v1.6.2-rc1

Documentation : https://docs.bunkerweb.io/1.6.2-rc1/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:1.6.2-rc1 or ghcr.io/bunkerity/bunkerweb:1.6.2-rc1
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.2-rc1 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.2-rc1
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.2-rc1 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.2-rc1
• UI : bunkerity/bunkerweb-ui:1.6.2-rc1 or ghcr.io/bunkerity/bunkerweb-ui:1.6.2-rc1

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.2-rc1&filter=all&dist=

Changelog :

• [BUGFIX] Fix database migration issues when upgrading from older versions to v1.6.1-rc1 with a PostgreSQL database
• [BUGFIX] Fix shenanigans with templates in the web UI when editing/creating a service using the easy mode
• [BUGFIX] Improve database table existence checks and error handling in scripts to avoid errors when the LANG is not en_US.UTF-8
• [BUGFIX] Fix Country plugin regex to avoid false positives and deduplicate entries in the lua code
• [BUGFIX] Fix Let's Encrypt clear old certificates logic to avoid deleting the wrong certificates
• [DOCS] Enhance documentation about all-in-one image
• [DOCS] Refactor the settings documentation to make it more consistent and easier to read, it is now renamed to Features
• [FEATURE] Enhance SSL plugin configuration with customizable cipher levels modern, intermediate, and old for better control over SSL/TLS settings and the ability to set a custom cipher list
• [FEATURE] Add the possibility to ignore URI, IP, reverse DNS, ASN, and User-Agent in the Antibot plugin
• [FEATURE] Add the possibility to configure the algorithm used when generating the self-signed certificate in the Self-signed certificate plugin (default is ec-prime256v1)
• [FEATURE] Add Infomaniak as a DNS provider in the letsencrypt plugin
• [MISC] Add the possibility to use the less secure dns_cloudflare_email and dns_cloudflare_api_key credentials in the letsencrypt plugin for Cloudflare DNS provider
• [MISC] Update regex in the Self-signed certificate plugin for subject validation so we don't have to always start with /CN=
• [MISC] Update regex in the Security.txt plugin to support both HTTP and HTTPS URLs and add an helper function to convert HTTP URLs to HTTPS
• [MISC] Update regex in the SSL plugin to support older HTTPS protocols
• [MISC] Make the default certificate more secure by using the secp384r1 curve and the sha384 hash algorithm instead of the secp256r1 curve and the sha256 hash algorithm
• [AUTOCONF] Remove possible infinite loop in Kubernetes integration
• [UI] The temporary web UI will now accept X-Forwarded-For headers to allow the use of a reverse proxy in front of it
• [UI] Persist DataTable page length in localStorage for consistent user experience.
• [UI] Fix 2FA setup page QR code not being scannable when using the dark mode
• [UI] Update latest stable release only if available to avoid unnecessary updates prompting
• [UI] Fix correct key retrieval for Redis metrics
• [UI] Enhance report data formatting and error handling in reports module
• [UI] Templates are now listed in an appropriate order in the web UI when creating a new service in easy mode (low -> medium -> high -> custom)
• [UI] Refactor easy mode to improve the user experience and make it more intuitive
• [ALL-IN-ONE] Enhance supervisord configuration to ensure proper startup and shutdown of all services in the all-in-one image
• [ALL-IN-ONE] Improve logging mechanism in the all-in-one image to ensure that logs are properly captured and displayed
• [LINUX] Fix NGINX service not being disabled correctly in the post-install script
• [DEPS] Add lua-upstream-nginx-module
• [DEPS] Update lua-resty-redis version to v0.32
• [DEPS] Update ngx_devel_kit version to v0.3.4
• [DEPS] Update mbedtls version to v3.6.3

Testing

The testing version of BunkerWeb should not be used in production, please use the latest stable version instead.

