What's New

Version 0.15.3

Released 2024-02-27

Fixed

  • Correctly release pcre resources during Nginx module shutdown

Version 0.15.2

Released 2024-01-31

Added

  • Telemetry command now sends information about OS, Linux distribution name, and Web server configuration

Version 0.15.1

Released 2024-01-31

Added

  • Add "raw_url" field for all activities, which contains unparsed URL
  • Add BlockedURL parameter to Captcha

Fixed

  • Do not send a body response for HEAD requests
  • Fix "compression_level" feature (users can now set a compressing level 1-9 for Async Activities)

Changed

  • Update Captcha template

Version 0.15.0

Released 2023-10-27

Added

  • Add px_url_decode_reserved_characters to decode reserved URL characters
  • Add px_skip_module_variable_enabled configuration and $px_skip_module Nginx variable, this feature allows clients to dynamically disable Enforcer for individual requests.

Fixed

  • Correctly set Enforcer endpoints for a custom FirstParty prefix.

Changed

  • Removed px_skip_module configuration (now it is $px_skip_module Nginx variable)

Version 0.14.11

Released 2023-10-11

Added

  • Add support for v1.9.0 "ingress-nginx"
  • Add new configuration px_skip_module to use it with Nginx variables to conditionally enable/disable Enforcer.
  • Add an option to postpone network initialization (needed by chroot)

Fixed

  • Fix px_filter_by_domain regex initialization issue
  • Improvements related to HAProxy module

Version 0.14.10

Released 2023-09-20

Fixed

  • Issue with handling first party requests

Version 0.14.9

Released 2023-09-01

Added

  • Header‐Based Logger

Fixed

  • correctly handle POST requests
  • improvements related to processing request data

Version 0.14.8

Released 2023-07-27

Added

  • new configuration parameter: px_filter_by_domain
  •  implement upstream score header for Apache

Version 0.14.7

Released 2023-05-23

Added

  • new configuration parameter: px_custom_first_party_sensor_endpoint
  • new configuration parameter: px_skip_mod_by_envvar (Apache only)

Changed

  • remove "Transfer-Encoding" header from XHR response

Version 0.14.6

Released 2023-05-15

Changed

  • Support redirect for a custom block page sub-request

Version 0.14.5

Released 2023-05-09

Changed

  • disable HTTP/2 for Enforcer communication

Version 0.14.4

Released 2023-05-04

Fixed

  • JSON body detection for CI

Version 0.14.3

Released 2023-03-30

Added

  • CI Multistep SSO

Version 0.14.2

Released 2023-03-16

Added

  • new configuration parameter: px_send_page_requested_activity

Version 0.14.1

Released 2023-03-15

Added

  • new configuration parameter: px_custom_cookie_header

Version 0.14.0

Released 2023-03-13

Added

  • new configuration parameters: px_cookie_custom_parameters_decrypt and px_cookie_custom_parameters_decrypt_method to decrypt cookie field(-s) before sending via "custom_param"
  • CORS support, new configuration parameters: px_cors_support_enabled and px_cors_preflight_request_filter_enabled
  • support for compilation Apache on MacOS
  • support for Rocky Linux 8
  • new "Connectivity tool" to test customers' network bandwidth and network errors

Fixed

  • race condition when accessing shared pbdk2 values from multiple threads
  • send pxhd with page_requested/block activities

Changed

  • improve Varnish Enforcer code
  • improve support for Istio v1.12.2

Version 0.12.3

Released 2022-12-20

Added

  • support for User Identifiers (JWT / pxcts)
  • support for Enforcer traffic compression (px_compression_enabled)

Fixed

  • extract GraphQL operation name with parameters
  • extract GraphQL nested variables

Version 0.12.2

Released 2022-10-13

Added

  • px_filter_by_extension and px_filter_by_http_method configurations
  • Support of RPM packages build

Fixed

  • Always send VID with async activities
  • IP address with port extraction from px_ip_headers
  • Port the latest code to Windows OS
  • Apache module order

Changed

  • px_cookie_custom_parameters now accepts empty parameters
  • Whitelist extensions only for GET requests

Version 0.12.1

Released 2022-09-20

Fixed

  • memory usage improvements

Version 0.12.0

Released 2022-09-08

Added

  • GraphQL support
  • New configuration directives:
    px_sensitive_routes_regex
    px_sensitive_graphql_operation_types
    px_sensitive_graphql_operation_names
    px_graphql_routes
  • TLS information extraction for newer Apache versions

Fixed

  • Apache / Nginx / Envoy modules configuration code
  • PX-interested POST body detection, cache POST body
  • Initialization of old OpenSSL library versions
  • Use of proxy password (if set) for all network activities

Changed

  • TLS field names alignment for all activities
  • Request header keys are always compared and stored in lower case

Version 0.11.2

Released 2022-07-25

Added

  • new configuration directives:
    px_login_successful_header_value_regex
    px_login_successful_query_key
    px_login_successful_query_value

Fixed

  • Default CI version (v2)

Version 0.11.1

Released 2022-07-13

Added

  • New configuration directive px_block_page_template_file

Version 0.11.0

Released 2022-07-06

Added

  • HUMAN Envoy module

Changed

  • Moved the network code into a separate module

Version 0.10.6

Released 2022-06-27

Fixed

  • Use of milliseconds to compare telemetry timestamps

Version 0.10.5

Released 2022-06-15

Added

  • CI v2 support
  • OpenSSL v3.0 support
  • New CI configuration directives

Fixed

  • CI related fixes
  • Alpine Linux compilation

Changed

  • px_whitelist_uri_regex accepts a pair of regex and the HTTP method
  • Switched to the new block page
  • Moved the crypto-related code into a separate module

Version 0.10.4

Released 2022-04-12

Fixed

  • Send JSON response, even if a redirect URL is set.

