Walter.Web.FireWall
2023.3.22.1456
Prefix Reserved
See the version list below for details.
dotnet add package Walter.Web.FireWall --version 2023.3.22.1456
NuGet\Install-Package Walter.Web.FireWall -Version 2023.3.22.1456
<PackageReference Include="Walter.Web.FireWall" Version="2023.3.22.1456" />
paket add Walter.Web.FireWall --version 2023.3.22.1456
#r "nuget: Walter.Web.FireWall, 2023.3.22.1456"
// Install Walter.Web.FireWall as a Cake Addin #addin nuget:?package=Walter.Web.FireWall&version=2023.3.22.1456 // Install Walter.Web.FireWall as a Cake Tool #tool nuget:?package=Walter.Web.FireWall&version=2023.3.22.1456
How to get started
This package allows you to protect your firewall using annotations and pre-specified rules. A full getting started document is available at www.asp-waf.com in form of a PDF, compiled help
Unsupported You can't deploy the firewall as an embedded dll in a single file deployment as the firewall will validate the code signing certificate of the assembly. Make sure that you exclude Walter.Web.Firewall.dll from your deploy, for help see the documentation
Get started
The bellow sample shows how you integrate and enable the firewall in your project.
services.AddFireWall(FireWallTrail.License, FireWallTrail.DomainKey
, domainName: new Uri("https://www.your-domain.com", UriKind.Absolute)
, options =>
{
//generate access specify to generate a .connect file that can be used with the remote desktop management software (open source)
options.Administration.GenerateConnectFile = true;
options.Administration.DisplayName = "Local Honey Pot";
//white list IP addresses,and block all other or leave blank to allow all IP will accept single IP, IP with CIDR, or IP with subnet mask
//options.Administration.WhiteList("84.195.151.208", "81.206.151.236", "10.0.0.1-255.255.255.0");
options.Administration.Users.Seed(userName: "admin", password: "pa$$word1234", access: AdminAccess.Full, GeoLocation.EUROPE);
options.Administration.Users.GuestAccess(GeoLocation.ALL);
options.FireWallMode = Walter.Web.FireWall.FireWallProtectionModes.WebSiteWithApi;
options.ProtectedEndPointTypes.Add(typeof(BaseController));
options.TrackUsers = true;
options.Cashing.GeoLocation.SlidingExpiration = TimeSpan.FromMinutes(20);
options.ContactDetails.Address = "Your address";
options.ContactDetails.EMail = "support@myDomain.com";
options.ContactDetails.Name = "Support";
options.ContactDetails.Phone = "+352 1111 2222 3333";
options.ContactDetails.Country = GeoLocation.Luxembourg;
options.Rules.AllowNonAspNetRequests = 1;
options.Rules.AllowNonAspNetRequestsIn = TimeSpan.FromMinutes(20);
options.Rules.RedirectNonAspNetRequestsTo = new Uri("/Home/Blocked", UriKind.Relative);
options.Rules.RedirectUrlPhishingTo = new Uri("/Home/404", UriKind.Relative);
options.Rules.AllowWhiteListing = false;
options.Rules.PhysicalFileWallExcludeReasons = Walter.BOM.FirewallBlockReasons.ALL & ~Walter.BOM.FirewallBlockReasons.NoAccessFromRegion;
options.Rules.BlockRequest.BlockDuration.SlideExpiration = true;
options.Rules.BlockRequest.BlockDuration.Expires = TimeSpan.FromSeconds(10);
options.Rules.AllowWhiteListing = false;
options.Rules.Headers.AddDefaultSecurePolicy()
.AddStrictTransportSecurityNoCache()
.AddXssProtectionBlockAndReport()
.AddFrameOptionsDeny()
.AddContentSecurityPolicyButTrust(trustingSites: Walter.Web.FireWall.TrustingSites.Self | Walter.Web.FireWall.TrustingSites.SubDomains | Walter.Web.FireWall.TrustingSites.GenerateNonce, allowInline:false)
;
})
.UseDatabase(DatabaseConnections.FireWallState, "dbo", TimeSpan.FromDays(365))
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseFireWall(enablePortScannerListners: false)//set to true if you use honey-pot configuration nuget package walter.net.honeypot
.UseSecurityHeadersMiddleware();
}
The firewall is fully configurable and has quite a few options that allow you to protect against fishing, scrubbing, cross-site attach and much more.
There are a ton of configuration options available using the many annotations
namespace MyProject.Controllers
{
using Walter.Web.FireWall;
using Walter.Web.FireWall.Annotations;
using Walter.BOM.Geo;
[Geo(blockLocation: GeoLocation.AFRICA | GeoLocation.LATIN_AMERICA | GeoLocation.Netherlands)]
[Users(users: UserTypes.IsHuman | UserTypes.IsSearchEngine)]
[BlockDuration(duration: 60, sliding: true, doubleDurationPerIncedent: true)]
public sealed class MembersController : Controller
{
private readonly ILogger<MembersController> _logger;
private readonly IPageRequest _page;
public HomeController(ILogger<MembersController> logger,IPageRequest page)
{
_logger = logger;
_page=page;
}
public IActionResult Index()
{
return View();
}
[Ignore]
[ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
public IActionResult Error()
{
//the page field will contain all the errors the user ran into
return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier });
}
}
}
in your razor pages you can use the firewall tag helpers after importing the tag helpers by adding the following to _ViewImports.cshtml
@using Walter.Web.FireWall
@addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers
@addTagHelper *, Walter.Web.FireWall
You can use the tag helper in your razor pages like this
<head>
...
@section CSS
{
<style firewall-style-nonce>
h1{
background-color:azure;
}
</style>
}
<head/>
<body>
...
