Open-Xchange is pleased to announce the release of OX Abuse Shield v2.12.0.
OX Abuse Shield provides abuse-prevention for Web Applications (including Webmail), POP, and IMAP. It is integrated with both OX App Suite and Dovecot Pro to prevent login and authentication abuse as well as protecting against brute-force attacks.
The goal of OX Abuse Shield is to detect brute forcing of passwords across many servers, services and instances, as well as enforce policy for authentication and authorization. In order to support the real world, brute force detection policy can be tailored to deal with "bulk, but legitimate" users of your service, as well as botnet-wide slow-scans of passwords.
The new OX Abuse Shield v2.12.0 provides the following main improvements:
- Now builds a separate luajit package (`wforce-lua-dist`), based on the openresty luajit fork. This is to address some issues found with stock luajit. The package also includes some lua modules that wforce typically makes use of.
- Build the wforce-minimal image for both arm64 and amd64, and add provenance.
- Add support for Debian Bookworm, remove support for Debian Buster.
- Enable webserver tls and password to be specified via an external secret.
- Tested on Kubernetes 1.28 through 1.30.
- Use wforce and replfwd images based on alpine, which are much smaller and more secure.
- Open-Xchange encourages administrators to regularly update to the latest available release. To ensure a stable and up to date environment please note the different versions supported. An overview of the latest supported Major, Minor and Public Patch Releases can be found in the OXpedia at: https://oxpedia.org/wiki/index.php?t...ort_Commitment
- OX Abuse Shield v2.12.0
- OX Abuse Shield Cloud Control v2.12.0
- OX Abuse Shield: https://software.open-xchange.com/pr...2024-10-29.pdf
For further details about OX Abuse Shield installation and configuration, mandatory and optional packages, policies, please refer to the documentation provided: https://oxpedia.org/wiki/index.php?t...X_Abuse_Shield
For further details about OX Abuse Shield Cloud Control installation and configuration, mandatory and optional packages, policies, please refer to the documentation provided: https://documentation.open-xchange.com/