Documentation : https://docs.bunkerweb.io/testing/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:testing or ghcr.io/bunkerity/bunkerweb:testing
• Scheduler : bunkerity/bunkerweb-scheduler:testing or ghcr.io/bunkerity/bunkerweb-scheduler:testing
• Autoconf : bunkerity/bunkerweb-autoconf:testing or ghcr.io/bunkerity/bunkerweb-autoconf:testing
• UI : bunkerity/bunkerweb-ui:testing or ghcr.io/bunkerity/bunkerweb-ui:testing

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=testing&filter=all&dist=

Please note that when using Linux Debian or Ubuntu integration, you will need to add the force-bad-version directive to your /etc/dpkg/dpkg.cfg file before installing the testing version of BunkerWeb.

v1.6.1

Documentation : https://docs.bunkerweb.io/1.6.1/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:1.6.1 or ghcr.io/bunkerity/bunkerweb:1.6.1
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.1 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.1
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.1 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.1
• UI : bunkerity/bunkerweb-ui:1.6.1 or ghcr.io/bunkerity/bunkerweb-ui:1.6.1

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.1&filter=all&dist=

Changelog :

• [BUGFIX] Enhance Alembic configuration to support database URIs args
• [BUGFIX] Made SERVER_NAME setting's regex more permissive (removed the duplication check)
• [BUGFIX] Add selective table support in Backup plugin to avoid issues when restoring the database
• [DOCS] Document how to use BunkerWeb with and existing Ingress controller in Kubernetes
• [DOCS] Add documentation about new all-in-one image for BunkerWeb in the Docker section of the Integrations page
• [DOCS] Edit documentation about thew User Manager PRO plugin
• [FEATURE] Add a new all-in-one image for BunkerWeb that includes all the services in one image (BunkerWeb, Scheduler, Autoconf, and UI)
• [FEATURE] Add CrowdSec as a core plugin
• [MISC] Improve update check output formatting for better readability
• [MISC] Enhance Let's Encrypt DNS credential handling to support base64-encoded values, while also refining credential item processing to handle escape sequences and improve data integrity.
• [UI] Enhance ban handling with improved validation and informative responses for ban scope and service
• [UI] Improve plugin page template handling logic
• [UI] Add a failover message reporting
• [UI] Prevent interference with newsletter form checkbox click handler

v1.6.1-rc3

Documentation : https://docs.bunkerweb.io/1.6.1-rc3/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:1.6.1-rc3 or ghcr.io/bunkerity/bunkerweb:1.6.1-rc3
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.1-rc3 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.1-rc3
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.1-rc3 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.1-rc3
• UI : bunkerity/bunkerweb-ui:1.6.1-rc3 or ghcr.io/bunkerity/bunkerweb-ui:1.6.1-rc3

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.1-rc3&filter=all&dist=

Changelog :

• [BUGFIX] Fix issue where Redis Server returns a NOPERM error, ensuring proper handling and preventing 500 errors in the web UI
• [FEATURE] Enhance ban management with service-specific options and UI improvements
• [FEATURE] Add BAD_BEHAVIOR_BAN_SCOPE setting to control the scope of the ban when using the Bad Behavior plugin (default is service) - before the bans were global
• [FEATURE] Add verbose logging option for certbot commands based on log level (when set to DEBUG)
• [FEATURE] Enhance bwcli rendering and added support for new service-specific ban options
• [AUTOCONF] Add missing redis dependency
• [MISC] improve Redis data handling and error logging in CLI and routes
• [DEPS] Updated coreruleset-v4 version to v4.12.0

v1.6.1-rc2

Documentation : https://docs.bunkerweb.io/1.6.1-rc2/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:1.6.1-rc2 or ghcr.io/bunkerity/bunkerweb:1.6.1-rc2
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.1-rc2 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.1-rc2
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.1-rc2 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.1-rc2
• UI : bunkerity/bunkerweb-ui:1.6.1-rc2 or ghcr.io/bunkerity/bunkerweb-ui:1.6.1-rc2

