What's New
Version 0.15.3
Released 2024-02-27
Fixed
- Correctly release pcre resources during Nginx module shutdown
Version 0.15.2
Released 2024-01-31
Added
- Telemetry command now sends information about OS, Linux distribution name, and Web server configuration
Version 0.15.1
Released 2024-01-31
Added
- Add "raw_url" field for all activities, which contains unparsed URL
- Add BlockedURL parameter to Captcha
Fixed
- Do not send a body response for HEAD requests
- Fix "compression_level" feature (users can now set a compressing level 1-9 for Async Activities)
Changed
- Update Captcha template
Version 0.15.0
Released 2023-10-27
Added
- Add px_url_decode_reserved_characters to decode reserved URL characters
- Add px_skip_module_variable_enabled configuration and $px_skip_module Nginx variable, this feature allows clients to dynamically disable Enforcer for individual requests.
Fixed
- Correctly set Enforcer endpoints for a custom FirstParty prefix.
Changed
- Removed px_skip_module configuration (now it is $px_skip_module Nginx variable)
Version 0.14.11
Released 2023-10-11
Added
- Add support for v1.9.0 "ingress-nginx"
- Add new configuration px_skip_module to use it with Nginx variables to conditionally enable/disable Enforcer.
- Add an option to postpone network initialization (needed by chroot)
Fixed
- Fix px_filter_by_domain regex initialization issue
- Improvements related to HAProxy module
Version 0.14.10
Released 2023-09-20
Fixed
- Issue with handling first party requests
Version 0.14.9
Released 2023-09-01
Added
- Header‐Based Logger
Fixed
- correctly handle POST requests
- improvements related to processing request data
Version 0.14.8
Released 2023-07-27
Added
- new configuration parameter: px_filter_by_domain
- implement upstream score header for Apache
Version 0.14.7
Released 2023-05-23
Added
- new configuration parameter: px_custom_first_party_sensor_endpoint
- new configuration parameter: px_skip_mod_by_envvar (Apache only)
Changed
- remove "Transfer-Encoding" header from XHR response
Version 0.14.6
Released 2023-05-15
Changed
- Support redirect for a custom block page sub-request
Version 0.14.5
Released 2023-05-09
Changed
- disable HTTP/2 for Enforcer communication
Version 0.14.4
Released 2023-05-04
Fixed
- JSON body detection for CI
Version 0.14.3
Released 2023-03-30
Added
- CI Multistep SSO
Version 0.14.2
Released 2023-03-16
Added
- new configuration parameter: px_send_page_requested_activity
Version 0.14.1
Released 2023-03-15
Added
- new configuration parameter: px_custom_cookie_header
Version 0.14.0
Released 2023-03-13
Added
- new configuration parameters: px_cookie_custom_parameters_decrypt and px_cookie_custom_parameters_decrypt_method to decrypt cookie field(-s) before sending via "custom_param"
- CORS support, new configuration parameters: px_cors_support_enabled and px_cors_preflight_request_filter_enabled
- support for compilation Apache on MacOS
- support for Rocky Linux 8
- new "Connectivity tool" to test customers' network bandwidth and network errors
Fixed
- race condition when accessing shared pbdk2 values from multiple threads
- send pxhd with page_requested/block activities
Changed
- improve Varnish Enforcer code
- improve support for Istio v1.12.2
Version 0.12.3
Released 2022-12-20
Added
- support for User Identifiers (JWT / pxcts)
- support for Enforcer traffic compression (px_compression_enabled)
Fixed
- extract GraphQL operation name with parameters
- extract GraphQL nested variables
Released 2022-10-13
- px_filter_by_extension and px_filter_by_http_method configurations
- Support of RPM packages build
- Always send VID with async activities
- IP address with port extraction from px_ip_headers
- Port the latest code to Windows OS
- Apache module order
- px_cookie_custom_parameters now accepts empty parameters
- Whitelist extensions only for GET requests
Released 2022-09-20
- memory usage improvements
Released 2022-09-08
- GraphQL support
- New configuration directives:
px_sensitive_routes_regex
px_sensitive_graphql_operation_types
px_sensitive_graphql_operation_names
px_graphql_routes - TLS information extraction for newer Apache versions
- Apache / Nginx / Envoy modules configuration code
- PX-interested POST body detection, cache POST body
- Initialization of old OpenSSL library versions
- Use of proxy password (if set) for all network activities
- TLS field names alignment for all activities
- Request header keys are always compared and stored in lower case
Released 2022-07-25
- new configuration directives:
px_login_successful_header_value_regex
px_login_successful_query_key
px_login_successful_query_value
- Default CI version (v2)
Released 2022-07-13
- New configuration directive px_block_page_template_file
Released 2022-07-06
- HUMAN Envoy module
- Moved the network code into a separate module
Released 2022-06-27
- Use of milliseconds to compare telemetry timestamps
Released 2022-06-15
- CI v2 support
- OpenSSL v3.0 support
- New CI configuration directives
- CI related fixes
- Alpine Linux compilation
- px_whitelist_uri_regex accepts a pair of regex and the HTTP method
- Switched to the new block page
- Moved the crypto-related code into a separate module
Released 2022-04-12
- Send JSON response, even if a redirect URL is set.