<script firewall-detect></script>
<script firewall-script-nonce>
console.warn("nonce works :-)");
</script>
<body/>
This is just a small set of options of what's possible and additional functionality can be injected using the plugin system by using any of the NuGet packages starting with the name walter.web.firewall.
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net6.0 is compatible. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 is compatible. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
-
net6.0
- Microsoft.AspNetCore.Connections.Abstractions (>= 7.0.4)
- Microsoft.AspNetCore.Mvc.RazorPages (>= 2.2.5)
- Microsoft.AspNetCore.StaticFiles (>= 2.2.0)
- Microsoft.Extensions.Identity.Core (>= 7.0.4)
- Walter.BOM (>= 2023.3.22.1456)
- Walter.DataTools.MsSql (>= 2023.3.22.1456)
- Walter.IO (>= 2023.3.22.1456)
- Walter.Net.HoneyPot (>= 2023.3.22.1456)
- Walter.Net.LookWhosTalking (>= 2023.3.22.1456)
- Walter.Net.Networking (>= 2023.3.22.1456)
-
net7.0
- Microsoft.AspNetCore.Connections.Abstractions (>= 7.0.4)
- Microsoft.AspNetCore.Mvc.RazorPages (>= 2.2.5)
- Microsoft.AspNetCore.StaticFiles (>= 2.2.0)
- Microsoft.Extensions.Identity.Core (>= 7.0.4)
- Walter.BOM (>= 2023.3.22.1456)
- Walter.DataTools.MsSql (>= 2023.3.22.1456)
- Walter.IO (>= 2023.3.22.1456)
- Walter.Net.HoneyPot (>= 2023.3.22.1456)
- Walter.Net.LookWhosTalking (>= 2023.3.22.1456)
- Walter.Net.Networking (>= 2023.3.22.1456)
NuGet packages (11)
Showing the top 5 NuGet packages that depend on Walter.Web.FireWall:
Package | Downloads |
---|---|
Walter.Web.FireWall.EventLog
Reporting interface for the firewall and the windows to support structured logging to the windows EventLog. The Package extends the reporting functionality to NuGet package Walter.Web.Firewall and is easily activated by dependency injection during service configuration services.AddFireWall(FireWallTrial.License, FireWallTrial.DomainKey , domainName: new Uri("https://www.your-domain.com", UriKind.Absolute) , options => { //your firewall settings }).UseEventLogLogging(options=>{ options.LogName = "FireWall"; options.SourceName = "www.your-domain.com"; }); More information on how to use this Add-On is available in this manual https://www.asp-waf.com/download/ASP-WAF-FireWall-Getting-Started.pdf |
|
Walter.Web.FireWall.SqlLogger
Package that enable SQL Server database storage and logging to NuGet package Walter.Web.Firewall The NuGet package is easily activated by dependency injection during service configuration services.AddFireWall(FireWallTrial.License, FireWallTrial.DomainKey , domainName: new Uri("https://www.your-domain.com", UriKind.Absolute) , options => { //your firewall settings }).UseDataBase(ConfigurationManager.ConnectionStrings["FireWallState"].ConnectionString) .UseFireWallReportingDatabase(ConfigurationManager.ConnectionStrings["FireWallReporting"].ConnectionString); More information on how to use this Add-On is available in this manual https://www.asp-waf.com/download/ASP-WAF-FireWall-Getting-Started.pdf |
|
Walter.Web.FireWall.Geo.Native
Free FireWall native Geo-country code API with limited accuracy. The Package adds functionality to NuGet package Walter.Web.Firewall More information on how to use this Add-On is available in this manual https://www.asp-waf.com/download/ASP-WAF-FireWall-Getting-Started.pdf This free API library may not give accurate results as it uses unchecked public domain data |
|
Walter.Web.FireWall.SMTPLogger
The Package adds E-Mail based reporting functionality to NuGet package Walter.Web.Firewall and allows for the logging of incidents via E-Mail by using a E-Mail buffer and sends the emails at configured intervals. The NuGet package is easily activated by dependency injection during service configuration services.AddFireWall(FireWallTrial.License, FireWallTrial.DomainKey , domainName: new Uri("https://www.your-domain.com", UriKind.Absolute) , options => { //your firewall settings }).UseSMTPReportingDatabase(options =>{ options.Archive = TimeSpan.FromDays(180); options.Server = "mail.server.com"; options.UserName = "noreply@your-domain.com"; options.Password = "pa$$w0rd1234"; options.Port = 8889; options.From = "noreply@your-domain.com"; options.IgnoreServerCertificateErrors = true; options.DefaultEmail = "webmaster@your-domain.com"; options.Archive = TimeSpan.FromDays(60); options.MailingList.AddRange(new[] { new EMailAddress("Security Admin","security@your-domain.com") { Frequency= TimeSpan.FromHours(1), Roles= EMailRoles.FireWallAdministrationViolations | EMailRoles.UnauthorizedPhysicalFilesViolation }, new EMailAddress("WAF","info@your-domain.com"){ Frequency= TimeSpan.FromHours(1), Roles= EMailRoles.ProductUpdates | EMailRoles.OwnAccountRelatedViolations } , }); }); More information on how to use this Add-On is available in this manual https://www.asp-waf.com/download/ASP-WAF-FireWall-Getting-Started.pdf as well as on-line at https://www.asp-waf.com/NuGet |
|
Walter.Web.FireWall.DiskLogger
Reporting interface for the firewall and the windows to support logging to disk as well as start Post-Reporting work-flows like PowerShel scripts or executables. The Package extends the reporting functionality to NuGet package Walter.Web.Firewall and is easily activated by dependency injection during service configuration services.AddFireWall(FireWallTrial.License, FireWallTrial.DomainKey , domainName: new Uri("https://www.your-domain.com", UriKind.Absolute) , options => { //your options }).UseDiskLogging(opt=>{ opt.DataDirectory = @"D:\Web-FireWall\FireWall"; opt.PowerShellOption = PowerShellFilesOption.GenerateIfMissing; opt.Commandline = new System.Diagnostics.ProcessStartInfo(@"D:\jobs\FireWall.bat"){UseShellExecute = true}; }); More information on how to use this Add-On is available in this manual https://www.asp-waf.com/download/ASP-WAF-FireWall-Getting-Started.pdf |
GitHub repositories
This package is not used by any popular GitHub repositories.
