What is new in Wallarm node 4.4¶

The new minor version of the Wallarm node has been released! Wallarm node 4.4 has new features making attack mitigation even more powerful and usable including JWT strength check and double-validation of SQLi attacks.

Checking JSON Web Token strength¶

JSON Web Token (JWT) is a popular authentication standard used to exchange data between resources like APIs securely. JWT compromisation is a common aim of attackers as breaking authentication mechanisms provides them full access to web applications and APIs. The weaker JWTs, the higher chance for it to be compromised.

Starting from version 4.4, you can enable Wallarm to detect the following JWT weaknesses:

• Unencrypted JWTs

• JWTs signed using compromised secret keys

To enable, use the Weak JWT trigger.

Enhanced attack analysis with the libdetection library¶

Attack analysis performed by Wallarm has been enhanced by involving an additional attack validation layer. Wallarm node 4.4 and above are distributed with the libdetection library enabled by default. This library performs secondary fully grammar-based validation of all SQLi attacks reducing the number of false positives detected among SQL injections.

Details on how Wallarm detects attacks →

Supported installation options¶

• Added support for Ubuntu 22.04 LTS (jammy)

• Dropped support for Debian 10.x (buster) for Wallarm to be installed as the module for either NGINX stable or NGINX Plus

See the full list of supported installation options →

When upgrading node 3.6 and lower¶

If upgrading from the version 3.6 or lower, learn all changes from the separate list.

Which Wallarm nodes are recommended to be upgraded?¶

• Client and multi-tenant Wallarm nodes of version 4.x to stay up to date with Wallarm releases and prevent installed module deprecation.

• Client and multi-tenant Wallarm nodes of the unsupported versions (3.6 and lower). Changes available in Wallarm node 4.4 simplify the node configuration and improve traffic filtration. Please note that some settings of node 4.4 are incompatible with the nodes of older versions.

Upgrade process¶

1. Review recommendations for the module upgrade.

2. Upgrade installed modules following the instructions for your Wallarm node deployment option:

   • Module for NGINX, NGINX Plus
   • Docker container with the modules for NGINX or Envoy
   • NGINX Ingress controller with integrated Wallarm modules
   • Cloud node image
   • CDN node
   • Multi-tenant node

Other updates in Wallarm products and components →