# F5 DoS for NGINX 2.1 Type of document: Reference Product: F5 DOS for NGINX --- Here you can find the release information for F5 DoS for NGINX v2.1. F5 DoS for NGINX provides behavioral protection against Denial of Service (DoS) for your web applications. ## Release 2.1 December 29, 2021 ### New Features - [Support for RHEL (7.4.x and above) Virtual Machine (VM) deployment](learn-about-deployment.md#rhel-74-installation) - [Support for RHEL 8 and UBI 8](learn-about-deployment.md#rhel-8-installation) - [GRPC and HTTP/2 protection support for Centos (7.4.x and above) and RHEL (7.4.x and above)](/nap-dos/deployment-guide/learn-about-deployment.md) ### Supported Packages #### App Protect DoS ##### CentOS 7.4+ / RHEL 7.4+ / UBI7 - app-protect-dos-25+2.1.8-1.el7.ngx.el7.ngx.x86_64.rpm ##### RHEL 8 / UBI8 - app-protect-dos-25+2.1.8-1.el8.ngx.el8.ngx.x86_64.rpm ##### Debian 10 - app-protect-dos_25+2.1.8-1~buster_amd64.deb ##### Ubuntu 18.04 - app-protect-dos_25+2.1.8-1~bionic_amd64.deb ##### Ubuntu 20.04 - app-protect-dos_25+2.1.8-1~focal_amd64.deb #### NGINX Plus - NGINX Plus R25 ### Resolved Issues - The `app_protect_dos_name` directive is not inherited by the inner blocks, causing to have more VSs than expected. - Signature should not be created if good and bad actor use the same type of traffic. - When there's a clear anomaly on the User-Agent header signal, the signature doesn't include it. - HTTP Method signal is named incorrectly in signatures. ### Important Notes - `proxy_request_buffering` off is not supported. - gRPC and HTTP/2 protection require active monitoring of the protected service. The directive `app_protect_dos_monitor` is mandatory for these use cases, otherwise, the attack will not be detected. - [TLS fingerprint](/nap-dos/directives-and-policy/learn-about-directives-and-policy.md#policy-directive-app_protect_dos_policy_file) feature is not used in CentOS 7.4 and RHEL 7 / UBI 7 due to the old OpenSSL version. The required OpenSSL version is 1.1.1 or higher. - Slow POST attack always mitigates with block action while other types of attacks can also be mitigated with redirection or JS challenges. - The recommended option of running NGINX Plus in a Docker Container is with the `daemon off` flag. It's mandatory for UBI 8.