Version | Downloads | Last updated |
---|---|---|
2024.11.6.1222 | 224 | 11/6/2024 |
2024.10.28.1605 | 277 | 10/28/2024 |
2024.10.28.1335 | 205 | 10/28/2024 |
2024.10.19.1525 | 244 | 10/20/2024 |
2024.10.18.1315 | 222 | 10/19/2024 |
2024.9.27.1406 | 271 | 9/27/2024 |
2024.9.17.1417 | 327 | 9/17/2024 |
2024.9.12.1923 | 363 | 9/12/2024 |
2024.9.6.1352 | 414 | 9/7/2024 |
2024.9.1.1159 | 330 | 9/1/2024 |
2024.8.26.1150 | 359 | 8/26/2024 |
2024.8.19.1411 | 379 | 8/19/2024 |
2024.8.17.1000 | 369 | 8/17/2024 |
2024.8.12.1622 | 352 | 8/13/2024 |
2024.8.5.1010 | 310 | 8/5/2024 |
2024.8.1.1545 | 391 | 8/16/2024 |
2024.7.28.629 | 176 | 7/28/2024 |
2024.7.26.1512 | 216 | 7/26/2024 |
2024.7.26.828 | 189 | 7/26/2024 |
2024.7.11.1604 | 325 | 7/11/2024 |
2024.7.9.1520 | 337 | 7/9/2024 |
2024.7.4.1425 | 377 | 7/4/2024 |
2024.7.3.1249 | 316 | 7/3/2024 |
2024.7.2.1536 | 393 | 7/2/2024 |
2024.6.28.953 | 381 | 6/28/2024 |
2023.11.13.1117 | 1,517 | 11/13/2023 |
2023.10.26.1502 | 1,386 | 10/29/2023 |
2023.10.12.1926 | 1,515 | 10/12/2023 |
2023.9.14.812 | 1,642 | 9/14/2023 |
2023.9.7.1748 | 1,663 | 9/7/2023 |
2023.9.7.1241 | 1,668 | 9/7/2023 |
2023.9.6.1001 | 1,637 | 9/6/2023 |
2023.9.5.1246 | 1,647 | 9/5/2023 |
2023.9.5.1032 | 1,642 | 9/5/2023 |
2023.8.31.1522 | 1,654 | 8/31/2023 |
2023.8.29.1040 | 1,730 | 8/29/2023 |
2023.8.17.901 | 1,777 | 8/17/2023 |
2023.8.9.1314 | 1,873 | 8/9/2023 |
2023.8.2.750 | 1,918 | 8/2/2023 |
2023.7.12.830 | 1,934 | 7/12/2023 |
2023.7.5.1419 | 2,067 | 7/6/2023 |
2023.6.14.1628 | 2,108 | 6/14/2023 |
2023.6.11.1304 | 2,174 | 6/11/2023 |
2023.5.30.1640 | 2,141 | 5/30/2023 |
2023.5.4.1552 | 2,246 | 5/4/2023 |
2023.5.1.1524 | 2,137 | 5/1/2023 |
2023.4.29.910 | 2,342 | 4/29/2023 |
2023.4.12.1236 | 2,341 | 4/12/2023 |
2023.3.22.1456 | 2,470 | 3/22/2023 |
2023.3.14.1356 | 2,560 | 3/14/2023 |
2023.3.1.810 | 2,634 | 3/1/2023 |
2023.2.25.11857 | 2,616 | 2/25/2023 |
2023.2.22.27 | 2,596 | 2/22/2023 |
2023.2.15.1413 | 2,680 | 2/15/2023 |
2023.2.11.1628 | 2,774 | 2/11/2023 |
2023.1.11.534 | 2,920 | 1/11/2023 |
2022.12.30.711 | 2,935 | 12/30/2022 |
2022.12.15.1108 | 2,930 | 12/15/2022 |
2022.12.14.648 | 2,989 | 12/14/2022 |
2022.11.27.1059 | 3,065 | 11/27/2022 |
2022.11.21.338 | 3,135 | 11/21/2022 |
2022.11.14.1819 | 3,192 | 11/14/2022 |
2022.11.13.917 | 3,175 | 11/13/2022 |
2022.10.31.740 | 5,628 | 11/1/2022 |
2022.10.15.652 | 5,993 | 10/15/2022 |
2022.10.1.810 | 6,371 | 10/1/2022 |
2022.9.26.1444 | 6,412 | 9/26/2022 |
2022.9.14.1508 | 6,583 | 9/14/2022 |
2022.9.14.809 | 6,592 | 9/14/2022 |
2022.9.8.1009 | 6,769 | 9/8/2022 |
2022.8.20.1007 | 6,685 | 8/20/2022 |
2022.8.1.1 | 6,679 | 7/31/2022 |
2022.7.1300 | 6,999 | 7/1/2022 |
2022.7.31.1016 | 6,957 | 7/31/2022 |
2022.7.15.841 | 7,005 | 7/15/2022 |
2022.6.21.647 | 6,831 | 6/21/2022 |
2022.5.18.638 | 6,914 | 5/19/2022 |
2022.5.16.853 | 7,055 | 5/19/2022 |
2022.5.16.816 | 7,041 | 5/16/2022 |
2022.5.4.1010 | 7,012 | 5/4/2022 |
2022.4.10.947 | 7,450 | 4/10/2022 |
2022.4.10.925 | 7,515 | 4/10/2022 |
2022.4.10.828 | 7,319 | 4/10/2022 |
2022.4.1.1545 | 7,616 | 4/1/2022 |
2022.3.31.823 | 6,367 | 3/31/2022 |
2022.3.26.1103 | 7,622 | 3/26/2022 |
2022.3.26.820 | 7,180 | 3/26/2022 |
2022.3.25.840 | 6,468 | 3/26/2022 |
2022.2.16.1131 | 7,733 | 2/17/2022 |
2022.2.16.834 | 7,502 | 2/17/2022 |
2022.2.15.824 | 1,308 | 2/17/2022 |
