Documentation : https://docs.bunkerweb.io/1.6.9~rc2/

Docker tags :

• All-In-One : bunkerity/bunkerweb-all-in-one:1.6.9-rc2 or ghcr.io/bunkerity/bunkerweb-all-in-one:1.6.9-rc2
• BunkerWeb : bunkerity/bunkerweb:1.6.9-rc2 or ghcr.io/bunkerity/bunkerweb:1.6.9-rc2
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.9-rc2 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.9-rc2
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.9-rc2 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.9-rc2
• UI : bunkerity/bunkerweb-ui:1.6.9-rc2 or ghcr.io/bunkerity/bunkerweb-ui:1.6.9-rc2
• API : bunkerity/bunkerweb-api:1.6.9-rc2 or ghcr.io/bunkerity/bunkerweb-api:1.6.9-rc2

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.9~rc2&filter=all&dist=

Changelog :

• [BUGFIX] Update reCAPTCHA handling to use ANTIBOT_RECAPTCHA_CLASSIC variable instead of session data to determine whether to use the classic reCAPTCHA response format or the new one, ensuring consistent behavior regardless of session state.
• [BUGFIX] Rename command argument to plugin_command for clarity and to avoid conflicts with other command arguments with bwcli.
• [FEATURE] Add new file setting type to allow users to upload files directly from the web UI and use their content as values for settings.
• [FEATURE] Add Gandi as a DNS provider in the letsencrypt plugin
• [FEATURE] Add Hetzner as a DNS provider in the letsencrypt plugin
• [FEATURE] Add certificate authority selection in the Let's Encrypt plugin to allow users to choose between Let's Encrypt and ZeroSSL as the certificate authority for their certificates (Also added ZeroSSL specific settings).
• [FEATURE] Add the possibility to whitelist/blacklist group of countries in the Country plugin.
• [UI] Add override non-global services functionality in global settings
• [UI] Make data columns in the reports page non orderable to avoid issues
• [UI] Add control socket configuration for gunicorn
• [UI] Enhance multiselect dropdown functionality and update the type of multiple settings to use it
• [ALL-IN-ONE] Update CrowdSec version to 1.7.6
• [AUTOCONF] Update gateway and ingress status patching to handle multiple IP addresses and Handle NodePort services if a load balancer IP is not available.
• [API] Add control socket configuration for gunicorn
• [MISC] Change type of CUSTOM_SSL_CERT_DATA and CUSTOM_SSL_KEY_DATA settings to file to allow users to upload their certificate and key files directly from the web UI.
• [MISC] Update default value for Permissions-Policy header to include an additional feature (gamepad).
• [DEPS] Update ApexCharts.js version to v5.6.0
• [DEPS] Update i18next version to v25.8.10
• [DEPS] Updated zlib version to v1.3.2
• [DEPS] Updated libmaxminddb version to v1.13.1
• [CONTRIBUTION] Thank you Kn-ut99 for your contribution regarding the fix of a typo in the Let's Encrypt plugin's documentation.

The testing version of BunkerWeb should not be used in production, please use the latest stable version instead.

Documentation : https://docs.bunkerweb.io/testing/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:testing or ghcr.io/bunkerity/bunkerweb:testing
• Scheduler : bunkerity/bunkerweb-scheduler:testing or ghcr.io/bunkerity/bunkerweb-scheduler:testing
• Autoconf : bunkerity/bunkerweb-autoconf:testing or ghcr.io/bunkerity/bunkerweb-autoconf:testing
• UI : bunkerity/bunkerweb-ui:testing or ghcr.io/bunkerity/bunkerweb-ui:testing

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=testing&filter=all&dist=

Please note that when using Linux Debian or Ubuntu integration, you will need to add the force-bad-version directive to your /etc/dpkg/dpkg.cfg file before installing the testing version of BunkerWeb.

