Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
litespeed_wiki:changelog [2022/09/12 17:53]
Michael Alegre Normalized formating.
litespeed_wiki:changelog [2024/03/19 21:03] (current)
Michael Alegre Added release log info for LSWS v6.2.1 builds [1,2].
Line 2: Line 2:
  
 **Note:** If a build is missing, you're always able to find it here as well: https://​groups.google.com/​g/​litespeed-edge-users **Note:** If a build is missing, you're always able to find it here as well: https://​groups.google.com/​g/​litespeed-edge-users
 +===== Version 6.2.1 =====
 +=== Build 2 ===
 +  [Bug Fix] Address compatibility issues with older versions of nodejs.
 +  [Bug Fix] Apply server level log rotation setting to modsec audit log.
 +  [Bug Fix] Address a few corner cases in HTTP/3 (lsquic). ​
 +=== Build 1 ===
 +  [Bug Fix] Addressed an HTTP/3 0-RTT packet validation issue.
 +=== Build 0 ===
 +  [New Feature] Add hCaptcha support for reCAPTCHA validation.
 +  [Improvement] Add support for .mjs nodeJS application startup file. 
 +  [Bug Fix] Address a crash related to SecRemoteRules handling.
 +  [Bug Fix] Address a rare corner case causing HTTP/3 responses to hang.
 +
 +===== Version 6.2 =====
 +=== Build 7 ===
 +  [Bug Fix] Address a crash related to SecRemoteRules handling.
 +=== Build 6 ===
 +  [Bug Fix] Address broken auto index script introduced in build 5.
 +  [Bug Fix] Address a potential HTTP/3 CPU spinning issue.
 +  [Bug Fix] Address a false positive in install script that reports a port is in use.
 +=== Build 5 ===
 +  [Bug Fix] Do not force override LSAPI_MAX_IDLE_CHILDREN if set explicitly.
 +  [Bug Fix] Address PHP 8.2 warning in directory auto index script.
 +  [Bug Fix] Address an issue in handling custom status code.
 +  [Bug Fix] Increase rewrite engine PCRE match limit to avoid PCRE_ERROR_MATCHLIMIT. ​
 +  [Tuning] Add dark mode for server generated error page and directory index page. 
 +=== Build 4 ===
 +  [Bug Fix] Fix a rare corner case in HTTP/3.
 +  [Bug Fix] Fix "​RewriteOptions IngoreInherit"​
 +  [Bug Fix] enable suEXEC for PHP 8.3 by default.
 +=== Build 3 ===
 +  [Bug Fix] Fix no-abort for CGI script.
 +  [Bug Fix] Fix Redirect 410 handling.
 +  [Bug Fix] Fix python application with long vhost name.
 +  [Bug Fix] Fix CPU spinning caused by HTTP/3 corner case.
 +=== Build 2 ===
 +  [Bug Fix] Fix HTTP/3 session resumption bug introduced in 6.2 Build 1.
 +=== Build 1 ===
 +  [Security] Disable HTTP/2 when detecting a rapid reset attack.
 +  [Improvement] Override server level per client connection soft limit with vhost level limit.
 +  [Tuning] Limit pipe logger buffer size to 1MB.
 +  [Bug Fix] Fix RackRunner.rb bug introduced in 6.1.2 build 8.
 +  [Bug Fix] Fix minor mod_security issues.
 +=== Build 0 ===
 +  [New Feature] Update HTTP/3 implementation to support QUICv2 protocol.
 +  [New Feature] mod_security engine now has an option to use RE2 instead PCRE regex engine.
 +  [New Feature] Add vhost level max request body length and max dynamic response length configurations.
 +  [New Feature] Add vhost level dedicated PHP handler configuration option.
 +  [New Feature] Add support for rewrite flags "​BNP",​ "​backrefnoplus",​ "​BCTLS",​ and "​BNE"​.
 +  [Improvement] Improve reCAPTCHA custom error page handling to avoid expensive dynamic processing.
 +  [Improvement] Add missing access log format following Apache spec.
 +  [Improvement] Enhance Apache expression support with dynamic regular expression matching.
 +  [Improvement] Apache expression support in RewriteCond.
