Softpedia >Windows >Security >Security Related >ServerDefender VP >  Changelog

ServerDefender VP Changelog

What's new in ServerDefender VP 2.2.7

Jul 27, 2016
  • Resolved issue with insecure HTTP cookies being forwarded to HTTPS.

New in ServerDefender VP 2.2.6 (May 19, 2015)

  • Updated GeoIP library for improved country blocking
  • Updated the JSON parser library
  • Resolved issue where IP block counter was not incremented when the IP was temporarily blocked from an email alert
  • Resolved issue impacted web summary reports when viewed on the host
  • Added ability to edit blocked IP addresses from the LogViewer
  • Resolved issue where file uploads would fail if renamed in the settings manager
  • Resolved issue where naming convention for HTTP errors did not match in the Log Viewer and Log Viewer filter
  • Resolved issue where an URL can be bypassed as well as added to a blocked list.
  • Improved error logs for buffer overflow attacks
  • Added functionality to sync site status with IIS configuration on apply
  • Added input sanitization in the HTTP response for the ServerDefender response template
  • Removed full control permission from ServerDefender install folder and child folders

New in ServerDefender VP 2.2.4 (Sep 30, 2014)

  • Implemented Libinject for SQL Injection attack detection.
  • Fixed issue of Images and CSS not loading in SharePoint 2007(due to read permission on folder).
  • Data paths also checked for attacks in the URL string.

New in ServerDefender VP 2.2.3 (Oct 2, 2013)

  • On Session Expiry set to Minimum, unnecessary session expiry template sent. Blank page is shown when session expires.
  • SDVP GUI hangs on showing LogViewer balloon tip.
  • Show GMT and Local date/time in Log Viewer.
  • SDVP now sends logs to Syslog server and also TCP based alert messages.
  • Added auto Purging of SDVP logs.
  • Blank page when 404 error template is turned off. Bug: If 404 template is not enabled, then SDVP does not allow to enable 404template.

New in ServerDefender VP 2.2.2 (Jun 1, 2013)

  • Added custom protection profiles for Joomla and WordPress.
  • Added ability to import settings from another installation.
  • Added rules to block JavaScript attack vector where query has no name.
  • Updated headers to include Date/Expires headers and removing multiple cache-control headers.
  • Improved performance with Smooth Streaming video application.
  • Improved SDVP performance to prevent against slowing or hanging.
  • Improved functionality with Japanese, Chinese, and Korean characters.
  • Improved usability when file upload file is changed.
  • Improved usability for sites that require Microsoft Office file uploads.
  • Improved Log Collector tool to include selector to collect logs for specified dates only.
  • Fixed issue where SDVP is bypassed in some situations where site has web directories with different application pools.
  • Fixed issue where SDVP crashes due to Heap corruption.
  • Fixed issue where
  • Fixed issue where logs incorrectly shows IP/country block in remarks column for some categories.
  • Fixed issue where in some instances SDVP logs POST data without regarding log verbosity.
  • Fixed issue where blank page is served when JavaScript is not enabled in web browser.
  • Fixed issue where SDVP would use large amount of memory upon applying changes to large number of sites (100+) simultaneously.
  • Fixed issue where unecessary data files are created in logs.
  • Fixed issue where post limit is not reflected in IIS config file.

New in ServerDefender VP 2.2.1 (Nov 10, 2012)

  • UI changes for Session Expiry Response Templates.
  • Code optimized for for scenarios where many sites are present in IIS.
  • Added functionality to allow for log collection for debugging purposes after SDVP has been uninstalled
  • Fixes issue when adding new site in Windows 2008.
  • Input exception fields no longer subject to miscellaneous checks.
  • Fixes SESSION_EXPIRATION logging issue.
  • Fixes issue where some log records were split into two lines in Log Viewer.
  • Fixes GUI crash issue when site is costumized with Config Wizard running.
  • Fixes issue in PHPIDS implementation.
  • Fixes problem with log verbosity in buffer overflow cases.

New in ServerDefender VP 2.2.0 (Sep 15, 2012)

  • Support for Windows 2012
  • Improves profile for OWA
  • Usability improvements to input exception dialog
  • Adds bulk exceptions on 404s (redirecting)
  • Makes redirect the default exception action for innocent 404s
  • Resolves file upload blocking issue
  • Resolves issue with country IP blocking
  • Resolves issue for UI hang
  • Resolves partial install issue

New in ServerDefender VP 2.1.1 (Jul 10, 2012)

  • Windows 7 compatibility added
  • Removed default local IP exceptions
  • Directory browsing issues fixed
  • Additional debug logging added for diagnosis of GUI issues

New in ServerDefender VP 2.1.0 (Jul 10, 2012)

  • Added geographic IP blocking by country of origin
  • Added a severity filter to the Filter Options in Log Viewer
  • Added an informational severity classification and reclassified certain events as informational
  • Allowed List in Resources tab now supports allowing default documents
  • Updated documentation
  • Numerous bug fixes

New in ServerDefender VP 2.0.2 (Mar 19, 2012)

  • Removed dependence on IIS 6 Role Services for GUI Components
  • Added ActiveAlert feature - ability to block and unblock IPs from alert emails
  • Resolved shared memory cleanup issues, access violation on service restart
  • Implemented fail-open pattern in event that SDVP Service becomes unavailable
  • Minor UI improvements in LogViewer
  • Minor UI fixes
  • Improved default error templates
  • Documentation update

New in ServerDefender VP 2.0.1 (Feb 24, 2012)

  • Slide Into Security:
  • A lot of customers told us that they loved the power and flexibility of SDVP 1.0. But many were also a bit overwhelmed by all the configuration options. They asked us if we could find a way to simplify the complexity, while keeping it available if needed.
  • The answer is the new Standard View. The fine-grained control of SDVP 1.0's GUI is just a button click away if you need it. But Standard View encapsulates most of those configuration options into just two smart slider controls - Enforcement Level and Logging Level
  • Reports You'll Look Forward to Reading:
  • A lot of SDVP 1.0 customers appreciated the Daily Reports - summaries of the most important security events and trends. But our just-the-facts, plain text emails weren't always the easiest things to read or interpret - especially on the go.
  • In SDVP 2.0 the Daily Report emails are attractive and easy-to-scan, with the most important info bubbled right to the top. They do a great job of highlighting the vital data you need to keep informed about the security of your sites - even when you're not at your desk.
  • One Wizard to Rule Them All:
  • SDVP 1.0 customers told us that they appreciated the wizards we included to make setup easer - but that four wizards was about three wizards too many. We agree! So now there's just one - but it's smart enough for every occasion.
  • Need to get up and running as quickly as possible? Go with the Config Wizard's Standard Mode - it will get you there in just a few screens. Have a lot of complex Web apps and need to tune each one's security just so? Expert Mode is right for you