Skip to content

Tags: suohd/SEnginx

Tags

v1.6.1-se

Toggle v1.6.1-se's commit message 
Release: SEnginx v1.6.1

Changes:

    *) Feature: upgrade to original nginx 1.7.4.

    *) Change: Replace current syslog support with nginx's original
               one.

    *) Bugfix: Issue NeusoftSecurity#20 on github, a segmentation fault in dynamic
               resolve functionality.

Signed-off-by: Paul Yang(InfoHunter) <[email protected]>

v1.6.0-se

Toggle v1.6.0-se's commit message 
Release: SEnginx v1.6.0

Changes:

    *) Feature: upgrade to original nginx 1.6.0.

    *) Feature: enhancement to dynamic resolve functionality.

    *) Feature: ngx_http_statistics module that supports
                monitoring traffic and attacks.

    *) Feature: add a demo html page to demonstrate
                ngx_http_statistics module, thanks to Yu Qing.

    *) Feature: upgrade Mod Security to 2.8.0.

    *) Bugfix: in cookie poisoning module.

Signed-off-by: paulyang <[email protected]>

v1.5.13-se

Toggle v1.5.13-se's commit message 
Release: SEnginx v1.5.13

Changes:

    *) Feature: support proxying to a client-verification enabled https
                server, and can also support server verification in proxy
                module.

    *) Feature: Lua language is integrated into SEnginx.

    *) Change: change the behavior when a DNS server is not responsible
               when doing upstream dynamic DNS query.

Signed-off-by: paulyang <[email protected]>

v1.5.12-se

Toggle v1.5.12-se's commit message 
Release: SEnginx v1.5.12

Changes:

    *) Feature: upgrade to original nginx 1.5.12, which fixes CVE-2014-0133 security problem.

    *) Feature: SEnginx supports OpenStack LBaaS now. Find more at:
                https://github.com/NeusoftSecurity/SEnginx-LBaaS-Driver

    *) Bugfix: In ngx_http_whitelist module, if resovler is not response/not reachable, nginx
               workers will hang up while reloading or shutting down due to socket leaks.

    *) Bugfix: Fix upstream checking issues when using tcp method.

    *) Bugfix: Segmentation fault may occur in ngx_http_neteye_security module.

Signed-off-by: paulyang <[email protected]>

v1.5.11-se

Toggle v1.5.11-se's commit message 
Release: SEnginx v1.5.11

Changes:

    *) Feature: upgrade to original nginx 1.5.11, which fixes
       CVE-2014-0088 security problem.

    *) Feature: global user-agent whitelist, with DNS reverse lookup
       mechanism.

    *) Feature: naxsi module supports global user-agent
       whitelist and ip whitelist.

    *) Feature: cookie poisoning module supports global
       user-agent whitelist and ip whitelist.

    *) Feature: web defacement module supports global
       user-agent whitelist and ip whitelist.

    *) Feature: robot mitigation module supports
       global user-agent whitelist and ip whitelist.

    *) Feature: ngx_cache_purge module is integrated.

    *) Bugfix: solve memory leaks in robot mitigation module.

Signed-off-by: paulyang <[email protected]>

v1.5.10-se

Toggle v1.5.10-se's commit message 
Release: SEnginx v1.5.10

Changes:

    Feature: upgrade to original nginx 1.5.10, which supports
             SPDY 3.1 protocol.

    Feature: IP behavior module. This module is used to detect
             users' access behavior to a web site, it's usually
             used with other security modules to block robots.

    Feature: Conditional limit_req module. Based on tengine's
             limit_req module, and add a new "condition" parameter.

    Feature: upstream check module, which supports 2 more load
             balancing algorithms:
             the fair algorithm and the fastest algorithm.

    Feature: support dynamic resolving domain names when proxy passing
             to an url or an upstream server pool.

    Feature: support sending access and error logs to local syslog
             daemon.

    Change: modify directive name in session persistence module:
            http_cookie is now changed to insert_cookie.

    Bugfix: solve the compile failure when macro OPENSSL_NO_TLSEXT
            is defined.

Signed-off-by: paulyang <[email protected]>

v1.5.9-se

Toggle v1.5.9-se's commit message 
Release: SEnginx v1.5.9

Changes:

    *) Feature: upgrade to original nginx 1.5.8.

    *) Feature: system command in ip blacklist, add two new directives:
                ip_blacklist_syscmd and ip_blacklist_mod.

    *) Change: optimize the performance of robot mitigation module.

    *) Change: modify the timeout of dns cache in robot mitigation to 5s.

Signed-off-by: paulyang <[email protected]>

v1.5.8-se

Toggle v1.5.8-se's commit message 
Release: SEnginx v1.5.8

Changes:

    *) Feature: upgrade to original nginx 1.5.7, which fixes
       CVE-2013-4547 security problem.

    *) Change: make monitor session persistence to a sub mode of
       insert cookie persistence.

    *) Bugfix: add Cache-Control: no-cache, no-store to robot
       challenge reponse, to avoid cache

    *) Bugfix: fix multipart/form-data problem in robot
       mitigation.

Signed-off-by: paulyang <[email protected]>

v1.5.7-se.1

Toggle v1.5.7-se.1's commit message 
Bugfix: change senginx version to 1.5.7

Signed-off-by: paulyang <[email protected]>

v1.5.7-se

Toggle v1.5.7-se's commit message 
Release: SEnginx v1.5.7

Changes:

    *) Feature: add session base persistence method.

    *) Feature: upgrade naxsi to version 0.5.3.

    *) Change: Delete "robot_mitigation_whitelist_any" directive.

    *) Bugfix: fix the bug in IP whitelist.

    *) Bugfix: fix the compilation problem of naxsi in 32-bit CentOS 6 environment.

    *) Bugfix: add "path" option to the cookie generated by "insert cookie persistence".

Signed-off-by: paulyang <[email protected]>