ProHoster > Блог > labaran intanet > Sakin uwar garken Lighttpd http 1.4.65

Sakin uwar garken Lighttpd http 1.4.65

An saki 1.4.65 uwar garken lighttpd mai sauƙi, yana ƙoƙarin haɗa babban aiki, tsaro, yarda da ƙa'idodi da sassauƙar sanyi. Lighttpd ya dace don amfani akan tsarin da aka ɗorawa sosai kuma ana nufin ƙananan ƙwaƙwalwar ajiya da amfani da CPU. Sabuwar sigar ta ƙunshi canje-canje 173. An rubuta lambar aikin a cikin C kuma an rarraba a ƙarƙashin lasisin BSD.

Manyan sabbin abubuwa:

  • Ƙarin tallafi don WebSocket akan HTTP/2, kuma an aiwatar da RFC 8441, wanda ke bayyana tsarin tafiyar da ka'idar WebSockets akan zaren guda ɗaya a cikin haɗin HTTP/2.
  • An aiwatar da babban tsarin gudanarwa na fifiko wanda ke ba abokin ciniki damar yin tasiri kan fifikon martanin da uwar garken ta aika (RFC 9218), da kuma sarrafa abubuwan da suka fi dacewa yayin da ake tura buƙatun. HTTP/2 yana ba da tallafi ga firam ɗin PRIORITY_UPDATE.
  • A cikin saitunan lighttpd.conf, an ƙara goyan bayan matches masu dacewa tare da ɗaure zuwa farkon (=^) da ƙarshen (=$) na kirtani. Irin waɗannan binciken kirtani sun fi sauri fiye da maganganun yau da kullun kuma sun wadatar da yawa masu sauƙi.
  • Ƙara goyon baya don ayyukan PUT na ɓangare (rufe ɓangaren bayanan ta amfani da taken Range) zuwa mod_webdav. Don kunna shi, zaku iya amfani da zaɓin 'webdav.opts += ("partial-put-copy-modify' => "enable")'.
  • Ƙara 'accesslog.escaping = 'json'" zaɓi zuwa mod_accesslog."
  • Ƙara goyon baya don ginawa tare da libdeflate zuwa mod_deflate.
  • Neman watsa jiki ta hanyar HTTP/2 an ƙara haɓaka.
  • An canza tsohuwar ƙimar uwar garken.max-keep-alive-requests siga daga 100 zuwa 1000.
  • A cikin jerin nau'ikan MIME, "application/javascript" an maye gurbinsu da "rubutu/javascript" (RFC 9239).

Tsare-tsare na gaba sun haɗa da tsauraran saitunan sifa don TLS da kuma kashe bayanan gado ta tsohuwa. Za a canza saitin CipherString daga "HIGH" zuwa "EECDH+AESGCM:AES256+EECDH:CHACHA20:SHA256:!SHA384". Hakanan ana shirin cirewa sune zaɓuɓɓukan TLS waɗanda ba a gama dasu ba: ssl.honor-cipher-order, ssl.dh-file, ssl.ec-curve, ssl.disable-abokin ciniki-renegotiation, ssl.use-sslv2, ssl.use-sslv3. Bugu da ƙari, za mu ci gaba da tsaftace ƙananan-modules, waɗanda za a iya maye gurbinsu da mafi sassauƙan aiwatar da Lua na mod_magnet. Musamman, mod_evasive, mod_secdownload, mod_uploadprogress da mod_usertrack an tsara su don cirewa.

source: budenet.ru

Add a comment