Skip to content

Version History

4.4 Development

Built on November 16, 2024

  • No changes, just the build number increased.

4.3 Stable

Built on November 15, 2024

  • Updated application control, adult filtering and file content detection and blocking modules.
  • Improved file content blocking rules forms in Admin UI.
  • Added domain regular expression matching rule to Advanced ACLs.
  • Redesigned and re-implemented third party definition lists; it is now possible to use domain or hosts formatted blocking lists from any third party.
  • Tested working of the application on recently released Windows Server 2025.
  • OpenSSL upgraded to latest version 3.3.2.

4.2

Built on August 29, 2024

  • Improvements in networking module (better DNS and TLS cache purging) and better traffic logs.
  • Precise network timings are now stored in access logs for further analysis.
  • New logging implementation in networking module.
  • ClamAV RPC module is further improved.
  • Implemented YouTube restricting functionality.
  • Integrated latest supported version of OpenSSL 3.2.

4.1

Built on July 20, 2024

  • ClamAV is now used in a more efficient custom build RPC server.
  • Fixed error with Microsoft Entra/Azure Active Directory tenant restrictions.

4.0

Built on June 28, 2024

  • Added ability to scan the downloaded file with ClamAV antivirus engine.
  • Added Application Control module with ability to detect, exclude and block specific categories and web applications.
  • Improved both global and policy exclusion modules.

3.4

Built on May 10, 2024

  • Added malware, phishing and unwanted software protection using Google Safe Browsing v4 API.
  • Breaking change, internal storage of proxy configuration was split from one large settings.json file into multiple files.
  • Access log file is now using JSONL instead of custom format which will make working with logs easier.
  • Added initial support for HTTP Upgrade.
  • Small bug fixes and improvements in the Admin UI.

3.3

Built on April 10, 2024

  • Further improvement in Traffic Reporting module.

3.2

Built on January 31, 2024

  • Integrated new version of OpenSSL 3.2
  • Completely re-implemented Traffic Reporting module.

3.1

Built on October 31, 2023

  • Added ability to bypass the blocked page. Administrator now can mark a policy as "bypassable". In this case the user is able to click through the blocked page and still access the blocked resource. The bypass page can also be configured to enforce usage of a bypass phrase or token.
  • Web filtering core module is now based on boost 1.83.
  • Improved LDAP group lookup algorithm, it is now possible to use the members of Domain Users group (primary group) as members of web filtering policies. Unfortunately this improvement means that when upgrading from the previous version of the application, configured LDAP groups in policies will be lost. You would need to manually re-add those LDAP groups again to the Admin UI.
  • Small improvements in the Traffic Reporting module.
  • Small improvements in Proxy Authentication module.

3.0

Built on June 29, 2023

  • Fixed error when processing Global Exclusions by the URL regex.
  • Added advanced rule allowing to filter based on URL regex of the HTTP request.
  • Default list of policies has additional nofilter policy which allows for easy exclusions when browser is run on the proxy box itself.
  • Small updates in reporting module.

2.9

Built on June 8, 2023

  • Global and policy exclusions now have the ability to exclude request and responses from filtering by Referer HTTP header. This allows the admin to easily exclude most of the elements of a site from filtering without the need to manually research and exclude each third party HTML resource of a given site.
  • Reporting module is improved, it is now possible to limit the number of activity records shown in the Traffic Monitor report both by the last N seconds (default 300) and last N records (default 1000).

2.8

Built on April 13, 2023

  • Implemented incoming client connection limitation module. It is now possible to specify total number of incoming connections to the proxy, number of incoming connections per client and maximum rate of incoming connections from a client. Connections beyond the limits will be closed with Service Unavailable message.
  • Implemented incoming client connection bandwidth throttling module. It is now possible to specify the maximum allowable download speed for each proxy client. It is also possible to exclude a given policy from these bandwidth limitations.

2.7

Built on February 22, 2023

  • Added origin port advanced filtering rule. It is now possible to limit the connections to desired ports.
  • Added predefined and custom Exclusion Lists.

