Skip to content

GateKeeper Release Notes

GateKeeper v1.5.x

Release Notes v1.5.3 - 17 October 2025

The following are release notes for the Blackwall GateKeeper v1.5.3 release. Some features were added, enhancements made, and issues fixed to improve the platform.

Features and Enhancements:

  • GK-236 - New functionality has been added to the GateKeeper API. You can now transfer ownership of websites, servers, and devices between accounts by issuing a PUT request that updates the object’s user_id. This unlocks smooth handovers (such as agency changes, and consolidations) without manual support, with permission checks, and full auditing to keep moves safe and traceable. Existing endpoints and payloads are unchanged; simply set the new user_id in your PUT to complete the migration.
  • GK-90 - An improvement has been released in terms of DNS validation before certificate issuance. GateKeeper now verifies that all A and AAAA records of a domain point to GateKeeper IPs before issuing or renewing certificates. This prevents certificate failures due to misconfigured DNS (e.g., missing or incorrect AAAA records).
  • GK-305 - A new “Magento” ruleset has been added, following the same structure and behavior as existing rulesets. This enables consistent handling and configuration for Magento-based environments.

Fixed Issues:

  • GK-318 - BuyPass Certificate Authority (CA) support has been removed and any existing certificates cannot be renewed. Instead Blackwall recommends that you switch either to 'Lets Encrypt' or use custom certificates.
  • GK-203 - An issue has been fixed where the “Force redirect from www subdomain to primary domain” setting had no effect. When enabled, GateKeeper now issues a permanent redirect (301) from www.<domain> to the apex and returns the correct Location header, ensuring proper canonicalization. The change applies to new and existing sites. If the option was already enabled, redirects take effect automatically after deployment (no user action required).
  • GK-300 - A fix has been added to ensure that API-applied custom rules now propagate to servers. Previously an issue existed where custom rules set via the GateKeeper API were not synchronized to BotGuard servers, despite appearing in the dashboard. The sync path and JSON handling are now corrected, so that API updates now persist and apply on nodes without manual intervention.
  • GK-244 - A fix has been provided for an issue where GateKeeper incorrectly reported its private IP, instead of the public-facing IP on AWS EC2 instances. This was due to NAT-based networking. The system now correctly identifies and uses the public IP address.
  • GK-333 - Previously, on fresh GateKeeper instances (e.g., Vultr), when adding a new domain, it could hang and never reach an 'Online' status. Sometimes this required hosts-file edits and service restarts to get it 'Online'. A fix has been released, so that provisioning now completes automatically without manual steps, and the “add subdomains” prompt no longer blocks activation.
Release Notes v1.5.0 - 18 May 2025

The following are release notes for the Blackwall GateKeeper v1.5.0 release. A number of features were added, enhancements made, and issues fixed to improve the platform. Notably, the GateKeeper API is now generally available (GA) following extensive improvements based on beta feedback, and the version numbers of both the API and UI have been unified for consistency across the product suite.

Features and Enhancements:

  • GateKeeper API:
    • GK-41 - Blackwall is pleased to introduce the first General Availability version of our application load-balancing GateKeeper API, with support for multi-tenant management. This API provides hosting partners, SaaS users, and integration developers with a programmatic interface to manage users, websites, and settings. This mirrors all key features available in the Blackwall dashboard. It also supports a reseller model, with master and sub-account hierarchies for scalable, delegated access. Significant enhancements have been made to the beta version previously released to a limited user group and feedback provided has been incorporated into this GA version. For example, a website custom rules API editor has been added, and the ability to get event logs for all Gatekeeper API schemas - user, device, server, and website.
    • GK-184 - A new feature has been added, introducing read-only event log API endpoints for users, devices, servers, and websites. This feature adds support for retrieving event log record via new GET endpoints, enabling clients to fetch event data scoped to specific resources; for example, /user/{user_id}/events, or /device/{device_id}/events. The API supports filtering by time range and other rule-based parameters, providing flexible access for auditing, analysis, and integrations.
    • GK-136 - Added a possibility to get event logs for all Gatekeeper API schemas (user, device, server, website).
  • GK-139 - Logout functionality has been added to the GateKeeper dashboard. Users can now securely log out of the GateKeeper UI. This feature enhances session control and aligns authentication behaviour across the Blackwall platform.
  • GK-58 - Added support for light mode in the GateKeeper platform UI, enabling users to toggle between dark mode and light mode based on personal visual preference or environment. Previously, only dark mode was available.
  • GK-51 - A new 'Early Hints' feature has been added to help users optimize their websites, whether using the Blackwall GateKeeper user interface (UI) or our GateKeeper API. HTTP header 103 support has been added along with the corresponding web application acceleration logic, by implementing a module for nginx and using it in GateKeeper. This added feature significantly improves browser page load performance, leading to a smoother browsing experience.

Fixed Issues:

  • GK-144, GK-199, and GK-138 - The nginx-stat-module has been replaced with the status-nginx-module to prevent OOM crashes during frequent Nginx reloads. By replacing it with the more stable status-nginx-module, GateKeeper now supports safe and reliable configuration reloads, even under high-frequency update cycles.
  • GK-195 - A fix has been created for an issue preventing domains without IPv6 addresses from being added via API. Previously, domains that only had IPv4 (or only IPv6) addresses were incorrectly rejected when added through the API. This fix correctly distinguishes between a missing IPv6 address and an invalid one, allowing valid domains with single-stack configurations to be registered and function as expected.

GateKeeper v1.4.x

Release Notes v1.4.6

This release changes the following:

  • Gatekeeper API bugfixes (closes GK-101 and GK-102)
Release Notes v1.4.4

This release changes the following:

  • Subdomain and upstream duplicates are now removed when adding or editing a website.
  • Added a check for IP addresses of subdomains before issuing the certificate.
  • Added a search field for domains.
Release Notes v1.4.3

This release fixed the following two issues:

  • A GateKeeper API bug is now fixed relating to adding a website.
  • An issue is now fixed relating to the prevention of a certificate issuing for invalid websites.
Release Notes v1.4.2

This release has both fixed issues and added new functionality. The following are just some examples of what is new in this release:

  • GateKeeper API mTLS authentication is now implemented.
  • First boot initialization scripts are updated.
  • An issue for website application of configuration changes following an edit is now fixed.
  • Fixed the 'nginx: [emerg] no servers are inside upstream' issue.
Release Notes v1.4.1

Resolved multiple bugs and included new functionality, such as:

  • The SSH configuration issue on uninstall resolved.
  • Embedded terminal issue on first login is now resolved.
  • Wildcard subdomain support is now available.
Release Notes v1.4.0

Initial release of the new GateKeeper API server, based on Debian packaging installation method and with numerous performance improvements.

Feedback