8.2 built on May 23, 2022 (Develop)
No changes from the 8.1 build, just build number changed from 8.1 to 8.2
Please note this build is in the development stage and may contain not-yet-implemented or wrongly working parts. Please do submit issues on GitHub for anything that does not work right, see https://github.com/diladele/websafety/milestones.
8.1 built on May 22, 2022 (Stable)
Breaking Change - by default Admin UI is now running on HTTPS. Default certificate is self-signed so you might need to click through the Self Signed Warning at the first connection. On HTTP port there is now a placeholder that explains this change and also contains the automatic redirect script and button to switch to continue through HTTPS.
Added new proxy authentication scheme - Captive Portal. It can be used to authenticate users to modern Microsoft Azure Active Directory (cloud directory) as well as normal on-premises Active Directory and Local Users Database.
Added support for Squid 5.5 on Ubuntu 20. The virtual appliance and Microsoft Azure and Amazon AWS images are now based on this version too.
8.0 built on February 27, 2022
Added support for Squid 5.2 on Ubuntu 20. The virtual appliance and Microsoft Azure and Amazon AWS images are now based on this version too.
Updates of definition files are performed using new updates.diladele.com server. Updates should be faster now.
Technical Change - internal ICAP web filtering modules are moved to boost 1.77. More standard C++ libraries are used now.
Removed some decommissioned and non-working functionality in YouTube guard module.
Removed some old settings from Admin UI that are not supported by Squid 5 (for example, no more dns_v4_first setting present).
Breaking Change - default user in the Admin UI is now named admin instead of root as before. This is to strictly separate the operating system level users and application users.
Breaking Change in virtual appliance - default operating system user root is now only able to login using console; remote login using ssh is disabled. This is to prevent security issues in default deployments when administrator forgets to change the default credentials.
Improved drill downs in custom reports; reports module is faster (rewritten in golang); Admin UI of Traffic Manager is improved.
Dropped Raspberry PI complation/support; the system is too underpowered for a full scale web filtering solution.
7.6 built on June 15, 2021 (Old Stable)
The base OS for the virtual appliance is now Ubuntu Linux 20.04 LTS. A lot of small fixes in the Admin UI because of base OS upgrade.
Admin UI is based on Django 3.1.7 now.
The application runs using Python 3.8 now (standard on Ubuntu 20.04 LTS).
Due to CentOS operating system shutdown we have moved to RedHat RHEL 8.
Required Debian OS version is now Debian 11.
Fixed YouTube filtering errors in Google Chrome and Microsoft Edge.
7.5 built on October 8, 2020
Added support for Squid 4.13 on Ubuntu 18/Debian 10.
Added upload size monitoring to all reports (top uploaders, top uploaded domains, URLs, etc).
Better YouTube periodic report with drill down per user.
Other small improvements in Traffic Monitoring and Reporting.
Added UI setting to dump Squid’s access log records to syslog.
Fixed error with hidden reporting for designated policies.
Built on Django version 3.1.2 and C++ boost 1.73.
7.4 built on May 10, 2020
Fixed an issue with cluster traffic log uploads from more than two cluster nodes.
Statistics storage optimized, the CSV files are packed as GZ files, reducing the storage requirements up to 10 times.
Added ability to limit bandwidth usage per policy (bandwidth throttling is implemented using
Fixed issues with rotating of Web Safety logs.
Added support for Squid 4.11 on Ubuntu 18/Debian 10.
Virtual appliance generation infrastructure moved to VMware ESXi 6.7 so some unknown issues might occur on older VMware vSphere/ESXi deployments.
7.3 built on March 3, 2020
Optimized all parts of the report generation module - the application now requires less time to build the reports and is able to handle reporting of more users than before.
Added a setting to allow automatic download of missing intermediate HTTPS certificates. Disabled by default.
Fixed some minor issues in report generation, added more debug output to the report log allowing for better understanding how much time was spent during reporting.
Added support for Squid 4.10 on Ubuntu 18/Debian 10.
Improved cluster configuration sync. The client nodes are able to upload the Squid’s access logs to the server node. The report building process at server node can now create integrated traffic history for the whole cluster.
It is now possible to completely disable traffic monitoring and reporting from the Admin UI.
