Release Notes
Releases
1.2242.1-rc1
2022-10-25
initial open-source release
Limitations
We are constantly working on resolving the limitations listed here and adding enhanced functionality.
Declarative Management:
All environments:
Exceptions: only the operator "=" is supported.
General:
Log Trigger Response body: In the log trigger setting "Response body" to true can affect traffic.
SELinux: open-appsec Linux servers: SELinux in “Enforced” mode is not supported. When SELinux is used in “Enforced” mode on the machine running the reverse proxy server and the agent, deployment of the agent might fail during registration. SELinux in “Enforced” mode, blocks the registration attempt.
Country-based Exception rules: When configuring exceptions in Asset edit->Exceptions Tab, an exception rule using the keys Country Name or Country Code cannot be defined with additional conditions based on other keys in the same exception.
There’s an implicit OR logic between different exception rules, so it is possible to define different exception rules, some using country code/name, and others using other keys.
Source Ip Exception rules: When configuring exceptions in Asset edit->Exceptions Tab, an exception rule using the key Source IP cannot be defined with additional conditions based on other keys in the same exception.
There’s an implicit OR logic between different exception rules, so it is possible to define different exception rules, some using Source IP and others using other keys.
Parameter Name / Value Exceptions rules: Drop Rules With Parameter Name and / or Parameter Value are not supported.
Country-based Exception rules: are only supported in managed tenants (Declarative / Management)
Containerized agents running version 1.1.9 or earlier cannot be upgraded directly to version 1.1.21 or newer
As a best practice, we recommend periodically upgrading the agent container to ensure you have the latest software updates.
SaaS Management (WebUI):
Creating a second tenant using the same email address is not supported (the user can be added to another tenant with another main email address as an additional user)
WildCard asset: you can only have a single asset using wildcard resource for each HTTP as well as HTTPS (e.g.: http://* and https://* ) per tenant. This will be resolved soon.
Social log-in: Adding Google or GitHub users as additional users to a tenant is not supported (use regular users with email addresses instead)
Different Log Trigger, user response and exceptions per Practice:
Currently, this behavior is unsupported. The configuration the Web Attacks practice will apply to all other security practices.
Platform support:
Temporarily Fedora is not supported for Linux-embedded installations (consider using Docker-based deployment instead)
Ambassador support is not available yet
Last updated
Was this helpful?