2022.2.11.1452 | 1,491 | 2/17/2022 |
2022.2.11.931 | 1,316 | 2/17/2022 |
2022.2.5.1114 | 7,867 | 2/5/2022 |
2022.1.17.1158 | 9,065 | 1/17/2022 |
2022.1.10.1505 | 9,142 | 1/10/2022 |
2022.1.10.537 | 9,203 | 1/10/2022 |
2022.1.5.1139 | 8,751 | 1/8/2022 |
2021.12.28.1452 | 9,944 | 12/28/2021 |
2021.12.16.812 | 9,615 | 12/16/2021 |
2021.11.23.1528 | 16,135 | 11/24/2021 |
2021.11.21.925 | 16,545 | 11/22/2021 |
2021.11.19.847 | 10,953 | 11/19/2021 |
2021.11.18.1824 | 9,982 | 11/16/2021 |
2021.11.10.852 | 11,153 | 11/10/2021 |
2021.11.9.2021 | 10,831 | 11/9/2021 |
2021.11.8.2109 | 8,199 | 11/9/2021 |
2021.11.8.1612 | 8,822 | 11/8/2021 |
2021.11.7.1021 | 8,585 | 11/8/2021 |
2021.11.3.1612 | 8,771 | 11/4/2021 |
2021.11.1.1102 | 7,646 | 11/1/2021 |
2021.10.25.1206 | 9,303 | 10/25/2021 |
2021.10.23.1310 | 9,189 | 10/25/2021 |
2021.10.19.1522 | 9,090 | 10/19/2021 |
2021.10.16.1325 | 9,150 | 10/18/2021 |
2021.10.9.1119 | 286 | 10/9/2024 |
2021.10.6.1546 | 9,104 | 10/6/2021 |
2021.10.5.1450 | 9,148 | 10/5/2021 |
2021.10.4.1155 | 9,118 | 10/5/2021 |
2021.10.1.753 | 9,316 | 10/1/2021 |
2021.9.27.1005 | 8,589 | 9/28/2021 |
2021.9.26.1913 | 9,455 | 9/26/2021 |
2021.9.19.1015 | 7,409 | 9/19/2021 |
2021.9.17.1702 | 5,245 | 9/17/2021 |
2021.9.17.1449 | 11,872 | 9/17/2021 |
2021.9.13.1600 | 7,058 | 9/13/2021 |
2021.9.12.1100 | 4,893 | 9/13/2021 |
2021.9.11.2004 | 8,355 | 9/11/2021 |
2021.9.9.1110 | 9,034 | 9/9/2021 |
2021.9.7.1901 | 9,039 | 9/8/2021 |
2021.9.7.1121 | 9,334 | 9/7/2021 |
2021.9.6.1518 | 8,598 | 9/7/2021 |
2021.9.4.1124 | 9,217 | 9/4/2021 |
2021.9.2.708 | 8,546 | 9/4/2021 |
2021.9.0.1259 | 8,422 | 9/2/2021 |
2021.8.2200 | 8,077 | 8/23/2021 |
2021.8.2100 | 9,050 | 8/23/2021 |
2021.8.22.900 | 9,023 | 8/22/2021 |
2021.8.18.1500 | 8,931 | 8/18/2021 |
2021.8.18.930 | 8,983 | 8/18/2021 |
2021.8.14.1600 | 8,719 | 8/16/2021 |
2021.8.14.829 | 3,834 | 8/14/2021 |
2021.8.9.1105 | 8,753 | 8/9/2021 |
2021.8.8.1612 | 8,506 | 8/8/2021 |
2021.8.8.1138 | 7,632 | 8/8/2021 |
2021.8.6.1044 | 8,628 | 8/6/2021 |
2021.8.4.1355 | 9,079 | 8/5/2021 |
2021.7.30.2118 | 9,053 | 7/31/2021 |
2021.7.27.926 | 8,887 | 7/28/2021 |
2021.7.23.931 | 8,913 | 7/26/2021 |
2021.7.22.1456 | 8,406 | 7/23/2021 |
2021.7.15.1547 | 8,487 | 7/15/2021 |
2021.7.13.812 | 8,455 | 7/13/2021 |
2021.7.8.1527 | 8,734 | 7/10/2021 |
2021.7.5.1649 | 7,438 | 7/5/2021 |
2021.6.29.1453 | 8,801 | 6/30/2021 |
2021.6.26.1753 | 9,265 | 6/27/2021 |
2021.6.25.1849 | 8,961 | 6/25/2021 |
2021.6.24.1518 | 8,716 | 6/24/2021 |
2021.6.20.729 | 8,423 | 6/20/2021 |
2021.6.15.2006 | 8,301 | 6/15/2021 |
2021.6.14.2025 | 8,201 | 6/15/2021 |
2021.6.13.2035 | 8,392 | 6/14/2021 |
2021.6.12.1154 | 7,774 | 6/13/2021 |
2021.6.9.1120 | 8,001 | 6/9/2021 |
2021.6.3.1509 | 7,765 | 6/3/2021 |
2021.5.31.1533 | 7,963 | 5/31/2021 |
2021.5.31.1415 | 7,910 | 5/31/2021 |
2021.5.25.1732 | 6,894 | 5/25/2021 |
2021.5.24.1128 | 7,653 | 5/24/2021 |
2021.5.24.1019 | 7,535 | 5/24/2021 |
2021.5.12.1054 | 7,534 | 5/12/2021 |
2021.5.12.637 | 5,815 | 5/12/2021 |
2021.5.10.1442 | 6,975 | 5/11/2021 |
2021.5.8.1226 | 7,443 | 5/8/2021 |
2021.5.6.2037 | 6,605 | 5/6/2021 |
2021.5.5.1901 | 7,591 | 5/6/2021 |
2021.5.3.1621 | 7,717 | 5/4/2021 |
2021.5.1.905 | 7,933 | 5/1/2021 |
2021.4.28.1511 | 7,893 | 4/28/2021 |
2021.4.20.1520 | 7,704 | 4/21/2021 |
2021.4.16.949 | 1,215 | 4/21/2021 |
2021.4.16.738 | 7,928 | 4/21/2021 |
