Imunify Firewall Module v7.6 Released
We’re pleased to announce a new beta version of the Imunify360 Firewall module. Version 7.6 is now available!
The following feature is new in the v7.6 beta release:
- Enhanced DOS Protection
Enhanced DOS Protection
The Enhanced DOS Protection feature forms an additional layer of protection, increasing the stability of servers facing DOS attacks. It takes a different approach than our existing DOS Protection feature, which focuses on monitoring the number of simultaneous connections. Enhanced DOS Protection, on the other hand, monitors the rate of requests originating from attacker IP addresses per unit of time.
The new feature works better against attacks based on short-lived connections and against attacks where the number of requests grows fast (hundreds of requests per second). As Enhanced DOS Protection monitors the number of requests in real-time, it reacts to the threats almost instantly, greylisting the detected IPs and redirecting their requests to the captcha challenge.
Standard DoS protection, in turn, will block attacks that use long-lived connections (e.g. Slowloris attacks), so these functions complement each other perfectly.
You can find all incidents related to the new feature in the incidents table by the description:
“Denial of Service (DoS) attack was discovered from %IP%: %threshold% connections per %timeframe% seconds to %port% port”.
Activating and fine-tuning Enhanced DOS Protection
The feature is switched off by default. You can activate Enhanced DOS Protection in Imunify360 using the following CLI command:
imunify360-agent config update '{"ENHANCED_DOS":{"enabled":true}}'
The default timeframe (seconds) and threshold of request (number) canould be changed by the following CLI commands:
imunify360-agent config update '{"ENHANCED_DOS":{"timeframe":60}}'
imunify360-agent config update '{"ENHANCED_DOS":{"default_limit":500}}'
Request limits for different ports can be set separately, using the following CLI commands:
imunify360-agent config update '{"ENHANCED_DOS": {"port_limits": {"80": 150}}}'
We also recommend checking and configuring the CAPTCHA_DOS section of parameters to blacklist IPs after repetitive requests to the captcha.
Changelog
Please see the detailed description of the product changes we made in version 7.6 through our publicly available changelog for Imunify360.
How to install or update
To install the new Imunify360 v.7.6, follow the instructions in the documentation.
To upgrade to the new version, follow the instructions in the documentation.
Stay in touch
Please provide feedback to our product team on the new features.
Share your ideas and feature requests through feedback@imunify360.com or via our feedback form.
If you encounter any problems with this release, please send a comment or request to our Imunify support team via the Support Portal.