UUSEC WAF releases

[!WARNING]
Attention: This version is incompatible with older versions and does not support direct upgrade from previous versions.

Feature Updates:

• Supports log-only rule functionality, introducing three new rule constants: waf.RULE_BLOCK, waf.RULE_ALLOW, and waf.RULE_LOG_ONLY. When a rule returns these values, they represent block, allow, and log-only actions, respectively.

Feature Updates:

• Add and modify multiple rules to defend against the latest threats.

Feature Updates:

• Added 4 new search engine verification capabilities.

Bug Fixes:

• Fixed an issue where search engine verification failures occurre.

Feature Updates:

• Enhanced plugin functionality: Now supports setting plugin priority and controlling plugin behavior via return values. Each filter stage can return two boolean values:

  • If the first value is true, subsequent plugins in the current stage will not be executed.
  • If the second value is true, the system immediately returns and skips all subsequent security rules.

Bug Fixes:

• Resolved an issue where ‌free SSL certificates failed to auto-renew.

Bug Fixes:

• Fixed display issues on certain screen resolutions

Feature Updates:

• Optimized interface display, adjusted delete icon

Bug Fixes:

• Fixed issue where cache acceleration cleanup didn't take effect in certain scenarios
• Fixed inability to use underscores in domain names when adding domains
• Fixed issue where IP threat intelligence plugin continued logging after triggering high-frequency attack rules

Bug Fixes

• Fixed the issue of free certificate renewal failures

Bug Fixes

• Resolved the problem that prevented viewing certain logs when the log level filter was set to 'Info'

Bug Fixes

• Fixed slow website access caused by IP threat intelligence updates under poor network conditions
• Fixed error reporting issues with some frontend UI elements

Improvements

• Update GEO IP database to the latest version

Bug Fixes

• Fixed inability to modify DSL rules after adding them
• Fixed issue where HTTP/2 toggle didn't take effect
• Fixed incorrect regex pattern matching warning for cache acceleration paths

Feature Updates

[!WARNING]
This version can't be updated from older versions, you need to reinstall UUSEC WAF!

Interface & Management

• Redesigned main program and management interface with improved aesthetics and usability, supports UI language switching (English/Chinese)
• Added Rule Collections functionality: Create custom rule templates for batch configuration
• Introduced whitelist rules that terminate further rule matching upon success
• UUSEC WAF Rules API intelligent suggestions during advanced rule editing
• New plugin management supporting hot-reloaded plugins to extend WAF capabilities

Protocol & Optimization

• Supports streaming responses for continuous data push (e.g., LLM stream outputs)
• Enables Host header modification during proxying for upstream service access
• Search engine validation: waf.searchEngineValid(dns,ip,ua) prevents high-frequency rules from affecting SEO indexing
• Interception log report generation (HTML/PDF exports)
• Automatic rotation of UUSEC WAF error/access logs to prevent performance issues

Security & Infrastructure

• Expanded free SSL certificate support: HTTP-01 & DNS-01 verification across 50+ domain providers
• Customizable advanced WAF settings: HTTP2, GZIP, HTTP Caching, SSL protocols, etc
• Cluster configuration: Manage UUSEC WAF nodes and ML servers via web UI