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.1-rc2&filter=all&dist=

Changelog :

• [BUGFIX] Fix shenanigans with settings' plugin_id when updating the config
• [BUGFIX] Fix rare error where "python3" is not found in docker images
• [BUGFIX] Fix jobs runs excess cleanup method in Database
• [FEATURE] Add PROXY_BUFFER_SIZE and PROXY_BUFFERS settings to control the proxy buffer size and the number of buffers in multisite mode
• [UI] Introduced a visual label in the UI to clearly mark service settings that were cloned from the original.
• [UI] Added support for custom plugins: developers can now create hooks and blueprints to override existing functionalities, not just a plugin page.
• [DEPS] Updated ModSecurity version to v3.0.14

v1.6.1-rc1

Documentation : https://docs.bunkerweb.io/1.6.1-rc1/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:1.6.1-rc1 or ghcr.io/bunkerity/bunkerweb:1.6.1-rc1
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.1-rc1 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.1-rc1
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.1-rc1 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.1-rc1
• UI : bunkerity/bunkerweb-ui:1.6.1-rc1 or ghcr.io/bunkerity/bunkerweb-ui:1.6.1-rc1

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.1-rc1&filter=all&dist=

Changelog :

• [BUGFIX] Fix ModSecurity false positive on the web UI when the UI_HOST setting contains an IP address
• [BUGFIX] Fix ModSecurity false positive when the web UI SERVER_NAME is set to an IP address
• [BUGFIX] Fix PRO activation not working in the web UI
• [BUGFIX] Fix log extraction was not working in the web UI when specific conditions were met (invalid UTF-8 characters)
• [BUGFIX] Fix database migration logic to handle dev and testing versions
• [BUGFIX] Fix web UI waiting for temporary web UI to stop indefinitely in some cases
• [FEATURE] Add deSEC DNS provider support in letsencrypt plugin
• [UI] Enhance UX here and there
• [UI] Add an instance hostname validation in the instances page when adding a new instance
• [UI] It is now possible to edit services created with the autoconf method
• [UI] It is now possible to change the theme even if the database is in read-only mode
• [UI] Added an auto-hide functionality to informative messages in the UI
• [MISC] Update regex for SERVER_NAME to improve accuracy and avoid issues
• [MISC] Revamped DNS credential validation to minimize configuration errors and enhance overall reliability.

v1.6.0

Documentation : https://docs.bunkerweb.io/1.6.0/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:1.6.0 or ghcr.io/bunkerity/bunkerweb:1.6.0
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.0 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.0
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.0 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.0
• UI : bunkerity/bunkerweb-ui:1.6.0 or ghcr.io/bunkerity/bunkerweb-ui:1.6.0

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.0&filter=all&dist=

Changelog :

• [BUGFIX] Fix CRS plugins not being included correctly in ModSecurity configuration
• [FEATURE] Add mCaptcha antibot mode
• [FEATURE] Add USE_MODSECURITY_GLOBAL_CRS setting to ModSecurity plugin to allow using the global CRS instead of the service CRS, which is useful to accelerate the configuration generation when you have a lot of services
• [AUTOCONF] Increase retry limit and improve stability of Kubernetes watch stream
• [UI] Add caching for GitHub buttons to improve performance
• [UI] Fix shenanigans with multiples
• [DEPS] Updated NGINX version to 1.26.3
• [DEPS] Updated lua-resty-openssl version to 1.5.2

v1.6.0-rc4

Documentation : https://docs.bunkerweb.io/1.6.0-rc4/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:1.6.0-rc4 or ghcr.io/bunkerity/bunkerweb:1.6.0-rc4
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.0-rc4 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.0-rc4
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.0-rc4 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.0-rc4
• UI : bunkerity/bunkerweb-ui:1.6.0-rc4 or ghcr.io/bunkerity/bunkerweb-ui:1.6.0-rc4

