It is my pleasure to announce the release of shadowd 1.1.0 as well as shadowd_ui 1.1.0 of the Shadow Daemon web application firewall. This update improves the performance, attack detection and ease of use. There are five major changes:

  • A native flood protection. It is no longer necessary to use fail2ban to prevent flooding of the logs, it happens automatically now.
  • A storage queue. This removes a huge bottleneck from Shadow Daemon, the permanent storage of requests.
  • Optimizations of the database layout to improve the performance.
  • New blacklist filters/signatures to detect more attacks, e.g. shellshock, cross-site scripting, server-site includes and code evaluation.
  • An option for the whitelist rules generator to automatically unify arrays. This makes it much easier to generate rules for big web applications.

There are no new major additions, but this update does improve the overall experience a lot, so I highly recommend to apply it. Most changes are based on feedback, so keep it coming :)