v6.1.4 LTS

[6.1.4] - 2021-08-27 UTC+0800

修复

• Memory leak.

---

[6.1.4] - 2021-08-27 UTC+0800

修复

• 内存泄露。

v8.0.1 Current

[8.0.1] - 2021-08-23 UTC+0800

Added

• No longer generates additional response headers when CC protection returns the status code 444.

Fixed

• Segmentation fault when User-Agent is empty.

• The directive waf_http_status could not be merged correctly.

---

[8.0.1] - 2021-08-23 UTC+0800

新增

• 当 CC 防护返回 444 状态码时不再生成额外的响应头。

修复

• 当 User-Agent 为空时会引发段错误。

• 不能正确合并指令 waf_http_status。

v6.1.3 LTS

[6.1.3] - 2021-08-23 UTC+0800

Added

• No longer generates additional response headers when CC protection returns the status code 444.

Fixed

• The directive waf_http_status could not be merged correctly.

---

[6.1.3] - 2021-08-23 UTC+0800

新增

• 当 CC 防护返回 444 状态码时不再生成额外的响应头。

修复

• 不能正确合并指令 waf_http_status。

v8.0.0 Current

[8.0.0] - 2021-08-21 UTC+0800

NOTE

If you would like to upgrade to this version, please see the documentation for guidelines on upgrading across versions.

Added

• Introduced CAPTCHAs for third-party platforms, supporting hCaptcha, reCAPTCHAv2 and reCAPTCHAv3, with the associated directive waf_captcha.

• Support recognizing friendly crawlers, including GooleBot, BingBot, BaiduSpider and YandexBot, and automatically allow them after successful recognition, the related command is waf_verify_bot.

• CC protection supports enabling CAPTCHA mode, which enables CAPTCHA when the request rate exceeds the limit, and blocks the IP if the CAPTCHA fails three times in a row, and recounts the request rate on the contrary.

Changed

• The syntax of the directive waf_mode has changed, see the documentation for a guide to cross-version upgrades.

• The syntax of the directive waf_cc_deny has changed, see the documented guide to cross-version upgrades for details.

• The syntax of the directive waf_cache has been changed, see the cross-version upgrade guide in the documentation.

• Support for modifying the priority of request body inspection.

Removed

• Removed two parameters of the directive waf_cache: interval and percent.

---

[8.0.0] - 2021-08-21 UTC+0800

注意

如果您想要升级到此版本，请查看文档中的跨版本升级的指南。

新增

• 引入了第三方平台的验证码，支持 hCaptcha、reCAPTCHAv2 和 reCAPTCHAv3，相关的指令为 waf_captcha。

• 支持识别友好爬虫，包括 GooleBot、BingBot、BaiduSpider 和 YandexBot，识别成功后自动放行，相关的指令为 waf_verify_bot。

• CC 防护支持开启验证码模式，开启后当请求频率超出限制后会启用验证码，如果连续三次验证失败则拉黑 IP，反之则重新统计请求频率。

变动

• 指令 waf_mode 的语法有所变化，详见文档中的跨版本升级的指南。

• 指令 waf_cc_deny 的语法有所变化，详见文档中的跨版本升级的指南。

• 指令 waf_cache 的语法有所变化，详见文档中的跨版本升级的指南。

• 支持修改「请求体检查」的优先级。

移除

• 移除了指令 waf_cache 的两个参数，分别是 interval 和 percent。

v7.1.0 Current

[7.1.0] - 2021-08-16 UTC+0800

Added

• The parameter rate of the directive waf_cc_deny allows more formats, such as 500r/s, 500r/60s, 500r/m, 500r/60m, 500r/h, 500r/60h and 500r/d.

---

[7.1.0] - 2021-08-16 UTC+0800

新增

• 配置项 waf_cc_deny 的参数 rate 允许更多个格式，如 500r/s、500r/60s、500r/m、500r/60m、500r/h、500r/60h 和 500r/d。

---

v7.0.1 Current

[7.0.1] - 2021-08-11 UTC+0800

Fixed

• Failed to parse 0.0.0.0/0 correctly when handling IP black and white lists.

• Compatible with environments that do not support IPV6.

---

[7.0.1] - 2021-08-11 UTC+0800

修复

• 不能正确解析 IP 黑白名单中的 0.0.0.0/0。

• 兼容不支持 IPV6 的运行环境。

v6.1.2 LTS

[6.1.2] - 2021-08-11 UTC+0800

Fixed

• Failed to parse 0.0.0.0/0 correctly when handling IP black and white lists.

• Compatible with environments that do not support IPV6.

---

[6.1.2] - 2021-08-11 UTC+0800

修复

• 不能正确解析 IP 黑白名单中的 0.0.0.0/0。

• 兼容不支持 IPV6 的运行环境。

v7.0.0 Current

[7.0.0] - 2021-08-04 UTC+0800

Changed

• Changed the way Under Attack Mode is implemented. It is no longer implemented using redirects, but by modifying the response body.

• Removed directive uri from configuration item waf_under_attack, see documentation for details.

• Added a directive file to the configuration item waf_under_attack whose value should be the absolute path to an HTML file, see the documentation for details.

• The directive waf_cc_deny is not allowed at the context http。

---

[7.0.0] - 2021-08-04 UTC+0800

变动

• 改变了 Under Attack Mode 的实现方式。不再使用重定向实现，而是通过修改响应体实现。

• 删除了配置项 waf_under_attack 的参数 uri，详情见文档。

• 为配置项 waf_under_attack 增加了一个参数 file，该参数的值应该是一个 HTML 文件的绝对路径，详情见文档。

• 不允许在 http 这一级中使用配置项 waf_cc_deny。

v6.1.1 LTS

[6.1.1] - 2021-08-04 UTC+0800

Fixed

• Under Attack Mode (UAM) sometimes does not work correctly.

---

[6.1.1] - 2021-08-04 UTC+0800

修复

• Under Attack Mode (UAM) 有时会出错。

v6.1.0 LTS

[6.1.0] - 2021-08-03 UTC+0800

We have changed the release flow, as detailed in this diagram, and a cycle lasts at least a year.

Added

• Added three options to the directive waf_mode.
  • ADV: Enable the advanced rules.
  • CMN-METH: Equivalent to head get post.
  • ALL-METH: Any http request method will start checking.

[6.1.0] - 2021-08-03 UTC+0800

从此版本开始我们开始维护两个版本发布流程，详情见下图。

新增

• 为配置项 waf_mode 增加了三个选项。
  • ADV：控制开关高级规则。
  • CMN-METH：等价于 HEAD GET POST。
  • ALL-METH：任意的 HTTP 请求方法都会启动检查。