2021.4.14.1216 | 8,114 | 4/16/2021 |
2021.4.9.1538 | 7,874 | 4/13/2021 |
2021.4.8.947 | 7,998 | 4/13/2021 |
2021.4.6.1235 | 8,015 | 4/6/2021 |
2021.4.5.1653 | 7,678 | 4/5/2021 |
2021.4.1.913 | 7,934 | 4/1/2021 |
2021.3.31.2003 | 7,862 | 4/1/2021 |
2021.3.18.1622 | 8,365 | 3/18/2021 |
2021.3.3.1259 | 7,703 | 3/3/2021 |
2021.3.2.1415 | 8,140 | 3/2/2021 |
2021.3.1.11 | 7,679 | 2/28/2021 |
2021.3.1.1 | 7,945 | 2/27/2021 |
2021.3.1 | 7,584 | 2/27/2021 |
2021.2.23.6 | 6,839 | 2/23/2021 |
2021.2.23.4 | 1,260 | 2/23/2021 |
2021.2.21.1 | 7,496 | 2/21/2021 |
2021.2.20.1 | 7,457 | 2/20/2021 |
2021.2.19.2 | 7,377 | 2/19/2021 |
2021.2.18.6 | 6,408 | 2/19/2021 |
2021.2.17.1 | 7,396 | 2/17/2021 |
2021.2.16.1 | 7,837 | 2/16/2021 |
2021.2.15.3 | 7,730 | 2/15/2021 |
2021.2.15.1 | 7,756 | 2/14/2021 |
2021.2.14.3 | 7,214 | 2/14/2021 |
2021.2.12.6 | 7,572 | 2/12/2021 |
2021.2.12.2 | 7,778 | 2/12/2021 |
2021.2.11.1 | 6,039 | 2/11/2021 |
2021.2.10.1 | 7,192 | 2/10/2021 |
2021.2.8.1 | 7,659 | 2/9/2021 |
2021.2.7.2 | 7,742 | 2/7/2021 |
2021.2.7.1 | 7,948 | 2/6/2021 |
2020.12.27.1 | 7,220 | 12/27/2020 |
2020.12.26.5 | 7,252 | 12/27/2020 |
2020.12.26.4 | 1,215 | 12/27/2020 |
2020.12.26.3 | 7,226 | 12/27/2020 |
2020.12.19.1 | 7,807 | 12/19/2020 |
2020.12.16.1 | 7,197 | 12/16/2020 |
2020.12.15.1 | 7,910 | 12/15/2020 |
2020.12.14.5 | 13,171 | 12/14/2020 |
Major releases that add functionality other than optimization and minor bug fixing
14 Mar 2023
- Update NuGet package refferences
22 Feb 2023
- Axel Imani Release (Go live)
15 February 2023
- Update to .net 6.0.406 and 7.0.3
11 January 2023
- update to 7.0.2, 6.0.13 SDK and build tools for 17.4.4
14 December 2022
- Update to .Net SDK 3.1.426, 6.0.404 and 7.0.101
7 December 2022
- re-enable support for .net standard 2.1
21 November 2022
- Update to integrate the .net 7.0 cypher package release
- Update package references
14 November 2022
- Update NuGet Packages
6 November 2022
- Add support for .Net 7
15 November 2022
- Update NuGet package references
1 October 2022
- Update build with new SDK
- Update code sign certificates
02 September 2022
- Please make sure to update servers using this packages due to a security bug in .net
> System.Security.Cryptography.Xml 4.5.0 Moderate https://github.com/advisories/GHSA-2m65-m22p-9wjw
> System.Text.Encodings.Web 4.5.0 Critical https://github.com/advisories/GHSA-ghhp-997w-qr28
15 June 2022
- Update to support .net 6.0.7 and 3.1.27
- Update package references
21 June 2022
- Update package references
4 May 2022
- Update NuGet References
1 April 2022
- Add Geo support for Sub regions in Asia
15 March 2022
- update to 6.0.3
26 December 2021
- Update Microsoft.AspNetCore.Connections.Abstractions to .net 6.0.1 for .NET 6 projects
16 December 2021
- Update to .Net SDK update 14 December for .NET CORE 3.1.416, and .NET 5.0.404 and 6.0.101
23 November 2021
- Add the ability for the firewall to test for Tor exit-nodes to IFireWall and abstract class FireWallBase
- Add Default Rule blocking all access for requests coming from a Tor IPv4 and IPv6 exit node
10 November 2021
- BUG: downgrade Microsoft NuGet package [Microsoft.AspNetCore.Connections.Abstractions Version=6.0.0.0](https://github.com/dotnet/aspnetcore/issues/38246)
to 5.0.12 to avoid crashing the host application as dependency injection will fail.
