NGINX App Protect WAF Release 4.4

July 5, 2023

This release includes new signatures for Anti Automation (bot defense):

Added the following Crawler bot signatures: IAS Crawler, Bing Crawler, DIS Group Crawler, WebBot Scrapper, AddSearch Bot, WPWS bot, iSec_Bot, Newstral Crawler, layoftheland.online Crawler, Quantcastbot, Spiceworks Crawlers, CYRATING Crawler, Jooblebot, YouBot, MetaJobBot, ScooperBot, WebwikiBot, JusProg - Domain Crawler, TinEye-Web, PEER39 Crawler, AMPPARIT Crawler, RuxitSynthetic
Added the following HTTP Library bot signatures: Atoka Logo Fetcher, Zend Http Client Class, Home Assistant API, Probe Image Size, Webpage.rs, Okta Open ID Connect Library, MetadataScraper, node-openid-client, Embed PHP Library, PHP-SOAP
Added the following Service Agent bot signatures: OpenSearch Service, Plesk screenshot bot, EasyBib+AutoCite
Added the following Site Monitor bot signatures: Nx Witness Monitor, Newslitbot, Mattermost Bot
Added the following RSS Reader bot signatures: RSStT, w1NewsBot-RSS, RSS Guard, FeedViewer
Added the following Spam Bot bot signatures: Ixquick.com
Added the following Search Bot bot signatures: Xpanse Search Bot

8302 Fixed - Remote logging destinations when IPv6 is disabled system-wide.
7819 Fixed - The login issue encountered on the iOS client when using the AJAX Response Page has been resolved. This problem specifically occurs on iOS devices when NGINX’s proxy_buffering is disabled.
8261 Fixed - Binaries have been upgraded with module and version updates to address and resolve identified vulnerabilities.
8477 Fixed - TCP connections in the CLOSE_WAIT state for specific types of requests.

There is a limitation when using Override Rules with gRPC. The Override Rules do not provide support for gRPC traffic. If the Override Rules are configured to match gRPC traffic, it will result in the blocking of such traffic.
Starting with the upcoming release version of NGINX Plus R30, Ubuntu 18.04 will no longer be supported and will be deprecated.