NGINX App Protect WAF 1.0
May 19, 2020
- OWASP Top 10 based attack signatures & CVEs
- Metacharacter checking
- HTTP protocol compliance
- Evasion techniques
- Disallowed file types (bin, cgi, cmd, com, dll, exe, msi, sys, shtm, shtml, stm & more)
- Enforcement based on risk score (Violation Rating)
- Cookie integrity check
- JSON & XML well-formedness
- Sensitive parameters & Data Guard
- gRPC protocol support
- CentOS 7.4+ (64bit)
- Debian 9 (64bit)
NGINX Plus R19 and later
- app-protect_19+2.52.1-1~stretch_amd64.deb
- app-protect_20+2.52.1-1~stretch_amd64.deb
- app-protect_21+2.52.1-1~stretch_amd64.deb
- app-protect-19+2.52.1-1.el7.ngx.x86_64.rpm
- app-protect-20+2.52.1-1.el7.ngx.x86_64.rpm
- app-protect-21+2.52.1-1.el7.ngx.x86_64.rpm
- from app-protect-attack-signatures_2019.07.16-1~stretch_amd64.deb (original installed, to allow downgrade)
- from app-protect-attack-signatures-2019.07.16-1.el7.ngx.x86_64.rpm (original installed, to allow downgrade)
The time stamps in the NGINX and NGINX App Protect WAF log messages are presented in the local time zone of your machine. If you would like to see this in a different time zone, for example UTC, you must change the local time zone. On most systems this can be done using the command:
sudo datetimectl set-timezone Etc/UTCFor other options to change the timezone see your system manual.
The proxy_pass directive must always be used.
proxy_request_buffering off is not supported.