204 lines
40 KiB
ReStructuredText
204 lines
40 KiB
ReStructuredText
:original_name: waf_06_0026.html
|
|
|
|
.. _waf_06_0026:
|
|
|
|
Change History
|
|
==============
|
|
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| Released On | Description |
|
|
+===================================+=======================================================================================================================================================================+
|
|
| 2023-06-07 | This issue is the forty-second official release. |
|
|
| | |
|
|
| | Modified :ref:`Upgrading Dedicated WAF Instances <waf_06_0027>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2023-06-02 | This issue is the forty-first official release. |
|
|
| | |
|
|
| | Modified :ref:`Configuring an Access Control Policy on an ECS or ELB to Protect Origin Servers <waf_06_0013>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2023-03-03 | This issue is the fortieth official release. |
|
|
| | |
|
|
| | Modified the following content: |
|
|
| | |
|
|
| | - :ref:`Combining WAF and Layer-7 Load Balancers to Protect Services over Any Ports <waf_06_0038>` |
|
|
| | - :ref:`Combining WAF and HSS to Get Improved Web Tamper Protection <waf_06_0119>` |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2022-10-25 | This is the thirty-ninth official release. |
|
|
| | |
|
|
| | Modified the following topics: |
|
|
| | |
|
|
| | :ref:`Upgrading Dedicated WAF Instances <waf_06_0027>` |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2022-09-30 | This issue is the thirty-eighth official release. |
|
|
| | |
|
|
| | Added :ref:`Combining WAF and Layer-7 Load Balancers to Protect Services over Any Ports <waf_06_0038>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2022-08-11 | This issue is the thirty-seventh official release. |
|
|
| | |
|
|
| | Added the following content: |
|
|
| | |
|
|
| | - :ref:`Restricting Malicious Requests in Promotions by Using Cookies and HWWAFSESID <waf_06_0031>` |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2022-07-26 | This issue is the thirty-sixth official release. |
|
|
| | |
|
|
| | Modified :ref:`Combining WAF and HSS to Get Improved Web Tamper Protection <waf_06_0119>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2022-07-06 | This issue is the thirty-fifth official release. |
|
|
| | |
|
|
| | Released the function for counting requests to all WAF instances. Modified the following topics: |
|
|
| | |
|
|
| | - :ref:`Configuring CC Attack Protection <waf_06_0001>` |
|
|
| | - :ref:`Combining CDN and WAF to Get Improved Protection and Load Speed <waf_06_0022>` |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2022-07-04 | This issue is the thirty-fourth official release. |
|
|
| | |
|
|
| | Released the global protection whitelist function. Modified the following topics: |
|
|
| | |
|
|
| | - :ref:`Handling False Alarms to Get Improved Basic Web Protection <waf_06_0015>` |
|
|
| | - :ref:`Apache Dubbo Deserialization Vulnerability <waf_06_0024>` |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2022-05-23 | This issue is the thirty-third official release. |
|
|
| | |
|
|
| | - Added :ref:`Combining WAF and HSS to Get Improved Web Tamper Protection <waf_06_0119>`. |
|
|
| | - Modified :ref:`Obtaining Real Client IP Addresses <waf_06_0020>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2022-05-05 | This issue is the thirty-second official release. |
|
|
| | |
|
|
| | Added constraints in :ref:`Obtaining Real Client IP Addresses <waf_06_0020>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2022-04-19 | This issue is the thirty-first official release. |
|
|
| | |
|
|
| | Added the following content: |
|
|
| | |
|
|
| | - :ref:`Using LTS to Analyze How WAF Blocks Spring Core RCE Vulnerability in Real Time <waf_06_0037>` |
|
|
| | - :ref:`Using LTS to Configure Block Alarms for WAF Rules <waf_06_0036>` |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2022-04-01 | This issue is the thirtieth official release. |
|
|
| | |
|
|
| | Added :ref:`Java Spring Framework Remote Code Execution Vulnerability <waf_06_0035>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2022-03-29 | This is the twenty-ninth official release. |
|
|
| | |
|
|
| | Added descriptions of some parameters in :ref:`Preparations <waf_06_0017>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2022-02-11 | This issue is the twenty-eighth official release. |
|
|
| | |
|
|
| | Added the method of obtaining the origin server IP address when Apache 2.4 or later is used in :ref:`Obtaining Real Client IP Addresses <waf_06_0020>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2021-12-22 | This issue is the twenty-seventh official release. |
|
|
| | |
|
|
| | - Added :ref:`Using LTS to Quickly Query and Analyze WAF Access Logs <waf_06_0028>`. |
|
|
| | - Optimized descriptions in :ref:`Configuring the Minimum TLS Version and Cipher Suite to Better Secure Connections <waf_06_0012>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2021-08-19 | This issue is the twenty-sixth official release. |
|
|
| | |
|
|
| | Updated some screenshots in :ref:`Combining CDN and WAF to Get Improved Protection and Load Speed <waf_06_0022>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2021-07-20 | This issue is the twenty-fifth official release. |
|
|
| | |
|
|
| | Modified the entry to the management console. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2021-06-15 | This issue is the twenty-fourth official release. |
|
|
| | |
|
|
| | Optimized descriptions in :ref:`Combining CDN and WAF to Get Improved Protection and Load Speed <waf_06_0022>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2020-04-02 | This issue is the twenty-third official release. |
|
|
| | |
|
|
