It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

Release Notes Version 7.9.2

  • Last updated on

Please Read Before Updating

Before updating to a new firmware version, be sure to back up your configuration and read the release notes for each firmware version which you will apply.

Do not manually reboot your system at any time during an update, unless otherwise instructed by Barracuda Networks Technical Support. The update process typically takes only a few minutes to apply. If the process takes longer, please contact Barracuda Networks Technical Support for assistance.

If you upgrade to 7.9.x from 7.8.x or previous versions, the attack counts generated in 7.8.x or previous versions will not be populated in the World map on the BASIC > Status page, as the IP reputation (Geo IP) feature was implemented in version 7.9.  For this reason there is inconsistency in the total attack count in the Attack table and World map on the BASIC > Status page.

Change in behaviour:

  • Base64 decoding is not applied to parameter values adhering to Data URI scheme unless Base64 Decode Parameter Value is set to Yes. [BNWF-19540]
  • The Barracuda Web Application Firewall does not perform deep inspection on the content of the POST body in plain text format. [BNWF-19281]

Fixes and Enhancements in 7.9.2

  • Fix: Negative integer in the Max-age header is now honored by the Barracuda Web Application Firewall. [BNWF-19542]
  • Fix: Username can now contain backslash (\) for RADIUS authentication. [BNWF-19543]
  • Enhancement: It is now possible to include or remove the Timestamp and Unit name fields in logs exported to the syslog server. [BNWF-19508]
  • Fix: Policy Fix now creates a correct parameter profile for parameters containing a colon. [BNWF-19103]
  • Fix: After upgrade to, cookies were modified or not displayed in Cookies Exempted on the SECURITY POLICIES > Cookie Security page. This issue is now fixed. [BNWF-18890]
  • Fix: The internal database for log storage has been resized in the Barracuda Web Application Firewall 360 and 460 to reduce RAM usage. [BNWF-19105]
  • Fix: Various fields of web firewall logs and access logs are normalized to handle multi-byte charsets and escape sequence characters, which caused issues when logs were exported to CSV format.[BNWF-19136] [BNWF-19683] [BNWF-19580] [BNWF-16619]
  • Fix: An upgrade in the Azure platform resulted in some rare outage issues. This is now fixed.[BNWF-19200]
  • Fix: An issue with the firmware upgrade process in offline mode is resolved.[BNWF-19302]
  • Fix: A possible outage caused by memory overrun while logging SSL protocol version, has been addressed.[BNWF-18993]
  • Fix: If Header for Client IP Address is selected for a service, the Barracuda Web Application Firewall checks 64 HTTP headers for the occurrence, and picks the right client IP address. [BNWF-18950]
  • Fix: Virus detection feature is now available for A2 instances on Azure and Amazon Web Services. [BNWF-18922]
  • Fix: In Bridge mode, the services created in languages other than English now work as expected. [BNWF-18823]
  • Fix: URL encryption issue now encodes URLs properly handling spaces in the URL path.[BNWF-17222]
  • Fix: When requests do not match the configured response body rewrite rules, the response is not chunk encoded and the connection is not closed for HTTP/1.1 requests by the Barracuda Web Application Firewall. [BNWF-19546]
  • Fix: If a file without name is uploaded through multipart/form-data and no virus is detected in the uploaded content, the request is not logged in the BASIC > Web Firewall Logs page.[BNWF-19432]
  • Fix: If the attack detail field has non-English characters, it is normalized to hex-encoded values before logging and exporting. [BNWF-18982] [BNWF-18903]

Last updated on