Documentation : https://docs.bunkerweb.io/1.6.9~rc1/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:1.6.9-rc1 or ghcr.io/bunkerity/bunkerweb:1.6.9-rc1
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.9-rc1 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.9-rc1
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.9-rc1 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.9-rc1
• UI : bunkerity/bunkerweb-ui:1.6.9-rc1 or ghcr.io/bunkerity/bunkerweb-ui:1.6.9-rc1

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.9~rc1&filter=all&dist=

Changelog :

• [BUGFIX] Ensure variables are only added if they are defined in the environment file and are valid key-value pairs to prevent issues with malformed lines in the variables file.
• [BUGFIX] Add API token back for certbot hooks in environment configuration
• [FEATURE] Add ClouDNS DNS provider support to Let's Encrypt plugin
• [FEATURE] Add new CLIENT_BODY_TIMEOUT, CLIENT_HEADER_TIMEOUT, KEEPALIVE_TIMEOUT and SEND_TIMEOUT settings to control the corresponding NGINX timeouts, allowing better handling of long-lived connections and preventing unintended timeouts.
• [FEATURE] Add a new gRPC plugin to allow proxying gRPC traffic to upstream gRPC services with support for TLS, SNI, custom headers and retry policies.
• [FEATURE] Make it possible to leave HTTP/HTTPS/STREAM/TLS ports empty to not listen on them.
• [AUTOCONF] Add experimental support for GRPCRoute in the Kubernetes integration to allow routing gRPC traffic based on Kubernetes Gateway API resources.
• [LINUX] Updated NGINX version to v1.28.2 for Fedora 42 and 43 integration
• [UI] Fix status for PHP plugin to not always be shown as activated
• [UI] Fix dark theme background for datatables actions
• [UI] Make it possible to edit settings with the wizard method in the web UI
• [UI] Enhance reports functionality with improved filter handling and data fetching
• [UI] Enhance home dashboard with new IP blocking metrics and improved tooltips
• [API] Fix redis sentinel issue when a password is set on the master node
• [MISC] Remove warning for uninitialized variables in default server configuration (as we control the configuration and we know that some variables may be uninitialized in some cases, especially for 400 errors)

Documentation : https://docs.bunkerweb.io/1.6.8/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:1.6.8 or ghcr.io/bunkerity/bunkerweb:1.6.8
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.8 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.8
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.8 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.8
• UI : bunkerity/bunkerweb-ui:1.6.8 or ghcr.io/bunkerity/bunkerweb-ui:1.6.8

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.8&filter=all&dist=

Changelog :

• [FEATURE] Add new REVERSE_PROXY_REQUEST_BUFFERING setting to the Reverse Proxy plugin to control request body buffering behavior when proxying requests (default: on)
• [FEATURE] Enhance Let's Encrypt plugin to support concurrent certificate generation for multiple services via the new LETS_ENCRYPT_CONCURRENT_REQUESTS setting (default: no)
• [FEATURE] Add GoDaddy as a DNS provider in the letsencrypt plugin
• [FEATURE] Add TransIP as a DNS provider in the letsencrypt plugin
• [FEATURE] Add Domeneshop as a DNS provider in the letsencrypt plugin
• [FEATURE] Add new KEEP_CONFIG_ON_RESTART global setting to control whether a temporary configuration should be generated on each restart or preserve the existing one (default: no)
• [FEATURE] Refactor Templator engine to use Jinja2 for improved templating capabilities and maintainability
• [BUGFIX] Initialize is_whitelisted variable to 'no' in configuration files to avoid spam uninitialized messages in logs
• [BUGFIX] Reorganize insertion logic to prevent foreign key errors and improve order of operations in database when creating/updating plugins
• [BUGFIX] Fix robots.txt and list-based plugins (greylist/whitelist/blacklist/dnsbl) appending duplicate entries on subsequent requests by creating deep copies of internalstore data instead of using shared references
• [BUGFIX] Fix Redis database selection in web UI and bwcli by renaming REDIS_DB to REDIS_DATABASE when fetching the settings
• [BUGFIX] Fix timezone discrepancies when checking for daily PRO plugin updates by normalizing dates to UTC
• [BUGFIX] Fix plugin deletion logic to correctly identify manually installed plugins so they are only removed when explicitly uninstalled
• [BUGFIX] Fix bug where updating a ban to a custom duration accidentally created a permanent ban
• [AUTOCONF] Add experimental Gateway API controller support (Gateway/HTTPRoute) and documentation
• [API] Add HTTP/2 support in Gunicorn configuration for improved performance and compatibility
• [API] Add CIDR annotations support for FORWARDED_ALLOW_IPS and PROXY_ALLOW_IPS settings and update the default values to common private network ranges
• [UI] Change redirect status code from 302 to 303 in the web UI to follow best practices for redirection after form submissions
• [UI] Fix bug where updating a ban to a custom duration accidentally created a permanent ban
• [UI] Enhance map legend and color ramp for blocked requests visualization
• [UI] Enhance dark mode styles for news card elements
• [UI] Add CIDR annotations support for FORWARDED_ALLOW_IPS and PROXY_ALLOW_IPS settings and update the default values to common private network ranges
• [UI] Add security mode in services table
• [UI] Implement services import functionality with drag-and-drop support
• [UI] Ensure UI service URL is properly formatted in setup loading route
• [UI] Enhance Redis report querying with filter parsing and chunked retrieval
• [UI] Update ace editor to version 1.43.5
• [UI] Enhance page titles to dynamically reflect current context and navigation state for improved user experience
• [LINUX] Enhance Easy Install script to detect if the epel-release should be installed or not for RHEL-family distros
• [LINUX] Check the installation type in the easy-install script to avoid issues when upgrading from an older version and the installation type is not all-in-one or manager
• [LINUX] Enhance Easy Install script by adding an option to install a Redis server for data persistence and caching
• [DEPS] Update coreruleset-v4 version to v4.23.0
• [DEPS] Update coreruleset-v4 version to v4.22.0
• [DEPS] Update coreruleset-v3 version to v3.3.8
• [DEPS] Updated NGINX version to v1.28.2 (except for Fedora as it is not yet available)
• [DEPS] Updated lua-cjson version to v2.1.0.16
• [DEPS] Updated luajit2 version to v2.1-20260114
• [DEPS] Update lua-resty-openssl version to v1.7.1
• [DOCS] Add forward proxy configuration for outgoing traffic
• [MISC] Update Laurent Minne's blacklist's label and add the new one from DuggyTuxy Data-Shield IPv4 Blocklist
• [MISC] Add publiccode metadata file for open source compliance
• [CONTRIBUTION] Thank you rayshoo for your contribution regarding the Korean translation of the web UI.