 +  [Improvement] Virtual host level reCAPTCHA trigger by concurrent connections.
 +  [Security] More strict request header validation.
 +  [Bug Fix] Fix a compatibility issue with Rack version >3.0 for Ruby applications.
 +  [Bug Fix] Allow use of stdout/​stderr as log file names.
 +  [Bug Fix] Address large request header compatibility issue with PHP-FPM.
 +  [Tuning] Add PHP 8.3 support.
 +  [Tuning] Lift default virtual memory limit for external applications.
 +  [Bug Fix] Minor bug fixes to cache engine, mod_security engine, and request handling.
 +
 +===== Version 6.1.2 =====
 +=== Build 8 ===
 +  [New Feature] Add support for rewrite flags "​BNP",​ "​backrefnoplus",​ "​BCTLS",​ and "​BNE"​.
 +  [Bug Fix] Fix cp_switch_ws.sh switch back to Apache failure.
 +  [Bug Fix] Fix a compatibility issue with Rack version >3.0 for Ruby applications. ​
 +  [Bug Fix] Allow use of stdout/​stderr as log file names.
 +  [Bug Fix] Fix a mod_security engine Multi-thread race condition.
 +=== Build 7 ===
 +  [Bug Fix] Address a bug in expression parser introduced in build 5.
 +=== Build 6 ===
 +  [Bug Fix] Address a bug in RewriteCond expression parser.
 +  [Bug Fix] Address a bug in SSI engine.
 +=== Build 5 ===
 +  [Improvement] Enhance Apache expression support with dynamic regular expression matching.
 +  [Improvement] Apache expression support in RewriteCond.
 +  [Improvement] Virtual host level reCAPTCHA trigger by concurrent connections.
 +  [Bug Fix] Fix FreeBSD + ZFS crash due to unsupported posix_fallocate() syscall.
 +  [Tuning] Add PHP 8.3 support.
 +  [Tuning] Tweak graceful restart to avoid being killed by systemd during service restart.
 +=== Build 4 ===
 +  [Security] Properly handle multiple HOST headers.
 +  [Tuning] Lift default virtual memory limit for external applications.
 +  [Improvement] Add "​wordpress_logged_in_*"​ session cookie detection. ​
 +  [Bug Fix] Address two rare crashes relating to ESI handling.
 +=== Build 3 ===
 +  [Improvement] Improve reCAPTCHA custom error page handling to avoid expensive dynamic processing. ​
 +  [Bug Fix] Address broken Plesk feature "deny access to the site".
 +  [Bug Fix] Improve install script to now automatically install missing dependencies. ​
 +=== Build 2 ===
 +  [Security] Address request header smuggling over HTTP/2 and HTTP/3.
 +  [Bug Fix] Address broken FastCGI POST for large request body, introduced in 6.1.2 build 1. 
 +=== Build 1 ===
 +  [New Feature] Add vhost level max request body length and max dynamic response length configurations.
 +  [New Feature] Add vhost level dedicated PHP handler configuration option. ​
 +  [Improvement] Install necessary ruby-lsapi gem package for alt-ruby 3.1+.
 +  [Bug Fix] Address large request header compatibility issue with PHP-FPM.
 +  [Bug Fix] Address a false positive for per client soft limit blocking.
 +=== Build 0 ===
 +  [Improvement] Allow total header sizes > 64KB. 
 +  [Improvement] Add support for websocket upgrade using <​LocationMatch>​ and ProxyPassMatch (used by Plesk).
 +  [Improvement] Add support for Unix domain socket proxy target address (used by DirectAdmin).
 +  [Bug Fix] Address a corner case in LSAPI 304 response handling.
 +  [Bug Fix] Address unique ID duplication in mod_security audit log. 
 +  [Bug Fix] Address a corner case in mod_security request header matching. ​
 +  [Bug Fix] Address a license key verification issue during server reboot.
 +  [Bug Fix] Update ls-qpack to address a corner case. 
 +  [Bug Fix] Address a request header parser corner case for a look-alike header. ​
 +  [Bug Fix] Address broken mailman support for Plesk
 +  [Bug Fix] Address two corner cases in layer 4 proxy. ​
 +  [Bug Fix] Address an issue with proxy forwarding to the Plesk admin panel.