7.2 built on December 18, 2019
Breaking change: all filtering daemons of Web Safety (ICAP, Google Safe Browsing, YouTube Guard, Traffic Monitor) are run as proxy user (Debian, Ubuntu) or squid user (CentOS). Admin UI continues to run as websafety user.
Breaking change: single Web Safety package was split into two packages - websafety-core and websafety-ui. This allows to have an alternative (third party) UI for other UI integrated distributives like pfSense. It also allows for faster development cycle in UI with more frequent releases for websafety-ui package.
Breaking change: fully redesigned/simplified reporting subsystem. Web Safety ICAP server now returns scan information to Squid proxy that dumps it into access log. Special report generation scripts are responsible for processing Squid logs and generating daily/monthly/yearly proxy usage reports much like ligthsquid/sarg do. Report module is also capable of parsing normal Squid access log without additional information from Web Safety filter thus making it appropriate for usual access log reporting tasks. There is also no more need for MySQL database greatly improving overall virtual appliance performance.
Application can now be installed on CentOS 8. Installation on CentOS 7 is not supported any more.
Dropped support for FreeBSD/pfSense installation. We might come with a new product for these platforms but for now it is just too much efforts for our small team.
Added support for Squid 4.9 on Ubuntu 18/Debian 10.
Completely rewritten implementation of cluster configuration sync.
Product is now based on Django version 3.0.0.
18.104.22.168DB9 built on July 30, 2019
Squid 4.8 for better stability and performance.
Added support for Debian 10.
Removed support for Debian 9.
A lot of smaller changes in Admin UI and Traffic Reporting.
22.214.171.124A5E built on December 21, 2018
A lot of breaking changes in the development stack.
Base platform moved to Ubuntu 18 LTS.
Required Python version is now 3 instead of 2.
Required Django version is now 2.1.2 instead of 1.11.
Squid proxy is now version 4.4.
FreeBSD 11, pfSense 2.4 and Raspbian 9 builds are available (status is still experimental)
126.96.36.1997 built on July 5, 2018
YouTube Guard filtering daemon now runs as a separate process. This allows to filter traffic by both Google Safe Browsing and YouTube modules.
UI of YouTube filtering rules is completely rewritten, it is now possible to selectively filter YouTube videos by policies (enable for students, disable for staff).
Fixed error in policy filtering exclusions by remote domain IP address.
Added initial support for Ubuntu 18 LTS and Squid 4.
Added advanced field to manually add to NIC management file /etc/network/interfaces on Ubuntu 16 and Debian 9.
Builds for FreeBSD(pfSense) are not produced any more, please use version 6.3 if you require running Web Safety on FreeBSD(pfSense). We are now trying to build a separate product for pfSense platform.
Added experimental YouTube guard module. The module allows administrator to limit the watched videos on YouTube by video category, channel ID and video ID. The module is implemented as Squid’s URL redirector hence it cannot work together with Google Safe Browsing URL redirector. The status of the module is experimental thus user feedback is needed to decide it this module is worth including into production build.
Completely redesigned and reimplemented the Surfing Now module. It is now easier to see what sites are browsed most and what sites are blocked most currently.
Added CTIRU list of prohibited URLs. Schools in the UK are required to block access to contents from the CTIRU list.
Fixed error when squidclient was not able to get the runtime information from squid in cluster deployments utilizing PROXY protocol.
Added Dynamic categorizers for Dating, Weapons, Alcohol, Games.
Various smaller fixes and improvements.
Added new dynamic site categorization module. This module works on both requests and response. When categorizing requests URL, Referer and Host headers are scanned. When categorizing responses - textual contents of pages are scanned. Currently there are dynamic categorizer for Nudity Pornography, Adult Themes Sexuality, Drugs and Gambling categories, but more and more categorizers will be added with each release. We target to finally have all available categories covered.
Redesigned and reimplemented deep content inspection engine. The speed of content inspection is a little improved. Detection is now done faster. The amount of used RAM when performing adult language detection is greatly decreased (approx 10 times).
Builds for Raspberry PI are not produced any more, please use version 6.1 if you require running Web Safety on Raspberry PI.
Web Safety is now being published on Microsoft Azure Marketplace.
Changes for the older versions of the product are removed for clarity.