Documentation : https://docs.bunkerweb.io/1.6.8~rc3/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:1.6.8-rc3 or ghcr.io/bunkerity/bunkerweb:1.6.8-rc3
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.8-rc3 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.8-rc3
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.8-rc3 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.8-rc3
• UI : bunkerity/bunkerweb-ui:1.6.8-rc3 or ghcr.io/bunkerity/bunkerweb-ui:1.6.8-rc3

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.8~rc3&filter=all&dist=

Changelog :

• [FEATURE] Add new REVERSE_PROXY_REQUEST_BUFFERING setting to the Reverse Proxy plugin to control request body buffering behavior when proxying requests (default: on)
• [BUGFIX] Initialize is_whitelisted variable to 'no' in configuration files to avoid spam uninitialized messages in logs
• [BUGFIX] Reorganize insertion logic to prevent foreign key errors and improve order of operations in database when creating/updating plugins
• [AUTOCONF] Add experimental Gateway API controller support (Gateway/HTTPRoute) and documentation
• [UI] Change redirect status code from 302 to 303 in the web UI to follow best practices for redirection after form submissions
• [UI] Fix bug where updating a ban to a custom duration accidentally created a permanent ban
• [UI] Enhance map legend and color ramp for blocked requests visualization
• [UI] Enhance dark mode styles for news card elements
• [UI] Add CIDR annotations support for FORWARDED_ALLOW_IPS and PROXY_ALLOW_IPS settings and update the default values to common private network ranges
• [API] Add HTTP/2 support in Gunicorn configuration for improved performance and compatibility
• [API] Add CIDR annotations support for FORWARDED_ALLOW_IPS and PROXY_ALLOW_IPS settings and update the default values to common private network ranges
• [MISC] Update Laurent Minne's blacklist's label and add the new one from DuggyTuxy Data-Shield IPv4 Blocklist
• [MISC] Add publiccode metadata file for open source compliance

Documentation : https://docs.bunkerweb.io/1.6.8~rc2/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:1.6.8-rc2 or ghcr.io/bunkerity/bunkerweb:1.6.8-rc2
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.8-rc2 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.8-rc2
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.8-rc2 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.8-rc2
• UI : bunkerity/bunkerweb-ui:1.6.8-rc2 or ghcr.io/bunkerity/bunkerweb-ui:1.6.8-rc2

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.8~rc2&filter=all&dist=

Changelog :

