Imunify360 Blog

Imunify Firewall Module v7.6 Released

Written by Ilya Kotelnikov | Nov 21, 2023 12:33:42 PM

We’re pleased to announce a new beta version of the Imunify360 Firewall module. Version 7.6 is now available!

The following feature is new in the v7.6 beta release:

  • Enhanced DOS Protection

 

Enhanced DOS Protection

 

The Enhanced DOS Protection feature forms an additional layer of protection, increasing the stability of servers facing DOS attacks. It takes a different approach than our existing DOS Protection feature, which focuses on monitoring the number of simultaneous connections. Enhanced DOS Protection, on the other hand, monitors the rate of requests originating from attacker IP addresses per unit of time.

The new feature works better against attacks based on short-lived connections and against attacks where the number of requests grows fast (hundreds of requests per second). As Enhanced DOS Protection monitors the number of requests in real-time, it reacts to the threats almost instantly, greylisting the detected IPs and redirecting their requests to the captcha challenge.

Standard DoS protection, in turn, will block attacks that use long-lived connections (e.g. Slowloris attacks), so these functions complement each other perfectly.

 

You can find all incidents related to the new feature in the incidents table by the description: 

“Denial of Service (DoS) attack was discovered from %IP%: %threshold% connections per %timeframe% seconds to %port% port”.

 

Activating and fine-tuning Enhanced DOS Protection

 

The feature is switched off by default. You can activate Enhanced DOS Protection in Imunify360 using the following CLI command:

imunify360-agent config update '{"ENHANCED_DOS":{"enabled":true}}'

The default timeframe (seconds) and threshold of request (number) canould be changed by the following CLI commands:

imunify360-agent config update '{"ENHANCED_DOS":{"timeframe":60}}'

imunify360-agent config update '{"ENHANCED_DOS":{"default_limit":500}}'

 

Request limits for different ports can be set separately, using the following CLI commands:

imunify360-agent config update '{"ENHANCED_DOS": {"port_limits": {"80": 150}}}'

 

We also recommend checking and configuring the CAPTCHA_DOS section of parameters to blacklist IPs after repetitive requests to the captcha.

 

Changelog

 

Please see the detailed description of the product changes we made in version 7.6 through our publicly available changelog for Imunify360.

 

How to install or update

 

To install the new Imunify360 v.7.6, follow the instructions in the documentation.


To upgrade to the new version, follow the instructions in the documentation.

 

Stay in touch

 

Please provide feedback to our product team on the new features. 

Share your ideas and feature requests through feedback@imunify360.com or via our feedback form.

If you encounter any problems with this release, please send a comment or request to our Imunify support team via the Support Portal.