2.6

Built on December 21, 2022

  • Added Geo-IP filtering module. It is now possible to limit connections to IP addresses based on their two-letter country code.
  • Improved handling of timeouted and interrupted connections in network sessions module.
  • Improved session debugging - it is now possible to limit the debugging information based on the origin site name.
  • Performance Counters module was rewritten completely. Performance counters are now grouped by modules.
  • Improved handling of accept socket calls in cases when proxy server is under heavy load from a lot of proxy users.
  • Advanced filtering rules now able to block by User-Agent, connection port, URL regular expressions.

2.5

Built on November 16, 2022

  • Added advanced filtering rules based on Access Control Lists.
  • Fixed error with inability to skip the policy from Decryption when Complete Decryption mode is activated.
  • Small changes in the Traffic Module.

Older versions

  • Added Test button to verify LDAP Active Directory integration in Proxy Settings and user search check in Filtering Policies.
  • Re-implemented Safe Search on Google/Microsoft Bing and Yahoo search engines.
  • Added notion of always decrypted targets/domains which will always be decrypted if designated by the Admin
  • Re-integrated report building module with small changes and optimizations.
  • Implemented limiting of Google Apps for Business. It is now possible to enforce usage of only corporate e-mail on gmail, as explained in this Google Help Article
  • Implemented Microsoft Azure tenant restrictions as explained in this Microsoft Help Article
  • Added application restriction module.
  • Fixed 100% CPU usage of the reporting module on very high loaded systems.
  • HTTPS decryption subsystem now uses latest build of OpenSSL 3.0.5.
  • Fixed unlimited growing of number of temporary folders in the temp storage.
  • Generated HTTPS certificate for Secure Proxy mode now has proxy DNS names as well as proxy IP addresses indicated in the Alt-DNS Names extension. This allows for connecting to Secure Proxy by IP address too.
  • Proxy is now able to authenticate connecting clients by their SSL/TLS certificates.
  • Proxy authentication is redesigned and simplified.
  • Added Upgrade Wizard tool.
  • Added Application Health Checker tool that checks that required services are running.
  • Optimized running cycle of the Traffic Monitor that should make the application more responsive.
  • Added more unified components from the Web Safety for Linux project.
  • Improved online documentation - added tutorial for deploying the proxy in Microsoft Azure and settings required for client certificate authentication.
  • Added ability to import exclusions from the text file.
  • Improved reporting and traffic monitoring.
  • Added support for Microsoft Windows Server 2022.
  • Added async DNS resolve of domain names and cache of DNS responses. This will improve application response times during high workloads and lower the load on your DNS servers. Default DNS cache time is 5 minutes.
  • Updated the performance counter snap-in.
  • Small fixes in traffic report generation module (offensive report is now functional).
  • Fixed connection errors to non standard site ports (other than port 80, 443).
  • Updates of definition files are now done using updates.diladele.com web site with improved performance.
  • Small changes in the MSI installer and Admin UI.
  • Added PAYG appliance on Microsoft Azure
  • Added Global Exclusions setting, it is now very easy to exclude a domain from web filtering, proxy authentication and HTTPS decryption in all policies at once.
  • Re-implemented traffic monitoring and reporting subsystem. Report generation is now much faster and uses less system resources than before.
  • All modules use better logging which makes fixing the possible problems with the application much easier.
  • Fixed error when generating YouTube videos report.
  • Various fixes in the Admin UI.
  • The application was successfully run and tested on preview builds of Microsoft Windows 11.
  • Implemented cluster configuration support in Admin UI, added modules to sync cluster configuration and cluster traffic logs.
  • Fixed problems with Microsoft Updates though the proxy (incorrect handling of HEAD responses).
  • Several small fixes and improvements in the Admin UI.
  • Added support for upgrading configuration from earlier versions of Web Filtering Proxy.
  • Small changes in the Admin UI.
  • Fully implemented targeted mode for HTTPS decryption. The administrator now has the ability to specify exactly what sites need to be decrypted and filtered, leaving all other sites in default non-decrypted mode.