• [FEATURE] Enhance Let's Encrypt plugin to support concurrent certificate generation for multiple services via the new LETS_ENCRYPT_CONCURRENT_REQUESTS setting (default: no), improving efficiency and reducing wait times during bulk operations
• [FEATURE] Add GoDaddy as a DNS provider in the letsencrypt plugin
• [FEATURE] Add TransIP as a DNS provider in the letsencrypt plugin
• [FEATURE] Add Domeneshop as a DNS provider in the letsencrypt plugin
• [FEATURE] Add new KEEP_CONFIG_ON_RESTART global setting to control whether a temporary configuration should be generated on each restart or preserve the existing one (default: no)
• [BUGFIX] Fix robots.txt and list-based plugins (greylist/whitelist/blacklist/dnsbl) appending duplicate entries on subsequent requests by creating deep copies of internalstore data instead of using shared references
• [LINUX] Enhance Easy Install script to detect if the epel-release should be installed or not for RHEL-family distros
• [UI] Add security mode in services table
• [UI] Implement services import functionality with drag-and-drop support
• [UI] Ensure UI service URL is properly formatted in setup loading route
• [UI] Enhance Redis report querying with filter parsing and chunked retrieval
• [UI] Update ace editor to version 1.43.5
• [DEPS] Updated lua-cjson version to v2.1.0.16
• [CONTRIBUTION] Thank you rayshoo for your contribution regarding the Korean translation of the web UI.

Documentation : https://docs.bunkerweb.io/1.6.8~rc1/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:1.6.8-rc1 or ghcr.io/bunkerity/bunkerweb:1.6.8-rc1
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.8-rc1 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.8-rc1
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.8-rc1 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.8-rc1
• UI : bunkerity/bunkerweb-ui:1.6.8-rc1 or ghcr.io/bunkerity/bunkerweb-ui:1.6.8-rc1

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.8~rc1&filter=all&dist=

Changelog :

• [FEATURE] Refactor Templator engine to use Jinja2 for improved templating capabilities and maintainability
• [BUGFIX] Fix Redis database selection in web UI and bwcli by renaming REDIS_DB to REDIS_DATABASE when fetching the settings
• [BUGFIX] Fix timezone discrepancies when checking for daily PRO plugin updates by normalizing dates to UTC
• [BUGFIX] Fix plugin deletion logic to correctly identify manually installed plugins so they are only removed when explicitly uninstalled
• [LINUX] Check the installation type in the easy-install script to avoid issues when upgrading from an older version and the installation type is not all-in-one or manager
• [LINUX] Enhance Easy Install script by adding an option to install a Redis server for data persistence and caching
• [UI] Enhance page titles to dynamically reflect current context and navigation state for improved user experience
• [DEPS] Update coreruleset-v3 version to v3.3.8
• [DEPS] Update coreruleset-v4 version to v4.22.0
• [DEPS] Updated luajit2 version to v2.1-20260114
• [DEPS] Update lua-resty-openssl version to v1.7.1

Documentation : https://docs.bunkerweb.io/1.6.7/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:1.6.7 or ghcr.io/bunkerity/bunkerweb:1.6.7
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.7 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.7
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.7 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.7
• UI : bunkerity/bunkerweb-ui:1.6.7 or ghcr.io/bunkerity/bunkerweb-ui:1.6.7

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.7&filter=all&dist=

Changelog :