9 November 2021
- Fix package dependency on vulnerable packages from Microsoft by upgrading vulnerable packages
- Firewall will generate nonce CSP values per request if TrustingSites.GenerateNonce is used
for both style and script tags to use using the tag helpers firewall-script-nonce and
firewall-style-nonce for you to use in your razor pages
08 November 2021
- Update to .Net NuGet packages .NET 6.0.0, .NET 5.0.403 and core 3.1.415
7 November 2021
- Allow web sockets in CSP policy when debugging to enable/ not block hot reload feature
1 November 2021
- update firewall default CSP policy when no policy was defined in the service integration
allowing to trust self as well as map default CSP violation reporting endpoint
25 October 2021
- Update Machine learning interface to integrate in Firewall filter via FireWallBase.OnResourceRequested
allowing user code to change the Guard's Response of any request
22 October 2021
- Fix bug on payload detection skipping payload if directory doesn't exists
- Update Geo-Blocking middleware
- Update Geo-Blocking documentation
6 October 2021
- Add CSP types to reporting
- Alter Default reporting template to process XSS and CSP reports
- Add user type flag stating user type is generating CSP /XSS violations
- Add overloads to default header types
1 October 2021
- Update additional blocking reason for firewall rule engine to use
- Add text based abuse report support
27 September 2021
- Add dacpac file for database distribution in \bin\setup\SQL output folder
- Allow the ability to store abuse report text files on disk when uploading them using the firewall management API
26 September 2021
- update WHOIS processing add amazon abuse email when amazon services are accessed and amazon refused to make email public.
22 September 2021
- add method to retrieve last abuse report generation data
- improve start up logging speed by validating database state before attempting to run migration script
- Periodically save failed TSQL statements to disk for easy validation and fixing database schema issues
19 September 2021
- Update NuGet packages release for .Net 5.0.10
11 September 2021
- Fix bug where whois processor would write empty WHOIS json data to storage
9 September 2021
- Add method in AbuseBaseController to load uploaded reports retrieving AbuseReportViewModel when calling GetReports()
7 September 2021
- Add abstract controller to make it easier to render abuse reports in the hosting web application
as it only needs to use AbuseBaseController and call GetReports on it.
31 August 2021
- Fix bug where visits are flagged as incidents where they never triggered a incident
- Update Maintenance for WHOIS to generate less pressure on log file
- Update KPI update for WHOIS to be non- blocking
- Update interactivity in a more consistent way
22 August 2021
- Communicate additional data in abuse report firewall API for the remote management desktop
- Change connect file format for the remote management desktop
18 Aug 2021
- Connect-file will be generated when Port number is known.
- Minor bug fixes
8 Aug 2021
- update to .NET 6.0 SDK (v6.0.100-preview.6)
- Add violation stack for port based attacks
- Add Page ID to incidents allowing to identify the page more easily
- add Running incident counter to incident
30 June 2021
- Add .Net 6.0 binaries to the NuGet package
- Add additional data to Abuse report interface
15 June 2021
- Update Management API
- Update to allow certificate-base request filter for API
- Update to .Net Core 3.1.17 and .Net 5.0.8
07 July 2021
- Add reporting entry for last request and last incident via API
- Save violations audit on page request
- Save violations audit on breadcrumb for violations report
05 July 2021
- Fix bug in reporting data
22 June 2021
- Add additional counters to WHOIS object
15 June 2021
- Add properties to Management objects to evaluate
11 June 2021
- Add Payload information in firewall logging data classes if a payload was requested on an incident
09 June 2021
- Update to .Net SDK 5.0.301 and 3.1.410
- Update storage data objects
07 June 2021
- Update NuGet Package references
- Update Connect file include plugins data
- Update data types
- Add SimpleCountry meta data
- Add Simple User meta data
- Update firewall rules
31 May 2021
- Update WHOIS ISP cashing
- Enforce firewall block recommendation rather than render a white page on phishing or penetration attempts
configuration via default rules in the firewall configuration
- Remove TSQL replay errors from previous session ensuring that only current content is stored in ~/App_Data/Setup/SQL
- Detect changes in APR tables
- Improved IFireWall WHOIS query method and include ISP counters
28 May 2021
- Apply .net security pack update
- Alter storage-sub-system schema
25 May 2021
- Change loop frequency to reduce pooling frequency
- Add counters to WHOIS
- Block ISP's if Rule on rule engine or endpoint based on trust settings
allowing general blocking for IoT devices if request are made via external data center/ provider
- Change storage for firewall state classes
- Add firewall management API data
- upgrade firewall storage
- upgrade breadcrumb data
12 April 2021
- Update to new code base after .net security violation fix
10 May 2021
- Update Database based storage
05 May 2021
- Integrate default endpoints so that there is no need for the default endpoints NuGet package and load the modules if the site uses management or renders pages
04 May 2021
- Add Key exchange for administration console on a per client basis
- Add default endpoints for user discovery if the FireWallMode in the settings containing JavaScript clients
29 April 2021
- Add support for custom port with administration system
- Add support for custom GuestUser password
04 April 2021
- Add ISPTrustLevelAttribute for end point protection
- Add Minimum Credibility ISP requirement on Rule engine configuration
- fix bug in BreadCrumb serialization
05 April 2021
- Add Administration configuration
- Endpoint Annotation for 2nd level user detection
- Update user discover script
22 March 2021
- Performance update
14 March 2021
- Update firewall and expose HoneyPot traps to firewall extension model
05 March 2021
- Add 2 new Rules that can be used as annotation on endpoints.