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.0-rc4&filter=all&dist=

Changelog :

• [BUGFIX] Fix shenanigans with the configuration being wiped after a restart
• [BUGFIX] Fix shenanigans with cache files being deleted for no reason
• [BUGFIX] Refactor condition checks in Database class to avoid default value check when a multiple has a suffix so that it still saves important values
• [DOCKER] Update Dockerfiles to change user home directories and set shell to nologin for autoconf, scheduler, and ui users
• [DEPS] Updated coreruleset-v4 version to v4.11.0

v1.6.0-rc3

Documentation : https://docs.bunkerweb.io/1.6.0-rc3/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:1.6.0-rc3 or ghcr.io/bunkerity/bunkerweb:1.6.0-rc3
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.0-rc3 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.0-rc3
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.0-rc3 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.0-rc3
• UI : bunkerity/bunkerweb-ui:1.6.0-rc3 or ghcr.io/bunkerity/bunkerweb-ui:1.6.0-rc3

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.0-rc3&filter=all&dist=

Changelog :

• [FEATURE] Update BunkerNet's logic to send reports in bulk instead of one by one
• [AUTOCONF] Add the possibility to add/override settings via ConfigMap in Kubernetes using the bunkerweb.io/CONFIG_TYPE=settings annotation
• [AUTOCONF] Scoped annotations to ingress
• [PERFORMANCE] Refactored bad behavior and bunkernet features to avoid using too much timers resulting in downtimes
• [UI] Add support page for easy logs and configuration sharing while anonymizing sensitive data
• [LINUX] Support Fedora 41

v1.6.0-rc2

Documentation : https://docs.bunkerweb.io/1.6.0-rc2/

Docker tags :

• BunkerWeb : bunkerity/bunkerweb:1.6.0-rc2 or ghcr.io/bunkerity/bunkerweb:1.6.0-rc2
• Scheduler : bunkerity/bunkerweb-scheduler:1.6.0-rc2 or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.0-rc2
• Autoconf : bunkerity/bunkerweb-autoconf:1.6.0-rc2 or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.0-rc2
• UI : bunkerity/bunkerweb-ui:1.6.0-rc2 or ghcr.io/bunkerity/bunkerweb-ui:1.6.0-rc2

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.0-rc2&filter=all&dist=

Changelog :

• [BUGFIX] Whitelisting a client no longer bypasses https redirect settings as the ssl plugin is now executed before the whitelist plugin
• [UI] Fixed condition when validating the setup wizard form when a custom certificate is used
• [FEATURE] Add extra validation of certificates in customcert plugin
• [FEATURE] Introduce new SSL plugin to manage SSL/TLS settings without tweaking the misc plugin
• [FEATURE] Add stream support in Kubernetes integration
• [FEATURE] Renamed the MODSECURITY_CRS_PLUGIN_URLS setting to MODSECURITY_CRS_PLUGINS to make it more consistent as the setting now accepts plugin names directly as well as URLs and automatically downloads them
  [FEATURE] Add plugin_list command to bwcli for listing available plugins and their commands
• [DOCS] Added Swarm deprecated notice in the documentation
• [DEPS] Added Brotli v1.1.0 dependency for ngx_brotli
• [DEPS] Updated headers-more-nginx-module version to v0.37
• [DEPS] Updated libinjection to latest commit on main branch
• [DEPS] Updated libmaxminddb version to v1.12.2
• [DEPS] Updated luajit2 version to v2.1-20250117
• [DEPS] Updated lua-nginx-module version to v0.10.28
• [DEPS] Updated lua-resty-core version to v0.1.31
• [DEPS] Updated lua-resty-dns version to v0.23
• [DEPS] Updated lua-resty-redis version to v0.31
• [DEPS] Updated ngx_brotli to latest commit on master branch
• [DEPS] Updated stream-lua-nginx-module version to v0.0.16