 +  [Tuning] Better handling of buggy HTTP/2 clients with poor flow control implementations.
 +
 +===== Version 6.1.1 =====
 +=== Build 0 ===
 +  [New Feature] Add SSL strict SNI mode option to fail SSL connections when there is no vhost level SSL certificate.
 +  [New Feature] Add a vhost level AllowBlockedUrl option to allow blocked URL passthrough. ​
 +  [Improvement] Add support for unix domain socket for redis dynamic vhost. ​
 +  [Improvement] Update WebAdmin Console login to use BCRYPT password hash.
 +  [Improvement] Add support for "​Require local" configuration directive.
 +  [Bug Fix] Avoid blocking on socket read for internal fetcher.
 +  [Bug Fix] Address broken "​RewriteOption inherit"​ corner case.
 +  [Bug Fix] Address duplicate unique ID field in mod_security audit log.
 +  [Bug Fix] Address a python application frequent restart issue.
 +  [Bug Fix] Address a python application upload hang issue.
 +  [Bug Fix] Fix SecRemoteRules certificate verification failure.
 +  [Bug Fix] Fix broken sub-directory password protection configuration for Plesk WordPress toolkit.
 +  [Bug Fix] Address an issue switching apache/lsws systemd unit file for Plesk.
 +  [Bug Fix] Address an issue with Plesk watchdog monitoring httpd service.
 +
 +===== Version 6.1 =====
 +=== Build 6 ===
 +  [Bug Fix] Adjust unix domain socket address length for PHP suEXEC handler.
 +=== Build 5 ===
 +  [Bug Fix] Address a python application upload hanging issue.
 +  [Bug Fix] Fix SecRemoteRules certificate verification failure.
 +  [Bug Fix] Fix broken sub-directory password protection configuration for Plesk WordPress toolkit.
 +=== Build 4 ===
 +  [Bug Fix] Address a crash when handling .htaccess updates.
 +=== Build 3 ===
 +  [Bug Fix] Address an issue switching apache/lsws systemd unit file for Plesk. ​
 +  [Bug Fix] Address an issue with Plesk watchdog monitoring httpd service.
 +=== Build 2 ===
 +  [Improvement] ARM64 (aarch64) package is now available.
 +  [Improvement] Update WebAdmin Console login to use BCRYPT password hash.
 +  [Bug Fix] Update php3_mode and php4_mode for DirectAdmin panel in script cp_switch_lsws.sh.
 +=== Build 1 ===
 +  [Improvement] Add support for "​Require local" configuration directive.
 +  [Bug Fix] Avoid blocking on socket read for internal fetcher.
 +  [Bug Fix] Address broken "​RewriteOption inherit"​ corner case.
 +  [Bug Fix] Update lsquic to v3.3.1 to address a corner case hang caused by flow control congestion. ​
 +=== Build 0 ===
 +  [New Feature] Add PROXY protocol support.
 +  [New Feature] Add custom response status code support.
 +  [New Feature] Apply OOMScoreAdjust for lsws service to avoid being OOM killed.
 +  [New Feature] Trigger reCAPTCHA through mod_security engine via an environment variable.
 +  [Improvement] Inherit .htaccess belonging to parent context.
 +  [Improvement] Make SSI environment available to included CGIs/​scripts.
 +  [Improvement] Add conditional access logging using Expression.
 +  [Improvement] Configurable reCAPTCHA timeout.
 +  [Improvement] Add "​DisableForwardedIpBan"​ Apache style configuration directive to avoid blocking IPs forwarded by front-end proxies.
 +  [Improvement] Enhance '​disableCgiOverride'​ to cover options +ExecCGI and +Include.
 +  [Improvement] Add Apache style configurations "​LogKeepDays"​ and "​LogCompressArchive"​.
 +  [Improvement] Escape multiline STDERR messages.
 +  [Improvement] Detect update failures in lsup.sh.
 +  [Improvement] Improve WebAdmin Console realtime stats with a new JavaScript library.
 +  [Bug Fix] Set "​HOME"​ environment for CGI/​External apps when possible.
 +  [Bug Fix] Fix connection timeout false-positives for active HTTP3 connections.
