NGINX App Protect WAF Release 3.8
January 18, 2022
CentOS 7.4+ / RHEL 7.4+ / Amazon Linux 2
- 5207 Fixed - Improved warning for supported violations that have their settings derived from other policy elements, but are not directly configurable.
This release introduces a change in dependency for
threat campaignsbundles from
app-protect-compiler. Due to the upcoming modern mode of operation development and new packaging, the dependency of these packages is now transferred to
app-protect-compilerpackage. This change in dependency will have a major impact that might be relevant to some customers, who are using commands to only install the attack signatures and on the way NGINX App Protect and NGINX Plus are installed as well.
Memory Consumption Improvement - Beginning in release 3.8, NGINX App Protect WAF is optimized to consume ~70MB less per loaded policy, compared to the previous releases. Currently, when a policy contains an xml profile, NGINX App Protect WAF allocates up to 256 xml parsers, each consuming ~300KB. This is done at startup per thread, per xml profile, per policy.
This documentation applies to the following versions of NGINX App Protect WAF: 3.8.