NGINX App Protect WAF Release 3.9.1
March 9, 2022
Support for NGINX App Protect WAF is added to NGINX Plus R26 starting with release 3.9.
This release includes updated signatures for the Anti Automation (bot defense) feature as follows:
- Added the following Spam Bot bot signatures: meow, ANETInspect, OnlyScans, HonoluluBot, Search engine under construction, browsergetproto1.2
- Added the following Service Agent bot signatures: YandeG, FGX-Web, Detectify, AndroidDownloadManager
- Added the following Web Spider bot signatures: DoCoMo 2.0, GGG
- Added the following HTTP Library bot signatures: Alamofire, PerlDAV, node-fetch
- Added the following Crawler bot signatures: CryptoAPI
- Added the following Network Scanner bot signatures: Exchange scanner
- Added the following Exploit Tool bot signatures: Exchange RCE Detector(CVE-2021-34473)
- Added the following Vulnerability Scanner bot signatures: Log4Shell detector
- Updated the following Crawler bot signatures: ds9, coccoc
- Updated the following Exploit Tool bot signatures: JNDI Exploit Bot
- 5633 Fixed - Syslog contains undesired line breaks.
This documentation applies to the following versions of NGINX App Protect WAF: 3.9.1.