 +  [Bug Fix] Fix domain limited licensing for Plesk servers.
 +  [Bug Fix] Update lsquic to v3.3.0 . 
 +  [Tuning] Disable TLSv1.1 by default.
 +
 +===== Version 6.1RC3 =====
 +=== Build 0 ===
 +  [New Feature] Add custom response status code support.
 +  [New Feature] Apply OOMScoreAdjust for lsws service to avoid having the server killed when low on memory.
 +  [Improvement] Escape multiline STDERR messages. ​
 +  [Improvement] Add "​DisableForwardedIpBan"​ Apache style configuration directive to avoid blocking IPs forwarded by front-end proxies.
 +  [Bug Fix] Address a few corner cases in HTTP/3 implementation.  ​
 +  [Bug Fix] Address an HTTP/2 decoder bug. 
 +  [Bug Fix] Include all bug fixes applied to 6.0.12 stable releases.
 +
 +===== Version 6.1RC2 =====
 +=== Build 0 ===
 +  [New Feature] PROXY protocol support.
 +  [Improvement] Make SSI environment available to included CGIs/​scripts.
 +  [Improvement] Enhance '​disableCgiOverride'​ to cover options +ExecCGI and +Include. ​
 +  [Improvement] Better handling of content-type with charset.
 +  [Improvement] Add "​x-frame-options"​ header for reCAPTCHA page.
 +  [Bug Fix] Inherit .htaccess belonging to parent context.
 +  [Bug Fix] Address bad target URL with native proxy configuration for '/'​ context. ​
 +  [Bug Fix] Avoid installing Ruby Rack 3.0 gem to avoid compatibility issues. ​
 +  [Bug Fix] Avoid using IPv6 mapped IPv4 addresses for HTTP/3 connections. ​
 +  [Bug Fix] Address memory leak in QUIC SHM. 
 +
 +===== Version 6.1RC1 =====
 +=== Build 1 ===
 +  [New Feature] Add "​LSPHP_ProcessGroup unmanaged"​ mode to support php-fpm like services for Apache vhost.
 +  [Bug Fix] Address an HTTP/2 header value compliance corner case that caused broken curl HTTP/2 connections.
 +  [Improvement] Add support for alt-python 3.10.
 +  [Bug Fix] Address HTTP/3 corner cases with lsquic v3.1.4 update.
 +=== Build 0 ===
 +  [New Feature] Trigger reCAPTCHA through mod_security engine via an environment variable.
 +  [Improvement] Add parent context .htaccess inheritance.
 +  [Improvement] Add conditional access logging using Expression.
 +  [Improvement] Configurable reCAPTCHA timeout.
 +  [Improvement] Add "​LogKeepDays",​ "​LogCompressArchive"​ Apache style configurations.
 +  [Tuning] Disable TLSv1.1 by default.
 +  [Bug Fix] Set "​HOME"​ environment for CGI/​External apps when possible.
 +  [Bug Fix] Update lsquic to the latest v3.1.2 release.
 +  [Bug Fix] Include all bug fixes applied to 6.0.12 stable releases.
 +
 +===== Version 6.0.12 =====
 +=== Build 13 ===
 +  [Bug Fix] Detect and ignore truncated log file path for DirectAdmin.
 +  [Bug Fix] Fix broken server switching script for cPanel + Ubuntu.
 +  [Bug Fix] Do not count Plesk internal Virtual Hosts against license domain limit.
 +  [Bug Fix] Fix broken connection timeout for HTTP/3 connections.
 +=== Build 12 ===
 +  [Bug Fix] Address default charset issue for static files. (Introduced in v6.0.12 build 4)
 +  [Bug Fix] Address a mod_security corner case. 
 +=== Build 11 ===
 +  [Improvement] Add support for PHP 8.2 handler auto-detection.
 +  [Bug Fix] Address broken lowercase transformation for certain mod_security variables.
 +=== Build 10 ===
 +  [Bug Fix] Properly handle "​%{local}p"​ access log format.
 +  [Bug Fix] Handle white spaces when detecting existing header values.
 +  [Bug Fix] Fix broken "​Trusted"​ IP configuration in .htaccess.