• [FEATURE] Enhance SSL/TLS negotiation by implementing dynamic ECDH curve resolution, enabling more flexible and secure key exchange configurations in preparation for post-quantum cryptography (X25519MLKEM768) with OpenSSL 3.5+
• [FEATURE] Implement automatic LRU cache eviction in the metrics module to prevent memory exhaustion by purging least-recently-used elements when capacity is reached
• [FEATURE] Optimize Redis connection handling by reusing pooled connections in Lua timers for improved performance and reduced overhead
• [FEATURE] Refactor logging setup across multiple modules to be able to send logs to a syslog server and have multiple handlers at the same time
• [FEATURE] Allow configuration of whether Base64 decoding should be applied to DNS credentials via the new LETS_ENCRYPT_DNS_CREDENTIAL_DECODE_BASE64 setting in the Let's Encrypt plugin (default is yes)
• [FEATURE] Add new ACCESS_LOG and ERROR_LOG settings to configure access and error log destinations for BunkerWeb's instance
• [FEATURE] Refactor Auth Basic plugin so Lua now hashes credentials with salted scrypt (CSPRNG-only) and verifies them in constant time.
• [FEATURE] Updated Bad Behavior plugin to automatically apply bans made by the default server globally across all services, enhancing security by ensuring that IPs exhibiting bad behavior are consistently blocked.
• [FEATURE] Add the possibility to have draft custom configurations that are not applied to the service until they are explicitly published. Draft custom configurations are indicated in the web UI and can be toggled between draft and online status.
• [FEATURE] Add new SSL_SESSION_CACHE_SIZE setting to the SSL plugin to allow configuration of the size of the SSL session cache (e.g., 10m, 512k). Setting it to off or none disables session caching (default is 10m).
• [FEATURE] Enhance the Antibot plugin to better handle redirection back to the original request path after a successful challenge by checking the Referer header, ensuring users are redirected to meaningful content rather than static files or other unintended destinations
• [FEATURE] Add the possibility to tweak custom configurations created from the web UI or API manually
• [FEATURE] Allow customizing plugin execution order via new PLUGINS_ORDER_* settings (space-separated plugin IDs; multisite-aware per phase)
• [BUGFIX] Fix wrong modsecurity reason data under heavy load
• [BUGFIX] Fix wrong certificate name checks in Let's Encrypt
• [BUGFIX] Fix issues with Let's Encrypt's HTTP challenge on Linux HA integrations
• [BUGFIX] Fix issues with the Ingress controller regarding reverse proxy settings when using multiple paths per rule and a template by adjusting the indexing logic to be configurable via the new KUBERNETES_REVERSE_PROXY_SUFFIX_START setting (default is 1 to keep backward compatibility)
• [BUGFIX] Escape percentage signs in DATABASE_URI for Alembic when using the SQLAlchemy URL configuration to prevent formatting errors during migrations
• [BUGFIX] Fix issues with Autoconf controllers persisting old instances after they have been deleted from the orchestrator.
• [UI] Restrict flash messages containing sensitive information to authenticated users only
• [UI] Enhance breadcrumb navigation and filtering on custom configuration pages for improved user experience
• [UI] Enhance service configuration handling during edits and renames to ensure consistency and prevent data loss
• [UI] Enhance session management with Redis support and configurable session lifetime
• [UI] Renamed "Global Configuration" to "Global Settings" in the web UI for clarity
• [UI] Address CSRF token issues in the web UI when not connecting through BunkerWeb
• [UI] Add the possibility to provide a certificate and a key so that the web UI can be served over HTTPS (without requiring a reverse proxy)
• [UI] Fix occasional flash of the light mode on the loading page when using dark mode
• [API] Refactor rate limiting to be more user-friendly and configurable via settings
• [ALL-IN-ONE] Update CrowdSec version to 1.7.4
• [LINUX] Support Fedora 43
• [LINUX] Updated NGINX version to v1.28.1 for Fedora 42 and 43 integration
• [LINUX] Update version retrieval for RPM packaging to ensure correct sorting for release candidates
• [LINUX] Drop support of Fedora 41
• [DEPS] Updated NGINX version to v1.28.1 for all integrations
• [DEPS] Updated Modsecurity nginx connector version to 1.0.4
• [DEPS] Updated luajit2 version to v2.1-20251229
• [DEPS] Update lua-resty-session version to v4.1.5
• [DEPS] Update coreruleset-v4 version to v4.21.0
• [DEPS] Updated zlib version to v1.3.1.2
• [DOCS] Add Easy Resolve PRO plugin video tutorial link to the documentation
• [DOCS] Add documentation about the new logging settings and how to configure them
• [DOCS] Update database compatibility matrix
• [DOCS] Refactor API documentation to include new API features and improve clarity
• [DOCS] Add documentation about the new "Custom Pages" PRO plugin
• [DOCS] Refactor web UI documentation to improve clarity

Documentation : https://docs.bunkerweb.io/1.6.7~rc2/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:1.6.7-rc2 or ghcr.io/bunkerity/bunkerweb:1.6.7-rc2
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.7-rc2 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.7-rc2
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.7-rc2 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.7-rc2
• UI : bunkerity/bunkerweb-ui:1.6.7-rc2 or ghcr.io/bunkerity/bunkerweb-ui:1.6.7-rc2

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.7~rc2&filter=all&dist=

Changelog :

