January 25, 2022
Posted by ReadMe API about 18 hours ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| Allow Known Bots | Livedoor Japan bot | Livedoor bot detection has been improved | Allow | Allow |
January 18, 2022
Posted by ReadMe API 9 days ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| WAF & OWASP Top Threats | XSS Attack | HTML injection attack vectors were added to this policy | Block | Block |
| WAF & OWASP Top Threats | Code Injection | Policy's detection of command injection attacks was improved | Block | Block |
| WAF & OWASP Top Threats | Web Shell Execution Attempt | The policy now covers additional PHP execution methods | Block | Block |
| Behavioral WAF (advanced threat protection) | Obfuscated Attacks and Zero-Day Mitigation | Improved the detection of injection attempts for this policy | Block | Block |
January 11, 2022
Posted by ReadMe API 16 days ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| WAF & OWASP Top Threats | Code Injection | The policy is now covering additional variations of log4j vulnerability | Block | Block |
January 04, 2022
Posted by ReadMe API 23 days ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| WAF & OWASP Top Threats | Shell Injection | This policy has been improved to mitigate Out-of-Band Data Exfiltration methods | Block | Block |
December 28, 2021
Posted by ReadMe API 30 days ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| Anti-Automation & Bot Protection | Automated Clients | Identification of clients that constantly change sessions has been improved | Varies (handshake, CAPTCHA, block) | Varies (handshake, CAPTCHA, block) |
December 14, 2021
Posted by StackPath Team about 1 month ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| Behavioral WAF | Anti-Spam | New rule was added to the policy to block convicted form abusers. | NA | Block |
| WAP & OWASP Top Threats | Code Injection | New rules were added to the policy to enhance existing coverage for lLog4j/Log4Shell vulnerability. | Block | Block |
December 07, 2021
Posted by ReadMe API about 2 months ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| IP Reputation | External Reputation Block List | Added additional external reputation block list as input to this policy | Handshake | Handshake |
November 30, 2021
Posted by ReadMe API about 2 months ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| WAP & OWASP Top Threats | Local File Inclusion | This policy has been updated to improve mitigation of XML injections. | Block | Block |
November 16, 2021
Posted by ReadMe API 2 months ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| WAF & OWASP Top Threats | Code Injection | The detection of reverse shell attacks was improved. | Block | Block |
November 9, 2021
Posted by StackPath Team 3 months ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| Traffic Sources | Traffic Via Proxy Networks | This policy has been update to cover additional cloud service providers. | JS Validation | JS Validation |