 +  [Improvement] Add "​x-frame-options"​ header for reCAPTCHA page.
 +  [Improvement] Make SSI environment available to included CGIs/​scripts.
 +  [Bug Fix] Address crash in parsing bad rewrite map data.
 +  [Bug Fix] Address memory leak in QUIC SHM. 
 +=== Build 9 ===
 +  [Bug Fix] Address a response header bug introduced in build 8 that causes errors serving from cached page.
 +=== Build 8 ===
 +  [Bug Fix] Address malformed HTTP/1.1 response header caused by header value modification operations introduced in build 7.
 +  [Bug Fix] Address bad target URL with native proxy configuration for '/'​ context.
 +  [Bug Fix] Avoid installing Ruby Rack 3.0 gem (compatibility issues).
 +  [Bug Fix] Avoid using IPv6 mapped IPv4 addresses for HTTP/3 connections. ​
 +=== Build 7 ===
 +  [Bug Fix]  Address an HTTP/2 header value compliance corner case that caused broken curl HTTP/2 connections. ​
 +=== Build 6 ===
 +  [Improvement] Add support for alt-python 3.10 .
 +  [Bug Fix] Address HTTP/3 corner cases with lsquic v3.1.4 update.
 +  [Bug Fix] Limit the size of unix domain socket address for PHP suEXEC handler.
 +  [Bug Fix] Address a minor display issue in WebAdmin.
 +=== Build 5 ===
 +  [Bug Fix] Address a regression in SHM operations that caused random crashes, introduced in build 4.
 +=== Build 4 ===
 +  [Bug Fix] Minor corner case fixes in HTTP/3 protocol implementation.
 +  [Bug Fix] Address bug in "​AddDefaultCharset"​ support for all "​text/​*"​ MIME types.
 +  [Bug Fix] More strict header filtering for HPACK/QPACK encoding to avoid protocol violations.
 +  [Tuning] Disable TLSv1.1 by default.
 +=== Build 3 ===
 +  [Bug Fix] Address a random crash bug.
 +  [Bug Fix] Address an auto index permissions issue for Redis mass vhosting.
 +  [Tuning] No longer enable SPDY protocol by default.
 +  [Bug Fix] Apply a minor fix to HTTP/3 protocol.
 +=== Build 2 ===
 +  [New Feature] Adjust external app OOM score via LS_OOM_SCORE_ADJ environment configuration.
 +  [Bug Fix] Address a random crash in mod_security engine.
 +  [Bug Fix] Address an SSL error handling problem to avoid high CPU usage.
 +=== Build 1 ===
 +  [Bug Fix] Address a chunked encoding parser bug that could cause an infinite loop.
 +  [Bug Fix] Address a bug when processing delayed request bodies that could cause random crashes.
 +  [Bug Fix] Address a suEXEC bug with native vhost configurations.
 +  [Bug Fix] Update mod_security JSON audit log to include required data for imunify360 log parser.
 +  [Tuning] Update log messages for bot detection to avoid confusion.
 +=== Build 0 ===
 +  [Security] Address a few crashes and memory leaks in HTTP/3 implementation.
 +  [Security] Add more strict virtual host name validation in WebAdmin to address a potential XSS vulnerability.
 +  [Improvement] Add server level control to return 404 or 403 when directory auto-index is disabled.
 +  [Improvement] Better stale cache purge handling.
 +  [Improvement] Add pagination for long auto indexed pages.
 +  [Improvement] Support following ErrorDocument customizations in .htaccess for early stage internal errors.
 +  [Tuning] Enable suEXEC for PHP 8.1 by default.
 +  [Tuning] Do not enable cPanel HTTP server monitoring in update script.
 +  [Tuning] Adjust internal shell scripts for better ubuntu compatibility.
 +  [Bug Fix] Address broken alt-python application caused by the new way virtualenv was built.
 +  [Bug Fix] Address broken vhost level mod_security configuration.
 +  [Bug Fix] Address random crashes in mod_security engine.
 +  [Bug Fix] Address a rare multi-threaded mod_security engine race condition.
 +  [Bug Fix] Add more validation checks to avoid accidentally killing system process when stopping detached external application processes.