• [BUGFIX] Fix wrong certificate name checks in Let's Encrypt
• [BUGFIX] Fix issues with Let's Encrypt's HTTP challenge on Linux HA integrations
• [FEATURE] Implement automatic LRU cache eviction in the metrics module to prevent memory exhaustion by purging least-recently-used elements when capacity is reached
• [FEATURE] Optimize Redis connection handling by reusing pooled connections in Lua timers for improved performance and reduced overhead
• [LINUX] Updated NGINX version to v1.28.1 for Fedora 42 and 43 integration
• [ALL-IN-ONE] Update CrowdSec version to 1.7.4
• [DEPS] Updated luajit2 version to v2.1-20251229

Documentation : https://docs.bunkerweb.io/1.6.7~rc1/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:1.6.7~rc1 or ghcr.io/bunkerity/bunkerweb:1.6.7~rc1
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.7~rc1 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.7~rc1
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.7~rc1 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.7~rc1
• UI : bunkerity/bunkerweb-ui:1.6.7~rc1 or ghcr.io/bunkerity/bunkerweb-ui:1.6.7~rc1

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.7~rc1&filter=all&dist=

Changelog :

• [FEATURE] Refactor logging setup across multiple modules to be able to send logs to a syslog server and have multiple handlers at the same time
• [FEATURE] Allow configuration of whether Base64 decoding should be applied to DNS credentials via the new LETS_ENCRYPT_DNS_CREDENTIAL_DECODE_BASE64 setting in the Let's Encrypt plugin (default is yes)
• [FEATURE] Add new ACCESS_LOG and ERROR_LOG settings to configure access and error log destinations for BunkerWeb's instance
• [FEATURE] Refactor Auth Basic plugin so Lua now hashes credentials with salted scrypt (CSPRNG-only) and verifies them in constant time.
• [FEATURE] Updated Bad Behavior plugin to automatically apply bans made by the default server globally across all services, enhancing security by ensuring that IPs exhibiting bad behavior are consistently blocked.
• [FEATURE] Add the possibility to have draft custom configurations that are not applied to the service until they are explicitly published. Draft custom configurations are indicated in the web UI and can be toggled between draft and online status.
• [FEATURE] Add new SSL_SESSION_CACHE_SIZE setting to the SSL plugin to allow configuration of the size of the SSL session cache (e.g., 10m, 512k). Setting it to off or none disables session caching (default is 10m).
• [FEATURE] Enhance the Antibot plugin to better handle redirection back to the original request path after a successful challenge by checking the Referer header, ensuring users are redirected to meaningful content rather than static files or other unintended destinations
• [FEATURE] Add the possibility to tweak custom configurations created from the web UI or API manually
• [FEATURE] Allow customizing plugin execution order via new PLUGINS_ORDER_* settings (space-separated plugin IDs; multisite-aware per phase)
• [BUGFIX] Fix issues with the Ingress controller regarding reverse proxy settings when using multiple paths per rule and a template by adjusting the indexing logic to be configurable via the new KUBERNETES_REVERSE_PROXY_SUFFIX_START setting (default is 1 to keep backward compatibility)
• [BUGFIX] Escape percentage signs in DATABASE_URI for Alembic when using the SQLAlchemy URL configuration to prevent formatting errors during migrations
• [BUGFIX] Fix issues with Autoconf controllers persisting old instances after they have been deleted from the orchestrator.
• [UI] Enhance service configuration handling during edits and renames to ensure consistency and prevent data loss
• [UI] Enhance session management with Redis support and configurable session lifetime
• [UI] Renamed "Global Configuration" to "Global Settings" in the web UI for clarity
• [UI] Address CSRF token issues in the web UI when not connecting through BunkerWeb
• [UI] Add the possibility to provide a certificate and a key so that the web UI can be served over HTTPS (without requiring a reverse proxy)
• [UI] Fix occasional flash of the light mode on the loading page when using dark mode
• [API] Refactor rate limiting to be more user-friendly and configurable via settings
• [LINUX] Support Fedora 43
• [LINUX] Update version retrieval for RPM packaging to ensure correct sorting for release candidates
• [DOCS] Add documentation about the new logging settings and how to configure them
• [DOCS] Update database compatibility matrix
• [DOCS] Refactor API documentation to include new API features and improve clarity
• [DOCS] Add documentation about the new "Custom Pages" PRO plugin
• [DOCS] Refactor web UI documentation to improve clarity
• [DEPS] Update lua-resty-session version to v4.1.5
• [DEPS] Update coreruleset-v4 version to v4.21.0
• [DEPS] Updated zlib version to v1.3.1.2