Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
litespeed_wiki:changelog [2020/03/25 14:50] Lucas Rolff Add latest builds |
litespeed_wiki:changelog [2020/08/12 13:43] Lucas Rolff 5.4.8 build 5 |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== LiteSpeed Web Server Changelog ====== | ====== LiteSpeed Web Server Changelog ====== | ||
| + | |||
| + | ===== Version 6.0 ===== | ||
| + | |||
| + | === RC1 === | ||
| + | |||
| + | [Major New Feature] Apache 2.4 conditional context <If> <Ifelse> <Else> support. | ||
| + | [Major New Feature] Asynchronous mod_security engine. | ||
| + | [Major New Feature] Bubblewrap isolated CGI/PHP execution environments. | ||
| + | [New Feature] HTTP/3 draft 29 support. | ||
| + | [Major Enhancement] HTTP/2 has gone through a major rewrite with more efficient header handling. | ||
| + | [Enhancement] Added ModSecurity JSON audit log. | ||
| + | |||
| + | ===== Version 5.4.8 ===== | ||
| + | |||
| + | === Build 5 === | ||
| + | |||
| + | [Bug fix] Properly pass CHUNK encoded request body to script handler to address random file upload failure. | ||
| + | [Bug fix] Addressed graceful restart failure when the server has many IPs in use and is forced to create listeners for individual IP. | ||
| + | |||
| + | === Build 4 === | ||
| + | |||
| + | [New Feature] Control whether to wait for the full request body or not before passing requests to the request handler with new environment variable "wait-req-full-body". (Waiting allows the request handler to see the full request body immediately) | ||
| + | [Tuning] Increase reCAPTCHA verified status timeout from 1-hour to 1-day. | ||
| + | [Tuning] Increase .htaccess processing time limit from 500ms to 2.5sec to allow for the processing of larger .htaccess files. | ||
| + | |||
| + | === Build 3 === | ||
| + | |||
| + | [Bug Fix] LiteMage cache object count is now more accurate. | ||
| + | [Bug Fix] Address a few compatibility issues with Plesk admin console proxy through regular HTTPS access. | ||
| + | [Bug Fix] Cache statistics access through IPv6. | ||
| + | [Improvement] Protect WebAdmin listener port from duplicate regular listener configuration. | ||
| + | [Improvement] Add Plesk git integration support. | ||
| + | |||
| + | === Build 2 === | ||
| + | |||
| + | [Bug Fix] Address 404 error for reCAPTCHA verification. | ||
| + | [Bug Fix] 'SetEnv' directive is now properly applied inside <Files> or <FilesMatch> contexts. | ||
| + | |||
| + | === Build 1 === | ||
| + | |||
| + | [Bug Fix] Correct DirectAdmin PHP handler detection when "DirectAdmin" panel is selected under "PHP" config tab. | ||
| + | [Bug Fix] WebSocket ProxyPass configuration now works correctly inside the <Location> context. | ||
| + | [Bug Fix] Match Apache's Redirect behavior by discarding original query string if target URL has query string set. | ||
| + | |||
| + | === Build 0 === | ||
| + | |||
| + | [New Feature] Add the ability to load an extra ECC certificate for an Apache virtual host when multi-cert support is enabled. | ||
| + | [New Feature] Apply header modification configurations in .htaccess to dynamic responses for CloudLinux Python/Ruby/NodeJS selector application. | ||
| + | [New Feature] Update client IP using request header "X-Real-IP". | ||
| + | [New Feature] Use Client IP in Header can now be set to use the last IP listed in the X-Forwarded-For header for servers behind AWS ELB. | ||
| + | [Security] Block 'LD_*' environment variable overriding from .htaccess. | ||
| + | [Improvement] New Ruby 2.0+ compatible RackRunner script for ruby-lsapi 5.0. | ||
| + | [Improvement] Separate IPv4 and IPv6 virtual hosts now share cached pages for the same domain. | ||
| + | [Improvement] Update WHM plugin to v4.0 (drops support for EasyApache 3). | ||
| + | [Improvement] Make reCAPATCHA compatible with WordPress password protected pages. | ||
| + | [Bug Fix] Invisible reCAPTCHA now works properly with IE 11 browser. | ||
| + | [Bug Fix] Correct Magento LiteMage2 cache object statistics. | ||
| + | [Bug Fix] Address an AJPv13 hanging bug. | ||
| + | [Bug Fix] Enabling bandwidth throttling no longer causes rare HTTP/2 response hangs. | ||
| + | [Bug Fix] Properly apply UMASK configuration for external applications. | ||
| + | [Bug Fix] Fix a problem with Plesk log rotation when LSWS overrode Apache's rc script with a symbolic link. | ||
| + | [Bug Fix] NodeJS default being not properly set in httpd_config.xml no longer causes crashing. | ||
| + | [Bug Fix] Address cp_switch_ws.sh issues when switching back to Apache. | ||
| + | |||
| + | ===== Version 5.4.7 ===== | ||
| + | |||
| + | === Build 9 === | ||
| + | |||
| + | [Bug Fix] Correct a SHM memory allocation issue. | ||
| + | [Bug Fix] Address a URL handling regression introduced in build 7 that affected NextCloud WebDAV clients. | ||