 +  [Bug Fix] Improve auto index script to avoid calling function ini_set().
 +  [Bug Fix] Address crashes in ESI/SSI engine.
 +  [Bug Fix] Address POST cache issues.
 +  [Bug Fix] Block request header "​transfer-encoding:​ chunked"​ for HTTP/2 and HTTP/3.
 +  [Bug Fix] Enforce HTTP authentication for OPTIONS requests.
 +
 +===== Version 6.0.11 =====
 +=== Build 9 ===
 +  [Security] Address a crash in HTTP/3 implementation.
 +  [Improvement] Add server level control to return 404 or 403 when directory auto-index is disabled.
 +  [Bug Fix] A few minor fixes to HTTP/3 implementation.
 +  [Bug Fix] Address a bug in SSI engine that caused random crashes.
 +  [Bug Fix] Address broken alt-python 2.7 applications.
 +=== Build 8 ===
 +  [Bug Fix] Address broken alt-python application caused by the new way virtualenv was built.
 +  [Bug Fix] Address broken vhost level mod_security configuration.
 +  [Bug Fix] Add more validation checks to avoid accidentally killing system process when stopping detached external application processes.
 +  [Bug Fix] Improve auto index script to avoid calling function ini_set().
 +  [Bug Fix] Address a rare multi-threaded mod_security engine race condition.
 +  [Bug Fix] Address a crash in ESI/SSI engine.
 +=== Build 7 ===
 +  [Bug Fix] Address broken alt-python application.
 +  [Bug Fix] Address POST cache issues.
 +  [Bug Fix] Block request header "​transfer-encoding:​ chunked"​ for HTTP/2 and HTTP/3.
 +  [Bug Fix] Address an SSI engine crash.
 +=== Build 6 ===
 +  [Improvement] Better stale cache purge handling.
 +  [Improvement] Add pagination for long auto indexed pages.
 +  [Bug Fix] Address a random crash in mod_security engine.
 +  [Tuning] Do not enable cPanel HTTP server monitoring in update script.
 +  [Tuning] Adjust internal shell scripts for better ubuntu compatibility. ​
 +=== Build 5 ===
 +  [Bug Fix] Increase HTTP/3 max concurrent streams from 100 to 500 to work around a chrome bug.
 +  [Bug Fix] Enforce HTTP authentication for OPTIONS requests.
 +  [Bug Fix] Address a crash triggered by a debug log message.
 +  [Misc] Update bundled lsws_whm_plugin_install.sh script and attempt to download the latest version of this script before use. 
 +=== Build 4 ===
 +  [Security] Add more strict virtual host name validation in WebAdmin to address a potential XSS vulnerability.
 +  [New Feature] Add CloudLinux alt-python3.9 support.
 +  [Bug fix] Address a python application server configuration issue.
 +  [Bug fix] Address a "sub request timeout"​ crash.
 +=== Build 3 ===
 +  [Bug Fix] Address a random crash when handling connection level timer events.
 +  [Improvement] Support following ErrorDocument customizations in .htaccess for early stage internal errors.
 +  [Tuning] Enable suEXEC for PHP 8.1 by default. ​
 +=== Build 2 ===
 +  [New Feature] Add "​SecEngineHtaccessOverride on/​off"​ directive to allow/​disable turning on/off mod_security engine from .htaccess. Default to "​on"​.
 +  [New Feature] Add "​ModSec19Compatible on/​off"​ directive to support mod_security 1.9 style configurations. Default to "​off"​.
 +  [Bug Fix] Address a layer4 tunnel bug that was causing random crashes.
 +  [Bug Fix] Address a random crash in handling connection level timer events. ​
 +=== Build 1 ===
 +  [Bug Fix] Address a vhost level mod_security engine control corner case. 
 +=== Build 0 ===
 +  [New Feature] Add websocket proxy target support for rewrite rules.
 +  [Improvement] Improve HTTP/2 upload throughput.
 +  [Improvement] Improve HTTP/3 upload throughput.
 +  [Bug Fix] Address HTTP/3 handshake failures.
 +  [Bug Fix] Address an HTTP/1.1 request body chunk encoding corner case that caused unexpected 400 status for the next request made when over a keep-alive connection.