Version 0.10.3

Released 2022-03-03

Added

  • Ability to Send CORs headers with the block page
  • Proxy authorization
  • px_monitor_by_cookie feature

Fixed

  • A compilation error in the recent Nginx versions

Version 0.10.2

Released 2021-09-15

Added

  • px_proxy_userpwd feature: set [user name]:[password] to connect to the HTTP proxy

Version 0.10.1

Released 2021-06-30

Added

  • PXDE features:
    px_pxde_header_name
    px_enable_pxde
  • px_cookie_custom_parameters feature
  • CSP features:
    px_code_defender_enabled
    px_code_defender_update_sec
  • px_whitelist_uri_regex feature

Changed

  • Switch to the new Nginx module configuration

Version 0.10.0

Released 2021-03-11

Added

  • px_enablement_header_name feature
  • Support of px_enforced_routes and px_monitored_routes
  • login credentials extraction
  • GO module
  • Python module

Fixed

  • redirect issue for px_custom_block_url

Changed

  • libpcre is a new required dependency

Version 0.9.5

Released 2020-10-26

Fixed

  • incorrect base64 buffer size for SSL ciphers encoding

Version 0.9.4

Released 2020-10-21

Fixed

  • Close beacon connection for 204 (no content) and 304 (not modified) responses

Version 0.9.3

Released 2020-06-29

Fixed

  • Nginx event handling during async tasks
  • PX module compilation for old distros

Version 0.9.2

Released 2020-06-19

Fixed

  • Fix for Nginx internal redirects

Version 0.9.1

Released 2020-06-15

Changed

  • Added support for an empty body from the PX Collector.
  • Disabled HTTP2 communication with PX servers for all modules.

Version 0.9.0

Released 2020-05-18

Added

  • Caching of first party resources
  • Varnish module
  • Cowboy module

Fixed

  • Build scripts fixes and improvements
  • Windows support

Changed

  • JSON activity/riskAPI objects
  • Refresh version naming scheme

Version 0.8.10

Released 2020-05-25

Added

  • Send score header to an upstream

Fixed

  • Multiple PX Nginx module execution for a single request, if a request hits multiple locations

Version 0.8.9

Released 2020-04-23

Fixed

  • Incorrect usage of the ngx_log_error() function

Version 0.8.8

Released 2020-04-21

Added

  • New directive px_enabled_routes

Version 0.8.7

Released 2020-04-14

Added

  • Support for Nginx "server" type module

Version 0.8.6

Released 2020-03-31

Added

  • Support for Nginx variables expanding

Version 0.8.5

Released 2020-03-26

Added

  • Support for Nginx server wide configuration

Version 0.8.4

Released 2020-03-18

Fixed

  • Compatibility with Nginx ngx_http_rewrite_module

Version 0.8.3

Released 2019-12-05

Added

  • Print dependencies versions (used in compilation and actually loaded)

Changed

  • The custom parameters behavior - Values are now taken from a list of headers

Fixed

  • Handle SSL decryption errors

Version 0.8.2

Released 2019-11-14

Added

  • SSL to RiskAPI connection information

Fixed

  • RiskAPI requests are not sent for high score requests with a PX cookie
  • Read 304 response body

Changed

  • Connections for blocked requests are not closed now

Version 0.8.1

Released 2019-11-12

Fixed

  • Null s2s_call_reason

Version 0.8.0

Released 2019-10-29

Added

  • Support of async request processing
  • Ability to send JSON activities objects in bulk
  • Builder script and build recipes

Fixed

  • HAProxy module
  • Nginx module memory

Changed

  • Use of keep alive connections to PX servers

Version 0.7.5

Released 2019-09-18

Added

  • px_allowed_cookies feature - a list of cookies to send to PX

Version 0.7.4

Released 2019-09-11

Fixed

  • Copying response headers to the Nginx memory

Version 0.7.3

Released 2019-08-21

Added

  • Support of Nginx variables

Fixed

  • Set custom base_url / risk_api via configuration

Version 0.7.2

Released 2019-07-01

Added

  • The firstPartyEnabled value to the captcha template
  • Processing times report for a debug build

Fixed

  • The Nginx module crashing when a request with no headers is received
  • Compilation on Alpine Linux

Changed

  • Use of first_party_timeout_ms for a redirect timeout
  • Lua and HAProxy modules update

Version 0.7.1

Released 2019-06-17

Added

  • px_first_party_timeout configuration directive

Version 0.7.0

Released 2019-06-05

Added

  • Pbdk2 crypto values caching
  • Support of module activation via HTTP header
  • Configuration parameters for cURL connection pools

Fixed

  • Cleanup resources on Nginx reload

Changed

  • Removed callbacks based SWIG interface