- [Update] lsphp 73 is now used on Linux platforms.
- [Bug Fix] Fixed a cache module and mod_security-ls conflict that could cause a crash.
- [Bug Fix] Fix some mod_security-ls compilation issues.
- [Bug Fix] Fixed permission issues with `autoupdate/` and `tmp/` directories.
- [Bug Fix] Fixed a bug that caused excessive buffering for HTTP/2 connections.
- [Bug Fix] Fix Context level external redirects causing errors.
- [Bug Fix] Fixed a memory leak.
- [New Feature] Added support for ‘LS_STDERR_LOG’ environment variable to set up the stderr log file for started processes.
- [Update] Removed libgeoip dependency.
- [Update] Update mod_security-ls to always go through reqbody and respBody phases.
- [Bug Fix] Fixed installation issue with the lshttpd service.
- [Bug Fix] Fixed a network throttling bug that prevented paused SSL connections from being resumed.
- [Bug Fix] Fixed a crash that occurred when failing to retrieving client info.
- [Bug Fix] Fixed lsrecaptcha not being used with front-end proxies.
- [Bug Fix] Fixed a rare crash that occurred when failing to create a new cache entry.
- [New Feature] Added build.sh, a new build tool to build from source code (including any dependencies) for most platforms in a single click.
- [Improvement] Detached PHP processes will now restart when PHP binary is changed.
- [Update] Disable TLSv1.0 by default for SSL.
- [Update] Use LSPHP 7 by default.
- [Bug Fix] Fixed a bug causing a “[modcompress] AddHooks failed” error.
- [Bug Fix] Fixed debug log toggle not working.
- [Bug Fix] Fixed a bug causing high CPU issues when using SSL.
- [Bug Fix] Fixed PHP memory limit being unable to be set higher than 2GB.
- [Bug Fix] Fixed stream traffic counter not being reset for new connections.
- [Bug Fix] Fix Accept-Encoding header being case sensitive.
- [New Feature] Added stale purge support. With this feature, only the first visitor to a stale cache page will hit the backend with subsequent visitors getting served the stale cache copy until the page has finished being re-cached by the first request.
- [Major New Feature] Keep PHP workers running through server restarts with detached mode.
- [Security] Addressed recent HTTP/2 DoS advisories. Fixed CVE-2019-9512 “Ping Flood”, CVE-2019-9515 “Settings Flood”, CVE-2019-9516 “0-Length Headers Leak”, and CVE-2019-9518 “Empty Frames Flood” vulnerabilities. Completely blocks unaffected attacks: CVE-2019-9511 “Data Dribble”, CVE-2019-9513 “Resource Loop”, CVE-2019-9514 “Reset Flood”, and CVE-2019-9517 “Internal Data Buffering”.
- [Bug Fix] Fixed a REMOTE_ADDR env bug for IPv6 that caused roundcube errors.
- [Security] Updated jquery library from version 2.1.1 to 2.2.4, addressing a cross site scripting vulnerability present in the earlier version.
- [Improvement] Added support for HTTP response code 413: response is larger than defined max dynamic response length.
- [Improvement] Updated install.sh script to make it compatible with FreeBSD.
- [Bug Fix] Fixed a dllibmodsecurity.sh bug that was causing module modsecurity to fail to build on some operating systems.
- [Bug Fix] Fixed lsrecaptcha build script getting called incorrectly in the configure.ac script.
- [Bug Fix] Fixed a bug that caused the server to returned a 404 response code, instead of a 403 response code, when a file had a permission issue.
- [Bug Fix] Fixed “empty response” bug when serving responses larger than 2GB.
- [Bug Fix] Fixed an autoLoadHtaccess bug in automatically created contexts where only the first level sub-directory of a Vhost would be loaded.
- [Bug Fix] Fixed a crash bug when server info was set to display in the response header.
- [Bug Fix] Fixed a bug when attempting to get new directory paths when automatically adding missing contexts.
- [Bug Fix] Fixed a forcedType bug of causing extApps to always use server level settings regardless of VHost level settings.
- [Security] Perform actions as the autoupdate directory owner in related function.sh and server core code.
- [New Feature] Added testbeta.sh file to final installation directory.
- [Update] Updated dllibmodsecurity.sh to improve modsecurity-ls module support and prevent failure to build on FreeBSD systems.
- [Update] Updated install.sh to make sure that the current user and group are checked correctly.
- [Bug Fix] Fixed a crash when detecting OS/platform.
- [Bug Fix]Fixed a server core bug that was causing high load.
- [Update] Removed unnecessary empty lines when saving the config file.
- [Update] Added ReadOnly Mode, to avoid overwriting crucial config information, when an include file is detected in the config.
- [Bug Fix] Fixed an issue where previous settings may have been wiped out when adding more Environment variables in External App.
- [New Feature] Added support fo multiple access logs (at most 4) for each Vhost.
- [Improvement] Only check-in plain conf file with when the conf file is updated.
- [Bug Fix] Fixed a bug where the “SERVER_ADDR” variable was not set.
- [Bug Fix] Fixed “listening port occupied” bug when using the service restart command.
- [Bug Fix] Fixed a VHost error log bug that where https content was only partially recorded.
- [Bug Fix] Fixed cache module not working when using a reverse proxy.
- [New] 1.5.1 includes updates from 1.4.43 to 1.4.47.
- [Update] Added lsrecaptcha support.
- [Update] Added support for CGroups, a Linux kernel feature that limits and isolates resource usage.
- [Bug Fix] Fixed an issue in modgzip which may cause a server crash in some cases.
- [Bug Fix] Fixed an issue where the HTTP_END hook point is not placed correctly, causing module data not to be released in some cases.
- [Bug Fix] Fixed an issue in the cache module, where backend errors cause zero-length content to be saved and served.
- [Bug Fix] Fixed a bug where using a NULL ntwkiolink Handler would cause a crash.
- [Bug Fix] Fixed a logger bug where a NULL appender was sometimes used causing a crash.
- [Bug Fix] Fixed a bug where cgi/php response body was being converted to lowercase.
- [Bug Fix] Fixed an ip2location configuration bug.
- [Bug Fix] Fixed a bug where cookies not reset on next use could cause a crash.
- [Bug Fix] Fixed a bug where loading and using cache and pagespeed modules at the same time could cause an internal
- [Bug Fix] Fixed a cipher previously rejected by chrome.
- [Bug Fix] Fixed a bug where comparing a string could cause a crash.
- [New] Multi-Thread APIs.
- [New] Module Developer Guide.
- [Update] Added more Multi-Thread example modules.
- [Bug Fix] All known bugs have been fixed.
- [New] Initial Release! See our Installation Guide.