 +  [Bug Fix] Throttle unnecessary lscache purges generated by LSCWP.
 +  [Bug Fix] Improve cp_switch_ws.sh script compatibility with different shell interpreters.
 +  [Bug Fix] Avoid caching incomplete/​broken homepages for more than 1 minute.
 +  [Bug Fix] Address broken vhost level private cache lookup configuration.
 +
 +===== Version 6.0.10 =====
 +=== Build 2 ===
 +  [Bug Fix] Address HTTP/3 handshake failures.
 +  [Bug Fix] Improve HTTP/2 upload throughput.
 +=== Build 1 ===
 +  [Bug Fix] Address an HTTP/3 throughput regression introduced in v6.0.10.
 +  [Bug Fix] Improve HTTP/2 upload throughput.
 +  [Bug Fix] Throttle unnecessary lscache purges generated by LSCWP.
 +  [Bug Fix] Improve cp_switch_ws.sh script compatibility with different shell interpreters.
 +  [Bug Fix] Avoid caching incomplete/​broken homepages for more than 1 minute.
 +  [Bug Fix] Address broken vhost level private cache lookup configuration.
 +=== Build 0 ===
 +  [Improvement] Optimize SSL and HTTP/2 read speeds.
 +  [Bug Fix] Address a few bandwidth throttling issues.
 +  [Bug Fix] Address high CPU usage for server worker processes.
 +  [Bug Fix] Address issues with ModSecurity logging and persistent variable handling.
 +  [Bug Fix] Address a few minor HTTP/3 corner cases.
 +  [Bug Fix] Convert chunked encoding request bodies for proxy backends.
 +  [Bug Fix] Address a Server Side Includes corner case that could sometimes truncate large files.
 +  [Bug Fix] Do not block client access if reCAPTCHA is not properly configured when using WP full protection.
 +
 +===== Version 6.0.9 =====
 +=== Build 3 ===
 +  [Bug Fix] Address a few minor HTTP/3 corner cases.
 +  [Bug Fix] Avoid unnecessary error log warnings (introduced in v6.0.8).
 +  [Bug Fix] Convert chunked encoding request bodies for proxy backends.
 +  [Bug Fix] Address a Server Side Includes corner case that could sometimes truncate large files.
 +  [Bug Fix] Do not block client access if reCAPTCHA is not properly configured when using WP full protection.
 +=== Build 2 ===
 +  [Bug Fix] Address "​cannot find installed module for python application"​ regression (introduced in v6.0.9).
 +=== Build 1 ===
 +  [Bug Fix] Address mod_security request body scan getting randomly skipped (introduced in v6.0.8).
 +=== Build 0 ===
 +  [Bug Fix] Address cache engine corner case that randomly disabled cache or ignored purge requests.
 +  [Bug Fix] Cache engine should no longer purge again when serving a cached page with purge headers.
 +  [Bug Fix] Properly pass environment variables for python applications configured via CloudLinux python selector.
 +  [Bug Fix] Update ea-ruby24 to ea-ruby27 for cPanel Ruby application manager.
 +  [Bug Fix] Address POST requests randomly hanging.
 +  [Bug Fix] "​%{CONTENT_TYPE}"​ is now properly supported in Apache expressions.
 +  [New Feature] Add support for '​LogRotationSize'​ Apache directive at the server level to control access log rotation.
  
 ===== Version 6.0.8 ===== ===== Version 6.0.8 =====
Line 162: Line 549:
   [Improvement] Revamp of SSL Multi-Cert support.   [Improvement] Revamp of SSL Multi-Cert support.
   [Bug Fix] All applicable bug fixes from 5.4.X releases.   [Bug Fix] All applicable bug fixes from 5.4.X releases.
-=== RC3 ===+ 
 +===== Version 6.0RC3 ===== 
 +=== Build 0 ===
   [New Feature] Support external application configuration using domain name for target address.   [New Feature] Support external application configuration using domain name for target address.
   [New Feature] HTTP/3 draft 32 support.   [New Feature] HTTP/3 draft 32 support.
Line 170: Line 559:
   [Improvement] Better support for various ModSecurity variables.   [Improvement] Better support for various ModSecurity variables.
