What is new in WAF node 2.18¶
Since version 2.16.0-8 of the WAF node Docker image, the environment variable
WALLARM_ACL_ENABLE passed to the NGINX-based Docker container only accepts the value
yes assigned to the variable
WALLARM_ACL_ENABLE disable the IP blocking functionality. We recommend deploying the latest image version as described in the instructions on running the Docker container and passing the value
false in this variable.
wallarm_attack_type_listin the extended WAF node logging format. Attack types detected in the request are saved in this variable in text format.
New method for setting up the blocking page and error code returned in the response to the blocked request. Now, to return different responses to requests originated from different devices and applications, you can use the variable as the value of the directives
New WAF node statistics parameter
startid. This parameter stores the randomly-generated unique ID of the WAF node.
Support of new Wallarm Ingress controller annotation
nginx.ingress.kubernetes.io/wallarm-acl-block-page. This annotation is used to set up the response to the request originated from a blocked IP address.
Decreased memory amount allocated for the postanalytics service in deployed WAF node cloud image by default.
In previous WAF node versions, the default memory amount allocated for Tarantool was 75% of the total instance memory. In the WAF node version 2.18, 40% of the total instance memory is allocated for Tarantool.
To update the WAF node, it is recommended to check the general recommendations for the process and follow the instructions for updating the installed modules: