- Added Dark Theme Mode #390 #82
- Added an auto sniffer for self-signed certificates
- Added robots.txt to the project
- Introduced an EU wrapper in the front-end for automatic registration of 26 countries #378
- Moved all hard-coded values to a dedicated def.go file
- Fixed a panic issue occurring on unsupported platform exits
- Integrated fixes for SSH proxy and Docker snippet updates #330 #348
- Changed the default listening port to 443 and enable TLS by default
- Optimized GeoIP database slow-search mode CPU usage
- Fixed a critical security bug CVE-2024-52010
- Added auto start port 80 listener on acme certificate generator
- Added polling interval and propagation timeout option in ACME module #300
- Added support for custom header variables #318
- Added support for X-Remote-User
- Added port scanner #342
- Optimized code base for stream proxy and config file storage #320
- Removed sorting on cert list
- Fixed request certificate button bug
- Fixed cert auto renew logic #316
- Fixed unable to remove new stream proxy bug
- Fixed many other minor bugs #328 #297
- Added more code to SSO system (disabled in release)
- Updated country name in access list #287
- Added tour for basic operations
- Updated acme log to system wide logger implementation
- Fixed path traversal in file manager #274
- Removed Proxmox debug code
- Fixed trie tree implementations
Thanks to all contributors
- Fix existing containers list in docker popup 7brend7
- Fix network I/O chart not rendering JokerQyou
- Fix typo remvoeClass to removeClass Aahmadsyamim
- Updated weighted random upstream implementation bouroo
- Updated log viewer with filter and auto refresh #243
- Fixed csrf vulnerability #267
- Fixed promox issue
- Fixed status code bug in upstream log #254
- Added host overwrite and hop-by-hop header remover
- Added early renew days settings #256
- Updated make file to force no CGO in cicd process
- Fixed bug in updater
- Fixed wildcard certificate renew bug #249
- Added certificate download function #227
- Added certificate download #227
- Updated netcup timeout value #231
- Updated geoip db
- Removed debug print from log viewer
- Upgraded netstat log printing to new log formatter
- Improved update module implementation
- Added apache style logging mechanism (and build-in log viewer) #218
- Fixed keep alive flushing issues #235
- Added multi-upstream supports #100
- Added stick session load balancer
- Added weighted random load balancer
- Added domain cleaning logic to domain / IP input fields
- Added HSTS "include subdomain" auto injector
- Added work-in-progress SSO / Oauth Server UI
- Fixed uptime monitor not updating on proxy rule change bug
- Optimized UI for create new proxy rule
- Removed service expose proxy feature
- Fixed redirection enable bug #199
- Fixed header tool user agent rewrite sequence
- Optimized rate limit UI
- Added HSTS and Permission Policy Editor #163
- Docker UX optimization start parameter
-docker - Docker container selector implementation for conditional compilations for Windows
From contributors:
- Add Rate Limits Limits to Zoraxy fixes 185 by Kirari04
- Add docker containers list to set rule by 7brend7 PR202
- Added fastly_client_ip to X-Real-IP auto rewrite
- Added atomic accumulator to TCP proxy
- Added white logo for future dark theme
- Added multi selection for white / blacklist #176
- Moved custom header rewrite to dpcore
- Restructure dpcore header rewrite sequence
- Added advance custom header settings (zoraxy to upstream and zoraxy to downstream mode)
- Added header remove feature
- Removed password requirement for SMTP #162 #80
- Restructured TCP proxy into Stream Proxy (Support both TCP and UDP) #147
- Added stream proxy auto start #169
- Optimized UX for reminding user to click Apply after port change
- Added version number to footer #160
From contributors:
- Optimized uptime monitor error message #121
- Optimized detection logic for internal proxy target and header rewrite condition for HTTP_HOST #164
- Fixed ovh DNS challenge provider form generator bug #161
- Added permission policy module (not enabled)
- Added single-use cookiejar to uptime monitor request client to handle cookie issues on some poorly written back-end server #149
This release tidied up the contribution by Teifun2 and added a new way to generate DNS challenge based certificate (e.g. wildcards) from Let's Encrypt without changing any environment variables. This also fixes a few previous ACME module EAB settings bug related to concurrent save.
You can find the DNS challenge settings under TLS / SSL > ACME snippet > Generate New Certificate > (Check the "Use a DNS Challenge" checkbox)
- Optimized DNS challenge implementation thanks to Teifun2 / Issues #49 #79
- Removed dependencies on environment variable write and keep all data contained
- Fixed panic on loading certificate generated by Zoraxy v2
- Added automatic form generator for DNS challenge / providers
- Added CA name default value
- Added code generator for acmedns module (storing the DNS challenge provider contents extracted from lego)
- Fixed ACME snippet "Obtain Certificate" concurrent issues in save EAB and DNS credentials
For users using SMTP with older versions, you might need to update the settings by moving the domains (the part after @ in the username and domain setup field) into the username field.
- Updated SMTP UI for non email login username #129
- Fixed ACME cert store reload after cert request #126
- Fixed default rule not applying to default site when default site is set to proxy target #130
- Fixed blacklist-ip not working with CIDR bug
- Fixed minor vdir bug in tailing slash detection and redirect logic
- Added custom mdns name support (-mdnsname flag)
- Added LAN tag in statistic #131
- Added alias for HTTP proxy host names #76
- Added separator support for create new proxy rules (use "," to add alias when creating new proxy rule)
- Added HTTP proxy host based access rules #69
- Added EAD Configuration for ACME (by yeungalan) #45
- Fixed bug for bypassGlobalTLS endpoint do not support basic-auth
- Fixed panic due to empty domain field in json config #120
- Removed dependencies on management panel css for online font files
- Added regex support for redirect (slow, don't use it unless you really needs it) #42
- Added new dpcore implementations for faster proxy speed
- Added support for CF-Connecting-IP to X-Real-IP auto rewrite #114
- Added enable / disable of HTTP proxy rules in runtime via slider #108
- Added better 404 page
- Added option to bypass websocket origin check #107
- Updated project homepage design
- Fixed recursive port detection logic
- Fixed UserAgent in resp bug
- Updated minimum required Go version to v1.22 (Notes: Windows 7 support is dropped) #112
IMPORTANT: V3 is a big rewrite and it is incompatible with V2! There is NO migration, if you want to stay on V2, please use V2 branch!
- Added comments for whitelist #97
- Added force-renew for certificates #92
- Added automatic cert pick for multi-host certs (SNI)
- Renamed .crt to .pem for cert store
- Added best-fit selection for wildcard matching rules
- Added x-proxy-by header / Added X-real-Ip header #93
- Added Development Mode (Cache-Control: no-store)
- Updated utm timeout to 10 seconds instead of 90
- Added "Add controller as member" feature to Global Area Network editor
- Added custom header
- Deprecated aroz subservice support
- Updated visuals, improving logical structure, less depressing colors #95
- Added virtual directory into host routing object (each host now got its own sets of virtual directories)
- Added support for wildcard host names (e.g. *.example.com)
- Added best-fit selection for wildcard matching rules (e.g. *.a.example.com > *.example.com in routing)
- Generalized root and hosts routing struct (no more conversion between runtime & save record object
- Added "Default Site" to replace "Proxy Root" interface
- Added Redirect & 404 page for "Default Site"
- Added opt-out for subdomains for global TLS settings: See release notes
- Optimized subdomain / vdir editing interface
- Added system-wide logger (Work in progress)
- Fixed issue for uptime monitor bug #77
- Changed default static web port to 5487 (prevent already in use)
- Added automatic HTTP/2 to TLS mode
- Bug fix for webserver autostart 67
- Added Static Web Server function #56
- Web Directory Manager (see static webserver tab)
- Added static web server and black / whitelist template #38
- Added default / preferred CA features for ACME #47
- Optimized TLS/SSL page and added dedicated section for ACME related features
- Bugfixes #61 #58
- Added basic auth editor custom exception rules
- Fixed redirection bug under another reverse proxy and Apache location headers #39
- Optimized memory usage (from 1.2GB to 61MB for low speed geoip lookup) #52
- Added unset subdomain custom redirection feature #46
- Fixed potential security issue in satori/go.uuid #55
- Added custom ACME feature in backend, thx @daluntw
- Added bypass TLS check for custom acme server, thx @daluntw
- Introduce new start parameter
-fastgeoip=true: see release notes
- Patch on memory leaking for Windows netstat module (do not effect any of the previous non Windows builds)
- Fixed potential memory leak in ACME handler logic
- Added "Do you want to get a TLS certificate for this subdomain?" dialogue when a new subdomain proxy rule is created
- Added Import / Export-Feature
- Moved configuration files to a separate folder #26
- Added auto-renew with ACME #6
- Fixed Whitelistbug #18
- Added Whois
- Added force TLS v1.2 above toggle
- Added trace route
- Added ICMP ping
- Added special routing rules module for up-coming ACME integration
- Fixed IPv6 check bug in black/whitelist
- Optimized UI for TCP Proxy
- Added X-Forwarded-Proto for automatic proxy detector
- Split blacklist and whitelist from geodb script file
- Optimized compile binary size
- Added access control to TCP proxy
- Added "invalid config detect" in up time monitor for issue #7
- Fixed minor bugs in advance stats panel
- Reduced file size of embedded materials
- Added advance stats operation tab
- Added statistic reset #13
- Added statistic export to csv and json (please use json)
- Make subdomain clickable (not vdir) #12
- Added TCP Proxy
- Updates SMTP setup UI to make it more straight forward to setup
- Added reverse proxy TLS skip verification
- Added basic auth
- Edit proxy settings
- Whitelist
- TCP Proxy (experimental)
- Info (Utilities page)
- Basic auth
- Support TLS verification skip (for self signed certs)
- Added trend analysis
- Added referrer and file type analysis
- Added cert expire day display
- Moved subdomain proxy logic to dpcore