| + | |||
| + | === Build 8 === | ||
| + | |||
| + | [New Feature] Use Client IP in Header can now be set to use the last IP listed in the X-Forwarded-For header for servers behind AWS ELB. | ||
| + | [Bug Fix] Address cp_switch_ws.sh issues when switching back to Apache. | ||
| + | [Bug Fix] Invisible reCAPTCHA now works properly with IE 11 browser. | ||
| + | [Bug Fix] Correct a crash bug in cache engine. | ||
| + | [Tuning] Separate IPv4 and IPv6 virtual hosts now share cached pages for the same domain. | ||
| + | |||
| + | === Build 7 === | ||
| + | |||
| + | [New Feature] For CloudLinux Python/Ruby/NodeJS selector application, applies header modification configuration in .htaccess to dynamic response. | ||
| + | [Bug Fix] A mod_security engine bug that causes random crash. | ||
| + | [Bug Fix] A bug in access log format validation. | ||
| + | |||
| + | === Build 6 === | ||
| + | |||
| + | [Bug Fix] Fixed Plesk log rotation issue when LSWS override Apache rc script with symbolic link. | ||
| + | [Bug Fix] Fixed a crash when NodeJS default was not properly set in httpd_config.xml. | ||
| + | |||
| + | === Build 5 === | ||
| + | |||
| + | [Security] Blocks overriding LD_PRELOAD environment variable from .htaccess. | ||
| + | [Bug Fix] Fixed a corner case that causes hanging HTTP/2 response when bandwidth throttling is enabled. | ||
| + | [Bug Fix] Properly apply UMASK configuration for external application. | ||
| + | |||
| + | === Build 4 === | ||
| + | |||
| + | [New Feature] Added the ability to load extra ECC certificate for Apache virtual host when multi-cert support is enabled. | ||
| + | [Improvement] New Ruby 2.0+ compatible RackRunner script for ruby-lsapi 5.0. | ||
| + | [Tuning] Disable cache if a request is blocked by mod_security. | ||
| + | [Bug Fix] Minor bug fixes in cache engine. | ||
| + | [Bug Fix] Minor bug fix in mod_security engine. | ||
| + | |||
| + | === Build 3 === | ||
| + | |||
| + | [Bug Fix] Fixed an HTTP/2 protocol bug encountered when a PHP page failed without sending back a response header. | ||
| + | [Bug Fix] Fixed an internal memory management bug that caused random crashing. | ||
| + | |||
| + | === Build 2 === | ||
| + | |||
| + | [Bug Fix] Fixed an AJPv13 protocol bug that caused requests containing a request body to hang. | ||
| + | [Tuning] Improved reCAPATCHA verification to make it compatible with WordPress password protected pages. | ||
| + | |||
| + | === Build 0 === | ||
| + | |||
| + | [Security] Fixed a symbolic link attack in directory auto index script. Thank you KnownHost for the bug report. (CloudLinux user is not affected.) | ||
| + | [New Feature] Added strict suEXEC and ownership checking on scripts. | ||
| + | [New Feature] Added ability to configure static/dynamic request per second limit for Apache ghost. | ||
| + | [Bug Fix] Fixed reCAPTCHA triggering for the first access of an allowed robot. | ||
| + | [Bug Fix] Added "Cache-Control: no-cache" to reCAPTCHA verification page to disallow CDN/proxy cache. | ||
| + | [Bug fix] Fixed delayed .htaccess loading. | ||
| + | [Bug fix] Fixed a delayed server response bug with HTTP/2. | ||
| + | [Bug fix] Fixed a NodeJS websocket backend configuration bug. | ||
| + | [Bug fix] Shared lib for lscmctl script is now updated on server install/update. | ||
| + | [Tuning] Prevent ports 443 and 80 from being used as WebAdmin listener port. | ||
| + | [Tuning] Avoid triggering 503 errors when cPanel backend services (cpcontacts, webdisk, ...) are unavailable. | ||
| + | [Tuning] Automatically update /proc/sys/net/core/somaxconn to 1024 whenever server performs a fresh startup. | ||
| + | [Tuning] Added after=lve_namespaces.service to systemd unit file. | ||
| ===== Version 5.4.6 ===== | ===== Version 5.4.6 ===== | ||
| + | |||
| + | === Build 5 === | ||
| + | [Bug Fix] Fixed a bug that reCAPTCHA was shown for the first access of an allowed robot. | ||
| + | [Bug Fix] Added "Cache-Control: no-cache" for reCAPTCHA verify page to disallow CDN/proxy cache. | ||
| + | |||
| + | === Build 4 === | ||
| + | |||
| + | [Bug Fix] Minimize interference with mandatory rewrite processing when bypassing favicon URL rewrite. | ||
| + | [Tuning] Avoid triggering 503 errors when cPanel backend services (cpcontacts, webdisk, ...) are unavailable. | ||
| + | |||
| + | === Build 3 === | ||
| + | |||
| + | [Bug Fix] Use request header value for RBL lookups. | ||
| + | [Bug Fix] Fixed a configuration parser crash. | ||
| + | [Bug Fix] Fixed HTTP/3 ALPN string to properly advertise h3-27. | ||
| + | [Tuning] Automatically update /proc/sys/net/core/somaxconn to 1024, when server performs a fresh startup. | ||
| + | [Tuning] Avoid adjusting external application process priority based on server's priority. | ||
| === Build 2 === | === Build 2 === | ||