7.4 built on March 9, 2020 (Develop Release)
- Fixed an issue with cluster traffic log uploads from more than two cluster nodes.
Please note this build is in the development stage and may contain not-yet-implemented or wrongly working parts. Please do submit issues on GitHub for anything that does not work right, see https://github.com/diladele/websafety/milestones.
7.3 built on March 3, 2020 (Stable Release)
- Optimized all parts of the report generation module - the application now requires less time to build the reports and is able to handle reporting of more users than before.
- Added a setting to allow automatic download of missing intermediate HTTPS certificates. Disabled by default.
- Fixed some minor issues in report generation, added more debug output to the report log allowing for better understanding how much time was spent during reporting.
- Added support for Squid 4.10 on Ubuntu 18/Debian 10.
- Improved cluster configuration sync. The client nodes are able to upload the Squid’s access logs to the server node. The report building process at server node can now create integrated traffic history for the whole cluster.
- It is now possible to completely disable traffic monitoring and reporting from the Admin UI.
7.2 built on December 18, 2019 (Old Stable Release)
- Breaking change: all filtering daemons of Web Safety (ICAP, Google Safe Browsing, YouTube Guard, Traffic Monitor) are run as proxy user (Debian, Ubuntu) or squid user (CentOS). Admin UI continues to run as websafety user.
- Breaking change: single Web Safety package was split into two packages - websafety-core and websafety-ui. This allows to have an alternative (third party) UI for other UI integrated distributives like pfSense. It also allows for faster development cycle in UI with more frequent releases for websafety-ui package.
- Breaking change: fully redesigned/simplified reporting subsystem. Web Safety ICAP server now returns scan information to Squid proxy that dumps it into access log. Special report generation scripts are responsible for processing Squid logs and generating daily/monthly/yearly proxy usage reports much like ligthsquid/sarg do. Report module is also capable of parsing normal Squid access log without additional information from Web Safety filter thus making it appropriate for usual access log reporting tasks. There is also no more need for MySQL database greatly improving overall virtual appliance performance.
- Application can now be installed on CentOS 8. Installation on CentOS 7 is not supported any more.
- Dropped support for FreeBSD/pfSense installation. We might come with a new product for these platforms but for now it is just too much efforts for our small team.
- Added support for Squid 4.9 on Ubuntu 18/Debian 10.
- Completely rewritten implementation of cluster configuration sync.
- Product is now based on Django version 3.0.0.
188.8.131.52DB9 built on July 30, 2019
- Squid 4.8 for better stability and performance.
- Added support for Debian 10.
- Removed support for Debian 9.
- A lot of smaller changes in Admin UI and Traffic Reporting.
184.108.40.206A5E built on December 21, 2018
A lot of breaking changes in the development stack.
- Base platform moved to Ubuntu 18 LTS.
- Required Python version is now 3 instead of 2.
- Required Django version is now 2.1.2 instead of 1.11.
- Squid proxy is now version 4.4.
- FreeBSD 11, pfSense 2.4 and Raspbian 9 builds are available (status is still experimental)
220.127.116.117 built on July 5, 2018
- YouTube Guard filtering daemon now runs as a separate process. This allows to filter traffic by both Google Safe Browsing and YouTube modules.
- UI of YouTube filtering rules is completely rewritten, it is now possible to selectively filter YouTube videos by policies (enable for students, disable for staff).
- Fixed error in policy filtering exclusions by remote domain IP address.
- Added initial support for Ubuntu 18 LTS and Squid 4.
- Added advanced field to manually add to NIC management file /etc/network/interfaces on Ubuntu 16 and Debian 9.
- Builds for FreeBSD(pfSense) are not produced any more, please use version 6.3 if you require running Web Safety on FreeBSD(pfSense). We are now trying to build a separate product for pfSense platform.
- Added experimental YouTube guard module. The module allows administrator to limit the watched videos on YouTube by video category, channel ID and video ID. The module is implemented as Squid’s URL redirector hence it cannot work together with Google Safe Browsing URL redirector. The status of the module is experimental thus user feedback is needed to decide it this module is worth including into production build.
- Completely redesigned and reimplemented the Surfing Now module. It is now easier to see what sites are browsed most and what sites are blocked most currently.
- Added CTIRU list of prohibited URLs. Schools in the UK are required to block access to contents from the CTIRU list.
- Fixed error when squidclient was not able to get the runtime information from squid in cluster deployments utilizing PROXY protocol.
- Added Dynamic categorizers for Dating, Weapons, Alcohol, Games.
- Various smaller fixes and improvements.
- Added new dynamic site categorization module. This module works on both requests and response. When categorizing requests URL, Referer and Host headers are scanned. When categorizing responses - textual contents of pages are scanned. Currently there are dynamic categorizer for Nudity Pornography, Adult Themes Sexuality, Drugs and Gambling categories, but more and more categorizers will be added with each release. We target to finally have all available categories covered.
- Redesigned and reimplemented deep content inspection engine. The speed of content inspection is a little improved. Detection is now done faster. The amount of used RAM when performing adult language detection is greatly decreased (approx 10 times).
- Builds for Raspberry PI are not produced any more, please use version 6.1 if you require running Web Safety on Raspberry PI.
- Web Safety is now being published on Microsoft Azure Marketplace.
- Changes for the older versions of the product are removed for clarity.