   [Improvement] Fix various HTTP/3 congestion control corner cases to maximize throughput.   [Improvement] Fix various HTTP/3 congestion control corner cases to maximize throughput.
-=== RC2 ===+ 
 +===== Version 6.0RC2 ===== 
 +=== Build 0 ===
   [New Feature] ModSecurity scan response body support.   [New Feature] ModSecurity scan response body support.
   [New Feature] HTTP/3 draft 31 support.   [New Feature] HTTP/3 draft 31 support.
Line 176: Line 567:
   [Major Improvement] ModSecurity persistent collection SHM storage.   [Major Improvement] ModSecurity persistent collection SHM storage.
   [Major Improvement] Revamp of SSL Multi-Cert support.   [Major Improvement] Revamp of SSL Multi-Cert support.
-=== RC1 ===+ 
 +===== Version 6.0RC1 ===== 
 +=== Build 0 ===
   [Major New Feature] Apache 2.4 conditional context <If> <​Ifelse>​ <​Else>​ support.   [Major New Feature] Apache 2.4 conditional context <If> <​Ifelse>​ <​Else>​ support.
   [Major New Feature] Asynchronous mod_security engine.   [Major New Feature] Asynchronous mod_security engine.
Line 744: Line 1137:
   [New Feature] HTTPS certificate compression,​ reducing the size of HTTPS handshake exchange data.   [New Feature] HTTPS certificate compression,​ reducing the size of HTTPS handshake exchange data.
   [Improvement] Improved HTTP/2 stream prioritization for a better user browsing experience.   [Improvement] Improved HTTP/2 stream prioritization for a better user browsing experience.
-=== RC4 ===+ 
 +===== Version 5.4RC4 ===== 
 +=== Build 0 ===
   [New Feature] Support for SO_REUSEPORT for multi-worker license.   [New Feature] Support for SO_REUSEPORT for multi-worker license.
   [New Feature] HTTPS/QUIC handshake offloading.   [New Feature] HTTPS/QUIC handshake offloading.
Line 751: Line 1146:
   [New Feature] Support for Google QUIC 046.   [New Feature] Support for Google QUIC 046.
   [New Feature] Experimental IETF QUIC draft-20.   [New Feature] Experimental IETF QUIC draft-20.
-=== RC3 ===+ 
 +===== Version 5.4RC3 ===== 
 +=== Build 0 ===
   [Major New Feature] Dynamic Virtual Host configuration through REDIS backend.   [Major New Feature] Dynamic Virtual Host configuration through REDIS backend.
   [Major Improvement] Greatly improved HTTP/2 performance -- up to 7x faster than previous implementations.   [Major Improvement] Greatly improved HTTP/2 performance -- up to 7x faster than previous implementations.
   [Bug fix] Improved QUIC engine performance and stability.   [Bug fix] Improved QUIC engine performance and stability.
   [Bug fix] All bug fixes and enhancements on 5.3.x branch included.   [Bug fix] All bug fixes and enhancements on 5.3.x branch included.
-=== RC2 ===+ 
 +===== Version 5.4RC2 ===== 
 +=== Build 0 ===
   [Major New Feature] Dynamic virtual hosting through rewrite rules.   [Major New Feature] Dynamic virtual hosting through rewrite rules.
   [Improvement] Improved HTTP/2 performance.   [Improvement] Improved HTTP/2 performance.
Line 762: Line 1161:
   [Bug fix] All applicable bug fixes from the 5.3 branch.   [Bug fix] All applicable bug fixes from the 5.3 branch.
   [Bug fix] Fixed a few server crash bugs.   [Bug fix] Fixed a few server crash bugs.
-=== RC1 ===+ 
 +===== Version 5.4RC1 ===== 
 +=== Build 0 ===
   [New Feature] Recaptcha verification for DDoS attack mitigation.   [New Feature] Recaptcha verification for DDoS attack mitigation.
   [New Feature] Support for Ruby/​Python/​Nodejs applications in native configuration.   [New Feature] Support for Ruby/​Python/​Nodejs applications in native configuration.
  • Admin
  • Last modified: 2022/09/12 17:53
  • by Michael Alegre