NGINX App Protect WAF 3.1
March 31, 2021
New Features
- User-Defined Browser Control
- CSRF Protection Using Origin Validation
- Clickjacking Protection
- Log Rotate
- Enforcer Cookie Settings
- Ubuntu 20.04 Support
Supported Packages
App Protect
Debian 9
- app-protect_23+3.462.0-1~stretch_amd64.deb
Debian 10
- app-protect_23+3.462.0-1~buster_amd64.deb
Ubuntu 18.04
- app-protect_23+3.462.0-1~bionic_amd64.deb
Ubuntu 20.04
- app-protect_23+3.462.0-1~focal_amd64.deb
Alpine 3.10
- app-protect-23.3.462.0-r1.apk
CentOS / RHEL
- app-protect-23+3.462.0-1.el7.ngx.x86_64.rpm
Resolved Issues
- 3157 Fixed - Header settings case sensitivity issue
- 3259 Fixed - Disallow multiple cookie headers in request
- 3351 Fixed - Date-Time and Date formatted parameters in OpenAPI accept malformed values
- 3353 Fixed - ExclusiveMinimum in OpenAPI not enforced
- 3551 Fixed - Incorrect violation rating when low severity sub-violations are triggered
- 3576 Fixed - Cookie deletion configuration issue
- 3606 Fixed - Blocked logging filter is working incorrectly
Last modified November 19, 2024