Released 2022-03-03
- Ability to Send CORs headers with the block page
- Proxy authorization
- px_monitor_by_cookie feature
- A compilation error in the recent Nginx versions
Released 2021-09-15
- px_proxy_userpwd feature: set [user name]:[password] to connect to the HTTP proxy
Released 2021-06-30
- PXDE features:
px_pxde_header_name
px_enable_pxde - px_cookie_custom_parameters feature
- CSP features:
px_code_defender_enabled
px_code_defender_update_sec - px_whitelist_uri_regex feature
- Switch to the new Nginx module configuration
Released 2021-03-11
- px_enablement_header_name feature
- Support of px_enforced_routes and px_monitored_routes
- login credentials extraction
- GO module
- Python module
- redirect issue for px_custom_block_url
- libpcre is a new required dependency
Released 2020-10-26
- incorrect base64 buffer size for SSL ciphers encoding
Released 2020-10-21
- Close beacon connection for 204 (no content) and 304 (not modified) responses
Released 2020-06-29
- Nginx event handling during async tasks
- PX module compilation for old distros
Released 2020-06-19
- Fix for Nginx internal redirects
Released 2020-06-15
- Added support for an empty body from the PX Collector.
- Disabled HTTP2 communication with PX servers for all modules.
Released 2020-05-18
- Caching of first party resources
- Varnish module
- Cowboy module
- Build scripts fixes and improvements
- Windows support
- JSON activity/riskAPI objects
- Refresh version naming scheme
Released 2020-05-25
- Send score header to an upstream
- Multiple PX Nginx module execution for a single request, if a request hits multiple locations
Released 2020-04-23
- Incorrect usage of the ngx_log_error() function
Released 2020-04-21
- New directive px_enabled_routes
Released 2020-04-14
- Support for Nginx "server" type module
Released 2020-03-31
- Support for Nginx variables expanding
Released 2020-03-26
- Support for Nginx server wide configuration
Released 2020-03-18
- Compatibility with Nginx ngx_http_rewrite_module
Released 2019-12-05
- Print dependencies versions (used in compilation and actually loaded)
- The custom parameters behavior - Values are now taken from a list of headers
- Handle SSL decryption errors
Released 2019-11-14
- SSL to RiskAPI connection information
- RiskAPI requests are not sent for high score requests with a PX cookie
- Read 304 response body
- Connections for blocked requests are not closed now
Released 2019-11-12
- Null s2s_call_reason
Released 2019-10-29
- Support of async request processing
- Ability to send JSON activities objects in bulk
- Builder script and build recipes
- HAProxy module
- Nginx module memory
- Use of keep alive connections to PX servers
Released 2019-09-18
- px_allowed_cookies feature - a list of cookies to send to PX
Released 2019-09-11
- Copying response headers to the Nginx memory
Released 2019-08-21
- Support of Nginx variables
- Set custom base_url / risk_api via configuration
Released 2019-07-01
- The firstPartyEnabled value to the captcha template
- Processing times report for a debug build
- The Nginx module crashing when a request with no headers is received
- Compilation on Alpine Linux
- Use of first_party_timeout_ms for a redirect timeout
- Lua and HAProxy modules update
Released 2019-06-17
- px_first_party_timeout configuration directive
Released 2019-06-05
- Pbdk2 crypto values caching
- Support of module activation via HTTP header
- Configuration parameters for cURL connection pools
- Cleanup resources on Nginx reload
- Removed callbacks based SWIG interface
Updated 12 days ago