  • Improved certificate validation handling by re-using built-in Microsoft Crypto API within OpenSSL TLS handshake transactions.
  • Added resolve, connect, handshake, scanning performance counters and timings metrics in traffic history to better understand the speed of various modules in the filtering proxy.
  • Added easy to use generation wizards for trusted Root CA proxy certificate and Secure Proxy certificate.
  • Much better error reporting for failed HTTPS connections.
  • The administrator can add missing intermediate CA certificates when UNABLE_TO_GET_ISSUER_CERT_LOCALLY is returned by OpenSSL package when validating HTTPS connections to incorrectly configured web sites.
  • Updater is now able to use ccadb endpoint to automatically update the Root CA certificate store.
  • Added support for winget package manager. The application can now be installed as simple as winget install webproxy.
  • It is now possible to limit the number of parallel connections to origins.
  • Fixed small issues in Admin UI, including settings not being saved when both proxy settings and policy settings were modified.
  • Added Performance Monitor integration of the application with system PerfMon. It is now possible to see what is going in the application. More than 20 performance counters added, including information about site certificates, plain and secure proxy, number of processed requests and responses (totals and per second).
  • Fixed errors with CONNECT tunnels in older versions of Microsoft Internet Explorer and Microsoft Edge.
  • Implemented site certificate checking using Mozilla's trusted certification authorities database.
  • Version is now set to 1.0 to indicate general readiness of the application for everyday production usage.
  • Completely redesigned the Secure Proxy module in the Admin UI.
  • Added ability to automatically generate Secure Proxy certificate based on the configured Root CA certification authority.
  • Updated admin guide and added three tutorials for deploying proxy on Microsoft Azure - standard proxy, secure proxy and lift and shift cloud proxy.
  • Small optimizations and fixes in traffic monitoring and report generation modules.
  • Fixes in monthly and yearly statistics rendering.
  • Added nice response pages for proxy errors and request/response blocking.
  • The Admin UI of Web Filtering Proxy is completely redesigned and rebuilt.
  • It is now possible to generate Root CA certificates for HTTPS decryption and inspection from the Admin UI.
  • It is now possible to apply configuration changes directly from Admin UI by reloading or restarting the Web Filtering Proxy service.
  • Added several new components and one system services for Traffic Monitoring module. It is now possible to see the summary information about users and domains being browsed through the proxy at the current moment as well as daily, monthly and yearly traffic monitoring statistics.
  • It is now possible to use the Active Directory groups as policy members. The administrator now adds a group to web proxy just once and then normally manages the users in the Active Directory. The proxy automatically applies correct policy after authenticating the connecting user and looking up his security groups in the LDAP.
  • Added some default exclusions to ease working with Microsoft, Windows Updates, Office 365, Outlook and Apple iCloud.
  • Added activation schedules to the policies. The administrator now can easily have the lunch, weekend or out-of-work filtering policies automatically activated by schedules.
  • Fixed error with POST requests of zero size.
  • Fixed error with connecting to IP addresses (as opposed to normal connection to domain names).
  • Added three proxy authentication backends - Microsoft Active Directory, local users database and IP address labelling. It is now very easy to support proxy authentication using Negotiate authentication (both Kerberos and NTLM authentication schemes are supported). Just install the application on any Microsoft Windows server joined to the Active Directory and enable authentication from Admin UI with two mouse clicks.
  • After successful authentication policy is switched to the better one matching the name of the authenticated user.
  • Added ability to run secure web proxy (HTTPS proxy).
  • Default listener port is now 8080 (normal conventional proxy) and 8443 (secure web proxy).
  • Updated admin guide.
  • Administrative UI is able to show the table of last N processed requests.
  • Optimizations in HTTPS decryption module.
  • The proxy is now capable of performing basic proxy authentication using list of locally configured users.