NGINX Docs
    • DevCentral

      Connect & learn in our hosted community

    • MyF5

      Your key to everything F5, including support, registration keys, and subscriptions

    • NGINX

      Learn more about NGINX Open Source and read the community blog

NGINX App Protect WAF 4.3

May 2, 2023

In this release, NGINX App Protect WAF supports NGINX Plus R29.

This release includes new signatures for Anti Automation (bot defense):

  • Added the following Crawler bot signatures: YOURLS Crawler, Atomseo broken link checker, proxylist.to Checker, Aspiegel Crawler, digitalshadowsbot, idealo-bot pricevalidator
  • Added the following Exploit Tool bot signatures: BackDoorBot
  • Added the following Site Monitor bot signatures: RWTH Aachen University Scanner
  • Added the following Service Agent bot signatures: AirPlay Server Info, WP Rocket Preload

  • app-protect_29+4.279.0-1~bullseye_amd64.deb
  • app-protect_29+4.279.0-1~bionic_amd64.deb
  • app-protect_29+4.279.0-1~focal_amd64.deb
  • app-protect-29+4.279.0-1.el7.ngx.x86_64.rpm
  • app-protect-29+4.279.0-1.el8.ngx.x86_64.rpm
  • app-protect-29.4.279.0-r1.apk
  • app-protect-29+4.279.0-1.el8.ngx.x86_64.rpm

  • NGINX Plus R29

  • 7987 Fixed - Fixed Violation Rating calculation for trusted bots, untrusted bots and malicious bots.
  • 8010 Fixed - Handling of response headers.

This release introduces a change in the json_log field output for Violation details. Starting with NGINX App Protect WAF release 4.3, the Security Log’s json_log field will include all available information regarding Violation details in JSON format. Refer Security Log document for more details.