stable;
  • Fixed the mechanism of the mla_score parameter when using Nemesida WAF Free (thanks to Artem Mishchenkov);
  • Added support for an additional header $nwaf_cc for Nginx, which defines the blocking of a request by country using an extended request blocking rule;
  • Added support for models copied via rep_models for the Nemesida AI MLA module;
  • Improved mechanism of normalization and decoding of query contents for the Nemesida AI MLA module;
  • Other fixes and improvements.
Nemesida AI MLC 6.1.590 (nwaf-mlc)
  • Added support for models copied via rep_models;
  • Improved mechanism for normalizing and decoding the content of requests;
  • Other fixes and improvements.

30.05.2022

Nemesida WAF Cabinet 3.0.438 (nwaf-cabinet)
  • Updated description of some types of vulnerabilities;
  • Improved the principle of displaying attacks on the page. The domains to be displayed on the page are sorted not by the number of attacks, but by the time of the last received event;
  • Added display of Sensitive Data Exposure search results (SDE) as a separate table;
  • A new country filter has been added to the country grouping section Country not defined. Displays attacks whose country could not be determined by IP address and which do not belong to Private IP;
  • Other fixes and improvements.

25.05.2022

Nemesida WAF Signtest 2.65 (nwaf-st)
Multiple fixes and improvements.

26.04.2022

Nemesida WEB Scanner 6.0.144 (nwaf-scanner)
  • Added support for finding vulnerabilities Unrestricted File Upload (UFU) and Sensitive Data Exposure (SDE);
  • Other fixes and improvements.

19.04.2022

Nemesida WAF Cabinet 3.0.398 (nwaf-cabinet)
  • Added descriptions of the types of attacks and vulnerabilities detected;
  • Other fixes and improvements.

14.04.2022

Nemesida WAF Signtest 2.58 (nwaf-st)
  • Added editing of BT 13 event records;
  • Fixed errors when exporting events;
  • Other fixes and improvements.

07.04.2022

Nemesida WAF 5.1.1056 (nwaf-dyn)
Optimization of the Nemesida AI MLA module under heavy loads.

06.04.2022

Nemesida WAF Cabinet 3.0.385 (nwaf-cabinet)
  • Redesigned the results page of the Nemesida WAF Scanner module;
  • Improved grouping of entries on the attacks page;
  • Other fixes and improvements.

30.03.2022

Nemesida AI MLC 6.1.539 (nwaf-mlc)
Added TLS support when interacting with a remote RabbitMQ server (parameter rmq_host).

28.03.2022

Nemesida WAF Cabinet 3.0.363 (nwaf-cabinet)
Fixed uncorrected display of attacks on the Attack page.
Nemesida WAF 5.1.1004 (nwaf-dyn)
  • Improved definition of CountryCode for the IP address of the request source
  • Improved the mechanism of unlocking using captcha;
  • The NoMLA zone for the WL and LM signature analysis rules has been removed;
  • Improvements to the Nemesida AI MLA module;
  • Other improvements and fixes.

23.03.2022

Nemesida WAF Cabinet 3.0.355 (nwaf-cabinet)
  • Added localization in Russian language;
  • Added grouping of attacks;
  • Other changes and improvements.

21.03.2022

Nemesida AI MLC 6.1.536 (nwaf-mlc)
Cumulative package of improvements.

09.03.2022

Nemesida WAF Scanner 6.0.111 (nwaf-scanner)
  • Added support for vulnerability search RFI;
  • Improved performance of the SQLi module;
  • Fixed errors in the operation of the Recheck functionality.

01.03.2022

Nemesida WAF Cabinet 3.0.267 (nwaf-cabinet)
  • Improved performance when generating the Summary page;
  • Improved operation of filters;
  • Other fixes and improvements.

24.02.2022

Nemesida AI MLC 6.1.506 (nwaf-mlc)
  • Improved stability and performance when working with high loads;
  • Added automatic normalization for internationalized domain names;
  • Other fixes and improvements.
Nemesida WAF 5.1.769 (nwaf-dyn)
  • Improved stability and performance when working with high loads;
  • Added automatic normalization for internationalized domain names;
  • Improved compatibility with Nginx debugging mode;
  • Other fixes and improvements.

22.02.2022

Nemesida WAF 3.0.255 (nwaf-cabinet)
  • Fixed bugs and optimized page generation Summary;
  • Improved the interface for removing attacks;
  • Added the CC filter, which filters attacks by country. Example: cc:ru will remove all attacks from Russia;
  • Added full-text search. When used, all matches will be searched;
  • Other changes and corrections.

16.02.2022

Nemesida WAF Signtest 2.49 (nwaf-st)
  • Added compatibility with Django 4.0.2 LTS;
  • Other fixes and improvements.

14.02.2022

Nemesida WAF Scanner 6.0.87 (nwaf-scanner)
  • Improved the web application page search module;
  • Added support for SSTI vulnerability search;
  • Improved authorization module;
  • When using the Recheck functionality, domains with www are also checked (for example, www.example.com).

09.02.2022

Nemesida WAF API 2.83 (nwaf-api)
  • Added functionality for loading GeoIP-data;
  • Minor changes and improvements.
Nemesida AI MLC 6.1.416 (nwaf-mlc)
  • Reduced resource consumption when detecting anomalies by the machine learning module;
  • The DDoS section has added support for wildcard values «*» for the virtual host parameter wl_url;
  • Other fixes and improvements.

03.02.2022

Nemesida WAF Cabinet 3.0.217 (nwaf-cabinet)
  • Added a relevant display of the search filters used;
  • Added the functionality of automatic delete attacks;
  • The result of the filter mz:url now includes a search by uri;
  • Other fixes and improvements.

01.02.2022

Nemesida WEB Scanner 6.0.30 (nwaf-scanner)
  • Fixed a problem with running in Debian 11;
  • For the auth_uri parameter, support for URI has been added if authentication occurs in another web application (example: example.com/login.php);
  • Improved the work of the vulnerability search module SQLi;
  • Other improvements and fixes.

31.01.2022

Nemesida AI MLC 6.1.396 (nwaf-mlc)
Cumulative package of fixes and improvements.
Nemesida WAF 5.1.665 (nwaf-dyn)
  • Added Nginx 1.21.6 Mainline support;
  • Added the ability to set IP address blocking lists using the cloud API;
  • Cumulative package of fixes and improvements for the Nemesida AI MLA module;
  • Other fixes and improvements.

19.01.2022

Nemesida WAF 3.0.190 Cabinet (nwaf-cabinet)
  • Added sorting of filters by frequency of their use;
  • Optimized report generation;
  • The format of applying negation to filters has been changed. Now the negation must be specified before the filter, for example: !h:example.com;
  • Multiple fixes and improvements.

After updating the module, for correct operation, it is necessary to restart the Memcache service with the command: service memcached restart.

08.01.2022

Nemesida WAF 5.1.562 (nwaf-dyn)
  • Added Nginx 1.21.5 Mainline support;
  • Added virtual environment support for pip-dependencies;
  • Multiple fixes and improvements.
Nemesida AI MLC 6.1.361 (nwaf-mlc)
  • Added virtual environment support for pip-dependencies;
  • Multiple fixes and improvements.

08.01.2022

Nemesida WAF Signtest 2.40 (nwaf-st)
  • Fixed an issue when processing some types of IP addresses.