NGINX App Protect WAF Release 4.2
March 29, 2023
This release includes new signatures for Anti Automation (bot defense):
- Added the following Site Monitor bot signatures: 404enemy, Munin Monitor
- Added the following Spam Bot bot signatures: 01h4x, AIBOT
- Added the following Service Agent bot signatures: 404checker, Adyen, Autohost Threat Intel API, Paystack, Pixalate, PureRef, TwilioProxy, SpamExperts
- Added the following Crawler bot signatures: FullStoryBot, GeedoBot, infoobot, IonCrawl, MuscatFerret Crawler, NETVIBES Crawler, SeobilityBot, SMTBot, Summify, WEDOS Crawler, Yahoo Ad monitoring
- Added the following RSS Reader bot signatures: Feed Wrangler, flusio, Page2RSS, Unread RSS Reader
- Added the following Vulnerability Scanner bot signature: Node.js, zerodium Tester
- Added the following DoS Tool bot signature: Siege DoS Tool
- Added the following Exploit Tool bot signature: Criptonize Mirai Installer
CentOS 7.4+ / RHEL 7.4+ / Amazon Linux 2
Oracle Linux 8.1+
7411 Fixed - The Protocol Buffers library has been updated to enable the usage of keywords that were previously unsupported in gRPC IDL files.
7986 Fixed - When converting a policy from BIG-IP, collections with wildcardOrder, such as “urls”, may result with the default “*” element being in the wrong order relative to the other wildcard entries. This lead to unexpected and incorrect policy enforcement. convert-policy now writes these elements in the correct order. Importing a policy with an unexpected order also works as expected.
7939 Fixed - Requests blocked due to
VIOL_ATTACK_SIGNATUREalthough all signatures disabled.
7199 Fixed - Alignment of notification and availability of NGINX App Protect Signature updates.
This release introduces a change in the package dependencies for NGINX App Protect WAF. Customers who work in a SELinux-enforced environment should now explicitly list
app-protect-selinuxpackage when performing App Protect clean install and upgrade.
NGINX App Protect WAF’s SELinux module is now an optional package (meaning - not included in default installation). In order to install
app-protect-selinuxpackage, use the following command:
yum install app-protect app-protect-selinux
This documentation applies to the following versions of NGINX App Protect WAF: 4.2.