Greeting Wallarm Node 2.0

We are thrilled to announce a new release of Wallarm Node™. It’s a brand-new version of the Wallarm filter instance (NGINX-based), with new features and a host of optimizations.

Significant refactoring has resulted in improved performance. Optimizations were made to provide sophisticated security checks with near-zero latency. This has been a critical request for our customers with massive-load applications.

The Wallarm Node 2.0™ release, introduces support for Websocket protocol. We believe Wallarm™ to be the very first web application firewall (WAF) with a full WebSocket support. We continue to address new threats for the modern web. Filter instance is now capable of detecting and blocking attack payloads within WebSockets protocol. Additional optimizations were done for popular WebSocket-based frameworks, such as: ASP.NET SignalR and Socket.io. To enable attack detection for WebSockets, you need to use wallarm_parse_websocket on directive in location section or apply it for the whole server in the NGINX configuration file.

Wallarm Node 2.0™ implements enhanced analysis of XML-based data to provide better protection for applications and APIs (SOAP, etc.). This change is especially valuable as we observe an increasing number of attacks targeting XXE vulnerabilities.

Wallarm Node 2.0™ is now even easier to configure. We eliminated a troublesome shm_size parameter which results in no longer needing to setup the size of the local blocking ruleset; everything is done automatically. We listen to our customers and we know how it bothered you before!

To upgrade to Wallarm Node™, just update your nginx-wallarm package with your Linux package manager or use the updated Docker container which is available at Docker Hub.