Release Notes: Options were added in nanoctl for managing the internal address block list. The mod_blockadm helper module was added for the new nanoctl options (block/unblock). mod_nospam was added, a generic GET and POST content scanner based on regex. A bug with mod_cgi and environment variables on Win32 was fixed. Responses for requests having an "Expect: 100-continue" header were fixed. Detection of duplicate request headers was fixed. A small bug with duplicate error pages in single process mode was fixed.
Release Notes: Logger processes are now restarted when receiving SIGHUP. Automatic directory redirection was fixed to handle query strings correctly. The "FATAL: socket bind failed" error when restarting with open connections was fixed. A FastCGI packet encoding bug in mod_fcgi was fixed. Erroneous debug logging when using the AuthLocation directive was fixed. A problem in which reloading did not re-resolve symbolic links in DocumentRoot directives was fixed. The default Windows config files were fixed to set "KeepAlive = 0". FastCGI packet encoding and decoding in mod_fcgi was optimized.
Release Notes: This release adds detection of phpbb exploits and other HTTP issues via mod_worms. It fixes OS detection so that Cygwin is no longer treated as Unix, fixes access files not being read in allowed subdirectories for symlinks, and fixes a bug when using multiple LoadTheme and/or ServerTheme in the same scope.
Release Notes: Forward dns lookup on resolved hostnames was added to validate the responses. mod_access_referer, which denies access if the referer is from external site, was added. Server process uptimes are now displayed in "nanoctl status who". A warning message when not using "KeepAlive=0" in single process mode was added. A small bug in the handling of null parser object responses was fixed. The "Max execution time exceeded" problem in single process mode was fixed.
Release Notes: This release is the first to support PHP5. For the moment, it doesn't take advantage of PHP5's new features, but at least all the compatibility problems have been fixed. Sorting of directories in mod_fb using the chosen file order has been added. Reopening of standard input in daemon initialization code has been fixed.
Release Notes: This release adds an "AuthLocation" directive to restrict authentication to given path(s), and adds mod_auth_subversion for authentication against svn repositories. The REMOTE_USER server variable was not being set on authenticated requests. A core parser reading loop that may have caused truncation with mod_fcgi has been fixed. A variable access bug in modules_init() has been fixed. The OS detection has been fixed so that "Darwin" is no longer treated as Win*.
Release Notes: This release adds a check of requested URLs against known device names on win32, an adequate response for bad request protocols and headers, and reporting of process memory usage (when available) in mod_status.
Release Notes: Spamtrap-friendly address generation has been added to mod_emailprotect. Two small bugs in the XML output of mod_status (nanoctl status *-xml) have been fixed. There are some minor optimizations in the initialization code.
Release Notes: This release adds dynamic IP address blocking, download speed throttling, better theme support, email protection (mailto tag mangling), NCSA compatible logging, an anonymous authentication module, support for HTTP expectations, authentication against PEAR::DB and ADOdb supported RDBMSs, and several speed optimizations.
Release Notes: This release fixes the server variable cleanup in mod_cgi when running in single process mode, a small addslashes() related bug in contrib/mkhugenanoweb.php, the "Content-Length" header for HEAD requests on filtered resources, multiline output of server log events with different levels, logging of requests with double quotes in the URI, user agent, or referer, and propagation of configuration to virtual hosts sections for directives located after the vhost declaration.