Dieser Inhalt ist noch nicht in deiner Sprache verfügbar.
ALTCHA Sentinel Releases
1.13.0: Challenge Custom Params and Bug Fixes
Highlights:
- New: Challenge API now supports custom parameters. Docs
- Improved: PostgreSQL TLS/SSL support — AWS RDS CA bundle is now built-in for easier setup. Docs
- Fix: ipinfo.io with MMDB can now be enabled only when using
IPINFO_IO_MMDB_DOWNLOAD_URL
that includes an authorization token. Docs - Security: Updated dependencies to address minor security vulnerabilities.
1.12.0: Phishing Detection
Highlights:
- New: Phishing URL detection in the Classifier and Email Spam Filter. Docs
- New: Classifier now includes two new rules:
URL_PHISHING
andCONSECUTIVE_LINE_BREAKS
. Docs - New: Simple rules configuration UI for Security Groups now supports request origins.
- Improved: Security Group rules now support conditions based on request
origin
, including wildcard matching. Docs - Improved: The
verificationData
property returned fromPOST /v1/verify
now includes additional values such as the request origin and user’s timezone. Docs - Improved: Request logs now include
error
messages for non-OK status codes. - Fix:
REDIS_KEY_PREFIX
environment variable was not being applied. - Fix: Minor UI fixes and improvements.
Migration required:
ClickHouse users must migrate the database schema to include error
. Docs
1.11.0: Email Spam Filter
Highlights:
- New: Email Spam Filter for parsing and classifying EML files. Docs
- New: Request logs now include
verificationId
fromPOST /v1/verify
. - New: Prometheus metrics now include API verification metrics. Docs
- Improved: General stability and minor bug fixes across the application.
Migration required:
ClickHouse users must migrate the database schema to include verificationId
. Docs
1.10.2: AI Rules and Bug Fixes
Highlights:
- Improvement: AI providers now allow request parameter override using AI_PROVIDER_REQUEST_OPTIONS. Docs
- Fix: X_FORWARDED_FOR_TRUSTED with IPv4 + IPv6 dual stack
- Fix: CSP styles error in Safari
1.10.1: Bug Fixes
Highlights:
- Fix: Apply a default container memory limit when one is not explicitly set.
- Fix: Minor UI fixes and improvements.
1.10.0: OpenTelemetry
Highlights:
- New: OpenTelemetry support (Enterprise only). Docs
- New: Added
LICENSE_JSON
environment variable to disable license-server verification. - Fix: Total system memory and CPUs now correctly report the container’s limits if set.
1.9.0: PostgreSQL and Clustering
This release introduces improved and simplified clustering with PostgreSQL as the primary database. Clustering is now also available in the Professional plan.
Highlights:
1.9.1: Clustering Improvements
Highlights:
- Improvement: Cluster monitoring now includes database and Redis health checks.
- Fix: Various UI enhancements and fixes related to clustering and application configuration.
1.8.2: Performance Improvements
Highlights:
- Improvement: Threat Intelligence reporting endpoint now returns actions and whether the limit has been reached.
- Improvement: Optimized loading of Threat Intelligence data, significantly improving application start time.
- Fix: Minor UI fixes and improvements.
1.8.1: Threat Intelligence
Highlights:
- New: Threat Intelligence for automatic detection and blocking of malicious IPs.
- Fix: Minor UI fixes and improvements.
Migration required:
If you previously used FIREHOL_*
environment variables, review and update your configuration in the new Threat Sources section. These variables have been removed, and blocklist URLs are now managed directly through Threat Sources.
1.7.0: Filtering, IP resolvers
Highlights:
- New: Cloudflare IP resolver using the
CF-IPCountry
HTTP header. - Improvement: Filtering and search capabilities across the application.
- Improvement: IP resolvers can be combined for more comprehensive IP resolution.
- Improvement: Alerts now include the API key and user-agent.
- Fix: Issue with the
disableRules
parameter in the classifier. - Fix: Minor UI fixes and improvements.
1.6.0: Logs and Analytics
Highlights:
- New Feature: ClickHouse integration for high-performance data storage and real-time analytics.
- Improvement: Enhanced analytics dashboard now displays the total number of requests and all matched spam rules.
- Improvement: More accurate language detection for very short texts.
- Improvement: Minor UI enhancements, including dark mode adjustments and general bug fixes.
- Fix: Issue with excluding countries from the high-risk country list.
1.5.0: General Improvements and Bug Fixes
Highlights:
- New: Added environment variables to configure update schedules for data sources and IP resolvers.
- Improvement: Updated Content Security Policy to support the redirect page and API documentation.
- Fix: Geo-location data was not being properly recorded in request logs.
1.4.0: IPInfo Resolver and Bug Fixes
Highlights:
- New Feature: IPInfo.io IP resolver – Integrated IPInfo.io service for IP resolution.
- Fix: Monitoring endpoints IP whitelist with default values causing issues with Kubernetes probes.
1.3.0: AI Security Rules
Highlights:
- New Feature: AI Security Rules.
- Fix: Improved WAV bit depth in audio challenges for better browser compatibility.
- Fix: Corrected CSP policy in JSON editor to restore style loading.
- Fix: Enhanced protection against replay attacks in
/v1/verify/signature
.
1.2.0: Enhanced Similarity Matching and Redirects
Highlights:
- New Feature: Links and Redirects – Generate short, shareable links that show a verification challenge before redirecting to the final destination. Helps block bots and abuse before users reach protected URLs.
- New Feature: Partial Similarity Matching – Identify suspicious phrases within longer text using substring-based detection.
- Breaking Change: Request logs and alerts now require admin role access.
- UI Improvements: General design polish and usability enhancements.
1.1.0: First Public Release
We’re excited to announce the first public release of ALTCHA Sentinel!
Getting Started:
To begin using ALTCHA Sentinel, follow our Installation Guide.