August 27, 2023 Release
- Last UpdatedAug 30, 2023
- 3 minute read
Our release notes provide information on changes and enhancements in each release.
Note: Unless otherwise specified, the changes described here are rolled out throughout the week and may not be immediately available in all accounts.
In this release:
- Heads Up: New Imperva IP addresses
- Heads Up: Change in waiting room visitor page
- Account Takeover Protection: Reset risk level
- Terraform: New version of the Imperva Provider
- Recently mitigated CVEs
Heads Up: New Imperva IP addresses
New IPv4 address space is being added to support our growing network footprint. The new address range is 131.125.128.0/17 (131.125.128.1-131.125.255.254). These new addresses may be deployed in an Imperva PoP any time beginning October 1, 2023.
What does this mean for you?
-
If you use an allowlist, firewall, or ACL to limit direct access to your origin server, you must update your allowlist to permit the new /17 before October 1st. If you don't permit the new IPs, you may experience a site outage after that date, as any Imperva devices using the new IP space will be unable to access your server.
-
If you do not restrict access to your origin server by source IP, your origin is not protected and is subject to DDoS and other attacks. We strongly recommend that you restrict access from non-Imperva IP addresses.
For more details, see Allowlisting Imperva IP addresses & Setting IP restriction rules. The full, updated list of Imperva IP addresses is available on this page.
You can also retrieve the full list of Imperva IP addresses by executing the following API call: https://my.imperva.com/api/integration/v1/ips
Heads Up: Change in waiting room visitor page
The waiting room page shown to your website visitors currently displays hard-coded messages in English indicating the remaining time to wait.
To support multiple languages, and end users who do not read English, we are changing the messages to a more universal format.
What’s changing: On September 3, 2023 we will make a change to the Estimated wait time values displayed on the waiting room page.
The page currently displays different messages depending on the amount of time remaining. The English texts will be replaced as follows:
Current message | After the change |
---|---|
“x hours y minutes” – displayed for wait times longer than one minute. | “xx:yy:00” |
“Just a few more seconds” – displayed when wait time is one minute or less. |
“00:01:00” |
“Calculating…” |
A loader will be displayed:
|
If you have customized the waiting room page, note that this change affects the $ESTIMATED_TIME_TO_WAIT$ placeholder variable.
For more details on this feature, see Waiting Rooms.
Account Takeover Protection: Reset risk level
Using the API, you can now reset the risk level for specific IP addresses accessing your site.
This can be useful, for example, if you believe that one of your end users was mistakenly mitigated and you need to quickly resolve the issue.
Note that if there is continued suspicious activity from an IP, the risk level will escalate again afterward.
For details, see the POST /v2/sites/{siteId}/reset-risk endpoint in the API: Account Takeover Protection API Definition.
Terraform: New version of the Imperva Provider
Version 3.20.1 of the Imperva Terraform Provider is now available.
For the list of changes included in this version, see changelog.md.
For more details on the Imperva resources, see the Terraform Registry.
Recently mitigated CVEs
Mitigation for new Common Vulnerabilities and Exposures (CVEs) is added weekly by Imperva Research Labs.
To view the latest CVEs for which coverage was added, see Recently Mitigated CVEs.
More about the release notes
-
Tip: Open the latest release notes directly from the Cloud Security Console's Help menu.
-
Subscribe: Choose one of these options to subscribe to updates about weekly releases:
-
Go to the Cloud Application Security Release Notes and click Subscribe
-
Add the following link to your RSS feed reader: https://docs.imperva.com/bundle/cloud-application-security/page/release-notes.rss
-