Skip to content

Releases: aaPanel/BT-WAF

BT-WAF v5.3

04 Mar 01:16
@weaweawe01 weaweawe01
5.3
0505a9f
Compare
Choose a tag to compare
BT-WAF v5.3 Latest
Latest

**2025-02-24 V5.3 **

[Add] Batch renewal of SSl certificates

[Add] Add SSL certificate automatic renewal upon expiration (certificates less than 20 days will be automatically triggered)

[Add] Homepage adds spider crawling details

[Fix] Fix SQL injection engine false positive

Subsequent update plan:

  1. Fix the issue where forced HTTPS cannot be automatically enabled due to renewal
  2. Increase LRU cache to accelerate research and judgment speed
  3. Add URL statistics list display
  4. Add attack alarm function, renewal alarm, etc
    Coming soon


2025-02-24 V5.3 正式版本

【增加】增加SSl证书批量续签

【增加】增加ssl证书快到期自动续签(小于20天的证书自动触发)

【增加】首页增加蜘蛛爬取详情

【修复】修复SQL注入引擎误报

后续更新计划:
1.修复续签导致强制HTTPS不能自动开启的问题
2.增加LRU缓存加速研判速度
3.增加URL统计列表展示
4.增加攻击告警功能、续签告警等
敬请期待



Assets 3
Loading

BT-WAF v3.8

26 Feb 09:33
@aaPanel aaPanel
3.8
fc72eeb
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
BT-WAF v3.8

【新增】网站弱密码检测
【新增】未添加IP为网站时默认返回403
【新增】规则配置向导-可视化按流量传送阶段配置规则
【优化】命令执行拦截功能优化并设为默认开启
【优化】删除极少用到真实IP传递请求头,减少开销增加识别率
【优化】增强内部请求安全性

Loading

BT-WAF v3.1

22 Jan 10:10
@aaPanel aaPanel
3.1
3246e8a
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
BT-WAF v3.1

【新增】添加网站 - 增加通配【*】所有域名支持
【新增】回源配置 - 回源域名解析巡检
【新增】访问域名不存在时,显示网站不存在页面
【修复】卸载重装后绑定账号不会自动恢复授权的BUG
【修复】已知BUG

Loading

BT-WAF v2.9

03 Jan 08:23
@aaPanel aaPanel
2.9
3246e8a
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
BT-WAF v2.9

堡塔云WAF v2.9 已经发布,更新内容如下:

【新增】网站日志 - [日志管理]/[清空日志]
【新增】拦截日志 - 规则命中记录 - [设置记录类型]
【修复】已知BUG

Loading

BT-WAF v2.8

29 Dec 01:28
@aaPanel aaPanel
2.8
3246e8a
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
BT-WAF v2.8

堡塔云WAF v2.8 已经发布,更新内容如下:

【新增】[网站配置] - 新增常用参数配置
【新增】[网站列表] -[禁止中国境外地区访问]
【优化】文件大小上传
【优化】XSS引擎拦截
【优化】文件上传检测引擎拦截
【优化】允许用户设置[服务器]在[攻击地图]中的[所在地]
【修复】[网站配置] - 全局规则不会自动继承到新建网站
【修复】网站已有证书时再保存报错
【修复】网站加速在开启了gzip压缩的场景下文本乱码的BUG
【修复】规则命中记录会记录127.0.0.1的问题
【修复】已知BUG

Loading

BT-WAF v2.7

21 Dec 02:04
@aaPanel aaPanel
2.7
3246e8a
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
BT-WAF v2.7

堡塔云WAF v2.7 已经发布,更新内容如下:

【新增】攻击大屏
【新增】 [自定义规则] - [自定义cc防御] -- 人机验证
【修复】系统流量不刷新问题
【优化】基础CC拦截效果大幅度提升
【修复】已知BUG

Loading

BT-WAF v2.6

14 Dec 06:55
@aaPanel aaPanel
2.6
974a1ae
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
BT-WAF v2.6

堡塔云WAF v2.6 已经发布,更新内容如下:

【调整】更新WAF程序使用的IP库
【修复】控制台异常崩溃问题
【修复】XSS误拦截问题
【优化】提升控制台WEB服务性能
【修复】已知BUG

Loading

BT-WAF v2.5

08 Dec 01:59
@aaPanel aaPanel
2.5
974a1ae
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
BT-WAF v2.5

堡塔云WAF v2.5 已经发布,更新内容如下:

【新增】[网站配置]响应内容关键字替换
【新增】[概览页]系统流量监控图表
【新增】[添加网站]兼容同一域名多端口添加
【新增】[添加网站]端口占用检测--仅检测waf端口转发占用的端口
【新增】[自定义规则]新增user-agent、referer匹配条件
【新增】[自定义规则] - [自定义cc防御]
【新增】开启CDN后自动获取真实客户端IP并写入访问日志
【修复】docker崩溃生成coredump导致磁盘空间不足的问题
【修复】waf端在某些场景下CPU跑满的BUG
【修复】[ssl证书]证书配置部署状态
【优化】[添加网站]回源地址输入交互

Loading

BT-WAF v2.2

27 Nov 10:26
@aaPanel aaPanel
2.2
9fd2a5f
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
BT-WAF v2.2

注意:
本次升级将升级 cloudwaf_nginx 容器版本为 nginx-openresty/1.21.4.3 ,修复NGINX HTTP/2处理中的安全漏洞(C-2023-4487)
建议使用ssh工具登录服务器执行:btw 17 命令进行升级。
升级过程中网站无法访问,建议在用户访问量少时升级,预计需要 1-2 分钟。
【新增】IP组(可用功能:IP黑白名单、人机验证)
【优化】访问地图 可查看今天、昨天、近7天、近30天
【优化】[网站列表]添加网站时进行端口检测
【优化】[WAF]基础函数执行效率
【修复】[网站加速]命中率大于100%的问题
【修复】[WAF]CPU与内存占用异常过高的问题
【修复】[规则命中记录]列表获取失败问题

Loading

BT-WAF v2.1

16 Nov 01:30
@aaPanel aaPanel
2.1
92bab2c
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
BT-WAF v2.1

【新增】端口转发
【新增】网站设置-模拟攻击
【新增】网站设置-文件路径保护-网站后台入口保护
【新增】网站加速
【新增】设置--自定义LOGO与拦截页面功能
【新增】地区限制--“中国(包括[中国特别行政区:港,澳,台])”常用选项
【新增】编辑、删除回源节点时检测http协议并更新
【新增】网站设置增加一键恢复默认防护配置
【新增】页面左上角新增【需求反馈】提交功能
【优化】网站列表 - 网站日志显示
【优化】WAF性能
【优化】语义分析引擎
【优化】调整防护描述
【优化】【回源负载均衡】调整为公测状态,所有用户都可以使用
【兼容】ARM架构
【修复】添加域名时加入特殊端口无法开启证书BUG
【修复】WAF程序误拦截BUG
【修复】拦截日志 -- 规则命中记录状态显示错误

Loading