ProHoster > Π‘Π»ΠΎΠ³ > wararka internetka > Siideynta server-ka Lighttpd http 1.4.65

Siideynta server-ka Lighttpd http 1.4.65

Adeegga fudud ee http lighttpd 1.4.65 waa la sii daayay, isagoo isku dayaya inuu isku daro waxqabadka sare, amniga, u hoggaansanaanta heerarka iyo dabacsanaanta qaabeynta. Lighttpd wuxuu ku habboon yahay in lagu isticmaalo nidaamyada aadka loo raray waxaana loogu talagalay xusuusta hoose iyo isticmaalka CPU. Nooca cusub wuxuu ka kooban yahay 173 isbeddel. Xeerka mashruuca wuxuu ku qoran yahay C waxaana lagu qaybiyaa shatiga BSD.

Hal-abuurka ugu muhiimsan:

  • Taageerada lagu daray WebSocket ee HTTP/2, oo la hirgeliyay RFC 8441, kaas oo qeexaya habka lagu socodsiiyo borotokoolka WebSockets ee hal dun oo ku dhex jira xiriirka HTTP/2.
  • Nidaam maareyn mudnaan sare leh ayaa la hirgeliyay kaasoo u oggolaanaya macmiilka inuu saameyn ku yeesho mudnaanta jawaabaha uu soo diro server-ka (RFC 9218), iyo sidoo kale inuu maareeyo mudnaanta marka codsiyada la wareejinayo. HTTP/2 waxa ay siisaa taageerada qaabka PRIORITY_UPDATE
  • Goobaha lighttpd.conf, taageerada ciyaaraha shuruudaha leh ee ku xidhan bilowga (=^) iyo dhammaadka (=$) ee xadhigga ayaa lagu daray. Jeegaga xadhkaha noocan oo kale ah ayaa aad uga dheereeya tibaaxaha caadiga ah waxayna ku filan yihiin jeegag badan oo fudud.
  • Taageero lagu daray hawl-gallada PUT qayb ahaan (daboolaya qayb ka mid ah xogta iyadoo la adeegsanayo madaxa Range) mod_webdav. Si aad awood ugu yeelato, waxaad isticmaali kartaa ikhtiyaarka 'webdav.opts += ("partial-put-copy-modify' => "enable")'.
  • Lagu daray 'accesslog.escaping = 'json'" ikhtiyaarka mod_accesslog."
  • Taageero lagu daray dhismo leh libdeflate mod_deflate.
  • Codsiga gudbinta jirka ee HTTP/2 waa la dedejiyay.
  • Qiimaha caadiga ah ee server.max-keep-alive-requests parameter ayaa laga beddelay 100 ilaa 1000.
  • Liiska noocyada MIME, "application/javascript" waxa lagu bedelay "qoraalka/javascript" (RFC 9239).

Qorshayaasha mustaqbalka waxa ka mid ah dejimaha sifaarka adag ee TLS iyo curyaaminta kaydinta dhaxalka si caadi ah. Goobta CipherString waxa laga bedeli doonaa "HIGH" loona badali doonaa "EECDH+AESGCM:AES256+EECDH:CHACHA20:SHA256:!SHA384". Waxa kale oo la qorsheeyay in meesha laga saaro waa ikhtiyaarada TLS ee duugoobay: ssl.honor-cipher-order, ssl.dh-file, ssl.ec-curve, ssl.disable-client-renegotiation, ssl.use-sslv2, ssl.use-sslv3. Intaa waxaa dheer, waxaan sii wadi doonaa nadiifinta-modules-yar, kuwaas oo lagu bedeli karo hirgelin Lua dabacsan oo mod_magnet ah. Gaar ahaan, modules mod_evasive, mod_secdownload, mod_uploadprogress iyo mod_usertrack ayaa loo qorsheeyay in meesha laga saaro.

Source: opennet.ru

Add a comment