[8.0.0] - 2021-08-21 UTC+0800
NOTE
If you would like to upgrade to this version, please see the documentation for guidelines on upgrading across versions.
Added
-
Introduced CAPTCHAs for third-party platforms, supporting hCaptcha, reCAPTCHAv2 and reCAPTCHAv3, with the associated directive
waf_captcha. -
Support recognizing friendly crawlers, including GooleBot, BingBot, BaiduSpider and YandexBot, and automatically allow them after successful recognition, the related command is
waf_verify_bot. -
CC protection supports enabling CAPTCHA mode, which enables CAPTCHA when the request rate exceeds the limit, and blocks the IP if the CAPTCHA fails three times in a row, and recounts the request rate on the contrary.
Changed
-
The syntax of the directive
waf_modehas changed, see the documentation for a guide to cross-version upgrades. -
The syntax of the directive
waf_cc_denyhas changed, see the documented guide to cross-version upgrades for details. -
The syntax of the directive
waf_cachehas been changed, see the cross-version upgrade guide in the documentation. -
Support for modifying the priority of request body inspection.
Removed
- Removed two parameters of the directive
waf_cache:intervalandpercent.
[8.0.0] - 2021-08-21 UTC+0800
注意
如果您想要升级到此版本,请查看文档中的跨版本升级的指南。
新增
-
引入了第三方平台的验证码,支持 hCaptcha、reCAPTCHAv2 和 reCAPTCHAv3,相关的指令为
waf_captcha。 -
支持识别友好爬虫,包括 GooleBot、BingBot、BaiduSpider 和 YandexBot,识别成功后自动放行,相关的指令为
waf_verify_bot。 -
CC 防护支持开启验证码模式,开启后当请求频率超出限制后会启用验证码,如果连续三次验证失败则拉黑 IP,反之则重新统计请求频率。
变动
-
指令
waf_mode的语法有所变化,详见文档中的跨版本升级的指南。 -
指令
waf_cc_deny的语法有所变化,详见文档中的跨版本升级的指南。 -
指令
waf_cache的语法有所变化,详见文档中的跨版本升级的指南。 -
支持修改「请求体检查」的优先级。
移除
- 移除了指令
waf_cache的两个参数,分别是interval和percent。