NGINX App Protect WAF 5.1

April 18, 2024

Warning

When upgrading, you must recompile all policy and log bundles using the latest WAF compiler.

Older bundles will be detected and disallowed.

New features

In this release, F5 NGINX App Protect WAF supports NGINX Open Source 1.25.4 and NGINX Plus R31 P1.

Resolved issues

  • 10219 & 10512 Fixed - Resolved issues related to base64 detection and decoding.
  • 10465 Fixed - Resolved the “header already sent” alert message in the NGINX error log.
  • 10844 Fixed - Resolved an issue ensuring the WAF-enforcer container starts up, even if a local file logging destination is inaccessible.

Supported packages

App Protect Module for NGINX Open Source

Alpine Linux 3.16 / Alpine Linux 3.17
  • app-protect-module-oss-1.25.4.5.17.0-r1.apk
Debian 11
  • app-protect-module-oss_1.25.4+5.17.0-1~bullseye_amd64.deb
Debian 12
  • app-protect-module-oss_1.25.4+5.17.0-1~bookworm_amd64.deb
Ubuntu 20.04
  • app-protect-module-oss_1.25.4+5.17.0-1~focal_amd64.deb
Ubuntu 22.04
  • app-protect-module-oss_1.25.4+5.17.0-1~jammy_amd64.deb
RHEL 7.4+ / CentOS 7.4+ / Amazon Linux 2
  • app-protect-module-oss-1.25.4+5.17.0-1.el7.ngx.x86_64.rpm
RHEL 8.1+ / Oracle Linux 8.1+
  • app-protect-module-oss-1.25.4+5.17.0-1.el8.ngx.x86_64.rpm
RHEL 9+
  • app-protect-module-oss-1.25.4+5.17.0-1.el9.ngx.x86_64.rpm

App Protect Module for NGINX Plus

Alpine Linux 3.16 / Alpine Linux 3.17
  • app-protect-module-plus-31.5.17.0-r1.apk
Debian 11
  • app-protect-module-plus_31+5.17.0-1~bullseye_amd64.deb
Debian 12
  • app-protect-module-plus_31+5.17.0-1~bookworm_amd64.deb
Ubuntu 20.04
  • app-protect-module-plus_31+5.17.0-1~focal_amd64.deb
Ubuntu 22.04
  • app-protect-module-plus_31+5.17.0-1~jammy_amd64.deb
RHEL 7.4+ / CentOS 7.4+ / Amazon Linux 2
  • app-protect-module-plus-31+5.17.0-1.el7.ngx.x86_64.rpm
RHEL 8.1+ / Oracle Linux 8.1+
  • app-protect-module-plus-31+5.17.0-1.el8.ngx.x86_64.rpm
RHEL 9+
  • app-protect-module-plus-31+5.17.0-1.el9.ngx.x86_64.rpm