* BrowserIntentionsAttribute - allows a way to block requests from user agents with a bad reputation
* SiteMapAttribute - Allows a way to block users from URL's that have not been rendered to them in Razor-Pages or Views
* Add new Tag helper for firewall-browser-intentions-
- Add Counters for SearchEngines in User-Agents
- Add Intent counters in User-Agents (reputation)
- Minor bug fixes
- Update package reference
02 March 2021
- Update user agents add intentions
25 February 2021
- Add MaliciousUserAgentsAttribute
- Add support for MaliciousUserAgents in firewall rules
24 February 2021
- Update IPageRequest.BreadCrumbs class
- Update Annotations
- Update TagHelpers
17 February 2021
- Add endpoint types to protect supporting classes that are based on ControllerBase, Controller and RazorPage
using the IFireWallConf.ProtectedEndPointTypes property
12 February 2021
- Framework extension changes
- Update package references
30 January 2021
- Update disk change rule engine
25 January 2021
- Update rule engine
02 January 2021
- Updated terms and conditions to REL. 2021.01.02
29 December 2020
- Extend Storage interface and Documentation interfaces
- Refactor DI registration
27 December 2020
- Fix Bug
- Add reporting for Suspicious user agents
26 December 2020
- Extend IFireWall and FireWallBase class and interface add classes for reporting as well as change the constructor to allow for DI overriding state classes.
- Extend IIncidentDatabase with IIncidentDatabase.All(bool distinct,TimeSpan limitTo)
- Extend failed WHOIS request trying to retrieve ISP data
- Extend reporting interface include firewall binary version and size
- Extend Look-Who-Is-Talking (LWT) reporting capabilities
21 December 2020
- Integrate database maintenance when a database is used for firewall state on disposing the firewall (when the web application shuts down) as to not incur blocking
- Update database state include who-is-talking history tracking repository...
19 December 2020
- Update package references
- Integrate LookWhoisTalking repository for reporting
see https://firewallapi.asp-waf.com/html/P-Walter.Web.FireWall.IFireWall.WhoisTalking.htm
see https://firewallapi.asp-waf.com/html/AllMembers.T-Walter.Web.FireWall.ViewModels.Talking.htm
- Update package references
16 December 2020
- Update text reporting showing days left in license and active and maximum concurrent users
15 December 2020
- Update text report generating local time and no longer users UTC date/time
- Update user agent cashing
14 December 2020
- Update package references
- Update WHOIS query infrastructure
- Add publicity for concurrent user count
- Add country field to State date when a database is used
12 December 2020
- Update WHOIS query engine to query IP address requester and not IP address of reverse DNS of the ISP or Data center
- Update package references
- Compile with Language version 9.0
05 December 2020
- Update default license implementation
- Update NuGet Package references
- Update database storage SQL script for State objects
04 December 2020
- Bug in SQL script for database storage migration
- Extend health Logging interface to contain references to failed update script
- Update package references
- Change Json data size from a byte[] of 4000 to 8000 to facilitate bigger datasets for firewall state objects when stored to database
03 December 2020
- Extend IFirewall interface for reporting features
See https://firewallapi.asp-waf.com/?topic=html/Overload-Walter.Web.FireWall.IFireWall.GetVisitStats.htm
https://firewallapi.asp-waf.com/?topic=html/Overload-Walter.Web.FireWall.IFireWall.GetPhishyVisitStats.htm
02 December 2020
- Update country definition of a WHOIS entry if the country is unknown and a geography plugin is used
01 December 2020
- Update Connection string application name in connection from default .net message to application name when database storage is used to save state and no application name was provided.
- Update IFireWall.Whois() method to map LAN IP addresses to the firewall contact details
- Extend Incident classes to update for IWHOIS data for use in the management interfaces
27 November 2020
- Bug Fix cookie options set secure only if web application is using TLS connection
22 November 2020
- Update compiler hints improving .net Core 3.1 and .Net 5.0 compiled binaries
- Fix bug in update script for incident database
20 November 2020
- update packages to .net core 3.1.404
17 November 2020
- Update documentation
- Annotate return types IFireWall, IPageRequest, IIncidentDatabase, IUserIdentity, IFureWallUser, IFireWallConfig and more
- Extend IIncidentDatabase management API interface
- Change nullability of some types
14 November 2020
- Add support for IWhoisBackGroundProcessor for NuGet Package
Documentation at https://firewallapi.asp-waf.com/?topic=html/T-Microsoft.Extensions.DependencyInjection.WhoisWhoisBackGroundProcessorExtensions.htm
- Add access to the default instance for most of the propiatary storage classes for the firewall allowing direct access for advance use interface
IResetRepository: https://firewallapi.asp-waf.com/?topic=html/M-Walter.Web.FireWall.Infrastructure.Repositories.IResetRepository.Instance.htm
IWhoisRepository: https://firewallapi.asp-waf.com/html/M-Walter.Web.FireWall.Infrastructure.IWhoisRepository.Instance.htm
IIncidentDatabase: https://firewallapi.asp-waf.com/html/M-Walter.Web.FireWall.RuleEngine.IIncidentDatabase.Instance.htm
13 November 2020
- Update the way that default interface object created and will capture missing interfaces when a custom FireWall instance
used extension methods in service registration but the constructor does not capture the interface.
