What is new in Wallarm node 2.18¶
Breaking change¶
Since version 2.16.0-8 of the Wallarm node Docker image, the environment variable WALLARM_ACL_ENABLE
passed to the NGINX-based Docker container only accepts the value true
or false
.
Values on
/ enabled
/ ok
/ yes
The values on
/ enabled
/ ok
/ yes
assigned to the variable WALLARM_ACL_ENABLE
disable the IP blocking functionality. We recommend deploying the latest image version as described in the instructions on running the Docker container and passing the value true
or false
in this variable.
Changes in supported installation platforms¶
- Added Ubuntu 20.04 LTS (focal) support
See the full list of supported platforms →
New features¶
-
New variable
wallarm_attack_type_list
in the extended Wallarm node logging format. Attack types detected in the request are saved in this variable in text format. -
New method for setting up the blocking page and error code returned in the response to the blocked request. Now, to return different responses to requests originated from different devices and applications, you can use the variable as the value of the directives
wallarm_block_page
andwallarm_acl_block_page
.Detailed instructions on setting up the response via the variable →
-
New filtering node statistics parameter
startid
. This parameter stores the randomly-generated unique ID of the filtering node. -
Support of new Wallarm Ingress controller annotation
nginx.ingress.kubernetes.io/wallarm-acl-block-page
. This annotation is used to set up the response to the request originated from a blocked IP address.Example of response configuration via
nginx.ingress.kubernetes.io/wallarm-acl-block-page
→ -
Decreased memory amount allocated for the postanalytics service in deployed Wallarm node cloud image by default.
In previous Wallarm node versions, the default memory amount allocated for Tarantool was 75% of the total instance memory. In the filtering node version 2.18, 40% of the total instance memory is allocated for Tarantool.
Update process¶
To update the filtering node, it is recommended to check the general recommendations for the process and follow the instructions for updating the installed modules:
-
Updating the Docker container with the modules for NGINX or Envoy
-
Updating NGINX Ingress controller with integrated Wallarm modules