Lighttpd 1.4.65 – 高性能开源 Web 服务器

lighttpd(发音为/lighty/)是一个安全,快速,合规且非常灵活的Web服务器,已针对高性能环境进行了优化。lighttpd有效地使用内存和CPU,并且资源使用率低于其他流行的Web服务器。其先进的功能集(FastCGI,CGI,Auth,Output-Compression,URL-Rewriteing等等)使lighttpd成为所有系统(无论大小)的完美Web服务器。lighttpd 在开源修订的 BSD 许可证下发布。

June 07, 2022

Important changes

WebSockets over HTTP/2, bugfixes


  • WebSockets over HTTP/2
    RFC 8441 Bootstrapping WebSockets with HTTP/2
    RFC 9218 Extensible Prioritization Scheme for HTTP
  • prefix/suffix conditions in lighttpd.conf
  • mod_webdav safe partial-PUT
    webdav.opts += (“partial-put-copy-modify” => “enable”)
  • mod_accesslog option: accesslog.escaping = “json”
  • mod_deflate libdeflate build option
  • speed up request body uploads via HTTP/2

Behavior Changes

  • change default server.max-keep-alive-requests = 1000 to adjust
    to increasing HTTP/2 usage and to web2/web3 application usage
    (prior default was 100)
  • mod_status HTML now includes HTTP/2 control stream id 0 in the output
    which contains aggregate counts for the HTTP/2 connection
    (These lines can be identified with URL ‘*’, part of “PRI *” preface)
    alternative: https://wiki.lighttpd.net/ModMagnetExamples#lua-mod_status
  • MIME type application/javascript is translated to text/javascript (RFC 9239)

Future Scheduled Behavior Changes

  • TLS modules will default to using stronger, modern ciphers and
    will default to allow client preference in selecting ciphers.
    Allowing client preference in selecting ciphers is safe to do along
    with restrictions to use modern ciphers supporting PFS, and is
    better for mobile users without AES hardware acceleration.
    Legacy ciphers can still be configured in lighttpd.conf using
    `ssl.openssl.ssl-conf-cmd`, as long as the ciphers are supported by
    the underlying TLS libraries. https://wiki.lighttpd.net/Docs_SSL
    new defaults:
    “CipherString” => “EECDH+AESGCM:AES256+EECDH:CHACHA20:%title插图%numSHA256:!SHA384”,
    “Options” => “-ServerPreference”
    old defaults:
    “CipherString” => “HIGH”,
    “Options” => “ServerPreference”
  • Deprecated TLS options will be removed.
    – ssl.honor-cipher-order
    – ssl.dh-file
    – ssl.ec-curve
    – ssl.disable-client-renegotiation
    – ssl.use-sslv2
    – ssl.use-sslv3
    See https://wiki.lighttpd.net/Docs_SSL for replacements with
    `ssl.openssl.ssl-conf-cmd`, but prefer lighttpd defaults instead.
  • Continue gradual deprecation of “mini-application” lighttpd modules
    for which mod_magnet lua implementations are better and more flexible.
    Please post on lighttpd forums to share feedback if you use these modules.
    Forums: https://redmine.lighttpd.net/projects/lighttpd/boards
  • Deprecated: mod_evasive will be removed.
    mod_evasive can be replaced by mod_magnet and a few lines of lua:
    Replacement: https://wiki.lighttpd.net/ModMagnetExamples#lua-mod_evasive
  • Deprecated: mod_secdownload will be removed.
    mod_secdownload can be replaced by mod_magnet and a few lines of lua:
    Replacement: https://wiki.lighttpd.net/ModMagnetExamples#lua-mod_secdownload
    mod_secdownload historically uses insecure MD5 though SHA1, SHA256 available
  • Deprecated: mod_uploadprogress will be removed.
    mod_uploadprogress can be replaced by mod_magnet and a few lines of lua:
    Replacement: https://wiki.lighttpd.net/ModMagnetExamples#lua-mod_uploadprogress
  • Deprecated: mod_usertrack will be removed.
    mod_usertrack can be replaced by mod_magnet and a few lines of lua:
    Replacement: https://wiki.lighttpd.net/ModMagnetExamples#lua-mod_usertrack
    mod_usertrack historically uses insecure MD5.



您的电子邮箱地址不会被公开。 必填项已用*标注

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

1 × 2 =