| | Updated some screenshots. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2020-02-27 | This issue is the twenty-second official release. |
|
|
| | |
|
|
| | Updated screenshots and descriptions in :ref:`Handling False Alarms to Get Improved Basic Web Protection <waf_06_0015>` |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2020-02-14 | This issue is the twenty-first official release. |
|
|
| | |
|
|
| | Added section :ref:`Apache Dubbo Deserialization Vulnerability <waf_06_0024>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2020-01-03 | This issue is the twentieth official release. |
|
|
| | |
|
|
| | Modified the title in :ref:`Obtaining Real Client IP Addresses <waf_06_0020>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2019-12-19 | This issue is the nineteen official release. |
|
|
| | |
|
|
| | - Added the method for the IIS server to obtain the real IP address of a visitor in :ref:`Handling False Alarms to Get Improved Basic Web Protection <waf_06_0015>`. |
|
|
| | - Optimized descriptions in :ref:`Combining CDN and WAF to Get Improved Protection and Load Speed <waf_06_0022>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2019-12-16 | This is the eighteenth official release. |
|
|
| | |
|
|
| | - Modified the domain name of Huawei Cloud international website. |
|
|
| | - Updated the operation entry figure. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2019-12-05 | This issue is the seventeenth official release. |
|
|
| | |
|
|
| | Optimized descriptions in :ref:`Obtaining Real Client IP Addresses <waf_06_0020>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2019-10-21 | This issue is the sixteenth official release. |
|
|
| | |
|
|
| | - Optimized descriptions in :ref:`Configuring the Minimum TLS Version and Cipher Suite to Better Secure Connections <waf_06_0012>`. |
|
|
| | - Optimized the description in :ref:`CC Attack Defense <waf_06_0002>` |
|
|
| | - Optimized descriptions in :ref:`Handling False Alarms to Get Improved Basic Web Protection <waf_06_0015>`. |
|
|
| | - Optimized descriptions in :ref:`Combining CDN and WAF to Get Improved Protection and Load Speed <waf_06_0022>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2019-09-06 | This issue is the fifteenth official release. |
|
|
| | |
|
|
| | Added section :ref:`DoS Vulnerability in the Open-Source Component Fastjson <waf_06_0023>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2019-09-04 | This issue is the fourteenth official release. |
|
|
| | |
|
|
| | Optimized descriptions in :ref:`Connecting a Domain Name to WAF for Websites with no Proxy Used <waf_06_0018>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2019-08-30 | This issue is the thirteenth official release. |
|
|
| | |
|
|
| | Optimized descriptions in :ref:`Combining CDN and WAF to Get Improved Protection and Load Speed <waf_06_0022>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2019-08-27 | This issue is the twelfth official release. |
|
|
| | |
|
|
| | Optimized descriptions in :ref:`Configuring Anti-Crawler Rules to Prevent Crawler Attacks <waf_06_0006>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2019-08-01 | This issue is the eleventh official release. |
|
|
| | |
|
|
| | Added section :ref:`Combining CDN and WAF to Get Improved Protection and Load Speed <waf_06_0022>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2019-07-12 | This issue is the tenth official release. |
|
|
| | |
|
|
| | Added section :ref:`Remote Code Execution Vulnerability of Fastjson <waf_06_0021>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2019-06-21 | This issue is the ninth official release. |
|
|
| | |
|
|
| | Added section :ref:`Obtaining Real Client IP Addresses <waf_06_0020>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2019-06-04 | This issue is the eighth official release. |
|
|
| | |
|
|
| | - Added section :ref:`Handling False Alarms to Get Improved Basic Web Protection <waf_06_0015>`. |
|
|
| | - Added section :ref:`Domain Setup <waf_06_0017>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2019-05-16 | This issue is the seventh official release. |
|
|
| | |
|
|
| | - Added section :ref:`Configuring an Access Control Policy on an ECS or ELB to Protect Origin Servers <waf_06_0013>`. |
|
|
| | - Added section :ref:`Configuring Basic Web Protection <waf_06_0014>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2019-05-05 | This issue is the sixth official release. |
|
|
| | |
|
|
| | Optimized descriptions in :ref:`Configuring the Minimum TLS Version and Cipher Suite to Better Secure Connections <waf_06_0012>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2019-04-28 | This issue is the fifth official release. |
|
|
| | |
|
|
| | Added :ref:`Configuring the Minimum TLS Version and Cipher Suite to Better Secure Connections <waf_06_0012>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2019-04-23 | This issue is the fourth official release. |
|
|
| | |
|
|
| | - Added section :ref:`Oracle WebLogic wls9-async Deserialization Remote Command Execution Vulnerability (CNVD-C-2019-48814) <waf_06_0008>`. |
|
|
| | - Optimized the description in :ref:`CC Attack Defense <waf_06_0002>` |
|
|
| | - Optimized descriptions in :ref:`Configuring Anti-Crawler Rules to Prevent Crawler Attacks <waf_06_0006>`. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2018-11-08 | This is the third official release. |
|
|
| | |
|
|
| | Optimized some descriptions. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2018-10-15 | This is the second official release. |
|
|
| | |
|
|
| | Updated screenshots and descriptions. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| 2018-05-11 | This is the first official release. |
|
|
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|