- Fix Spelling and update documentation
12 November 2020
- Update IPageRequest allow to read block cookie reasons using ContainsBlockCookie method allowing you to log the reasons documented
11 November 2020
- Update packages and support .Net 5.0
08 November 2020
Update signatures FireWallBase for null validly testing by the compiler and IntelliSense
01 November 2020
- Add overload methods to override default storage location and data retention for firewall database state per data type
30 October 2020
- implement database state for firewall
15 October 2020
- Update User blocking message
- Add FireWall exception handler event
- Reduce firewall footprint when using CookieFactory in Firewall
- Improve GDPR action by cashing Cookie requests between HttGet and HttpPost AJAX callbacks
14 October 2020
- Update to .net core 3.1.4
12 October 2020
1. Change Database logging interface providing access to full IPageRequest interface
09 October 2020
1. Fix bug in UserAgent database storage creation script
2. Update ToDo message generated when finding security issue in application
08 October 2020
1 update documentation
2 update filter improve dependency independence
06 October 2020
1. Update Browser data
2. Add extension method to service configuration to better configure UserAgent storage
3. Improved user agent cashing and device recognition
documentation at: https://firewallapi.asp-waf.com/?topic=html/AllMembers.T-Walter.Web.FireWall.Browser.IUserAgent.htm
05 October 2020
1. Update NuGet Package References
2. Update EULA
3. Provide access to browser and browser meta data of IUserAgent in IPageRequest.User.UserAgent
1 October 2020
1. Add interactions to IPageRequest for on a Root page if User discovery is used
2. Update NuGet package References
3. Fix bug where user cookie was always a session cookie
30 September 2020
1. Sort result for text based reporting
29 September 2020
1. Integrate Lazy logging from Walter.dll
2. Fix bug on license validator
3. Update FireWall session storage interface
4. Update NugetPackage references
24 September 2020
1. fix index error on ILogger interface in Guard Module
2. Include Minify data to reporting interface
23 September 2020
1. Add Minification to the reporting data class
22 September 2020
1. Add User type filters that allow the firewall to reject BOT's and Malicious users
documentation at https://firewallapi.asp-waf.com/?topic=html/T-Walter.Web.FireWall.Filters.BlockBotsFilter.htm
documentation at https://firewallapi.asp-waf.com/?topic=html/T-Walter.Web.FireWall.Filters.BlockMaliciousUserFilter.htm
19 September 2020
1. Add Minify attribute
documentation at https://firewallapi.asp-waf.com/?topic=html/T-Walter.Web.FireWall.Filters.MinifyAttribute.htm
2. Add Firewall disk manipulation detection event
documentation at https://firewallapi.asp-waf.com/?topic=html/E-Walter.Web.FireWall.FireWallBase.OnDiskManipulation.htm
3. Add User GDPR cookie solution using transparent encryption and IPageRequest.User cookie capabilities
documentation at https://firewallapi.asp-waf.com/?topic=html/Overload-Walter.Web.FireWall.IUserIdentity.WriteCookie.htm
https://firewallapi.asp-waf.com/?topic=html/P-Walter.Web.FireWall.Configurations.CookieConfig.UseTransparentEncryption.htm
16 September 2020
1. Streamline the FileWall tag helpers
2. Update Disk logging NuNet Package now in Walter.Web.FireWall.DiskLogging NuGet Package
3. Update ILogging NuNet Package now in Walter.Web.FireWall.ILogging NuGet Package
4. Update package references
14 September 2020
1. Update package references
2. Add NoCashAttribute
https://firewallapi.asp-waf.com/?topic=html/T-Walter.Web.FireWall.Filters.NoCacheAttribute.htm
3. Add ModelFilter attribute
https://firewallapi.asp-waf.com/?topic=html/T-Walter.Web.FireWall.Filters.ModelFilterAttribute.htm
09 September 2020
1. Add access to Rules class for advanced configuration before rule engine uses it to generated default rules
https://firewallapi.asp-waf.com/?topic=html/Events.T-Walter.Web.FireWall.IFireWallConfig.htm
2. Add access to RuleEngine configuration for runtime PEN scripts detection by making RulesConfig.BlockedPatterns Property public
https://firewallapi.asp-waf.com/?topic=html/P-Walter.Web.FireWall.Configurations.RulesConfig.BlockedPatterns.htm
3. Update documentation and sample documentation in on-line help and manual
https://www.asp-waf.com/download/ASP-WAF-FireWall-Getting-Started.pdf
4. Fix issue where sometimes a user gets rejected for being in the wrong group without having a filter defined.
https://firewallapi.asp-waf.com/?topic=html/P-Walter.Web.FireWall.Configurations.RulesConfig.RejectUsersByDefault.htm
08 September 2020
1. Add OnRootPageRequestDisposed and OnResourceSend event to FireWallBase class as well as IFireWall interface
Methods allow for post processing in proprietary projects
https://firewallapi.asp-waf.com/?topic=html/Events.T-Walter.Web.FireWall.FireWallBase.htm
2. Provide access to default rules for UrlValidationPatterns
https://firewallapi.asp-waf.com/?topic=html/P-Walter.Web.FireWall.Configurations.RulesConfig.BlockedPatterns.htm
2. Fix bug where sometimes users would be blocked as no user rule was defined
06 September 2020
1. update documentation
2. Update terms
3. Update NuGet package references
04 September 2020
1. update documentation
2. Add manual blocking on event
03 September 2020
1. Add events for firewall management
https://firewallapi.asp-waf.com/?topic=html/Events.T-Walter.Web.FireWall.IFireWall.htm
2. Add method for using custom IFireWall implementation using base class
https://firewallapi.asp-waf.com/?topic=html/M-Walter.Web.FireWall.FireWallBase.-ctor.htm
27 August 2020
1. Update License test for machine name in URL allowing it as a valid local licensed domain as LocalHost
2. Update documentation
3. Save incidents to disk in clear json format making it easier to validate blocking incidents
4. Show RuleId and ViolationId in Page if triggered and enabled
26 August 2020
1. Export FireWall base to the framework for custom implementation of IFireWall
22 August 2020
1. Alter default cookie names
2. Set CRF token settings based on firewall settings
3. update text report to associate fictitious user nr to incident details