Announcing FuseGuard Version 3
By Pete Freitag
After many hours in development and testing we are proud to announce the release of FuseGuard 3! FuseGuard 3 ships with 11 new filters, 1 new logger and several additional improvements to better protect your CFML applications.
With FuseGuard 3 we've tweaked and improved the protections that were included in version 2, and have added new methods identifying malicious requests. The result is that more malicious requests to your applications can be detected, blocked, and logged with FuseGuard 3.
What is FuseGuard?
If you are not familiar with FuseGuard, it is a web application firewall written in CFML. It runs
onRequestStart to block or log malicious requests made to your application. If configured to, FuseGuard will block the malicious request before it hits your application code. It can also log these events.
What's New in FuseGuard 3?
Configuring FuseGuard is now much easier as FuseGuard 3 can be fully configured from within the FuseGuard Manager web admin. That means you can add filters, edit filter settings, and do it all from the web UI. If you want to keep using the CFC based configuration you used in FuseGuard 2 that is also still fully supported.
There are 11 new filters in FuseGuard 3:
- Geographical Filter - Does your application only serve users in a specific geographic region? FuseGuard 3 makes it easy to connect IP country data to whitelist or blacklist IP addresses based upon country.
- Remote Execution Filter - this new filter looks for several patterns used to exploit CFML specific remote code execution vulnerabilities.
- XML Entity Injection Filter - looks for xml entity injection patterns.
- Shell Execution Filter - looks for common shell execution patterns and paths.
- Remote Method Filter - block remote CFC method calls or SOAP requests.
- HoneyPot Filter - Uses project honeypot data to block malicious IP addresses.
- XML External DTD Filter - looks for xml external DTD patterns.
- User Agent Filter - looks for malicious or malformed user agents.
- IP BlackList Filter - easily black list IPs using the IP List managers
- IP WhiteList Filter - create IP whitelists easily.
- File Upload Content Filter - inspects file upload contents for executable CFML experimental.
Those filters listed above are just the new filters in FuseGuard 3, the 18 filters which were part of FuseGuard 2 are also included which look for things like SQL Injection, Cross Site Scripting, Path Traversals, Malicious File Uploads, Null Byte Injection and more.
The FuseGuard manager UI has been updated and improved in this version, here are a few screenshots:
New Subscription Pricing
We are now offering FuseGuard with subscription pricing for an annual term. A one year subscription allows you to always have access to the latest version of FuseGuard.
Announcing FuseGuard Version 3 was first published on November 30, 2017.
If you like reading about fuseguard, waf, or security then you might also like:
- Fixinator and Foundeo Security Bundle
- Scope Injection in CFML
- FuseGuard 2.4 Released
- Adobe eSeminar on FuseGuard
The FuseGuard Web Application Firewall for ColdFusion & CFML is a high performance, customizable engine that blocks various attacks against your ColdFusion applications.