0.10.2

This is a hot fix release for the rewrite directive. If you are already using 0.10.1 and do not use rewrite at all, you probably don't need to upgrade. But as usual, we encourage all users to stay up to date!

Changes:

• Hot fix for rule paths of "/" so that they match every request
• fastcgi: Match request paths that don't start with "/" even if rule does

0.10.1

Bug fix release. We've reduced memory usage in some areas and changed how internal rewrites work a bit. If you notice any new quirks about rewrite or similar, please open an issue with clear instructions to repeat the bug. Thanks!

• Reduced memory usage for gzip, templates, and MITM detection
• Fixed automatic HTTP->HTTPS redirects for sites with wildcard labels
• proxy: Fix 'without' subdirective
• A few other minor bug fixes and improvements

0.10

We're very excited to bring you Caddy 0.10! There are a bunch of changes in this release. Many of them small enhancements or bug fixes, but we also have some significant new features: HTTP/2 server push, new plugin types, updates to the TLS stack and directive, etc. Read the blog post.

Default timeouts have been disabled in this release. You won't need timeouts none any more in your Caddyfile. Take note, too, that a few directives have changed syntax slightly. You can use caddy -validate to check your syntax before reloading Caddy.

Note: This is the first release produced by our automated deployment system. Some release assets failed to upload due to network errors. We've fixed this by putting the upload logic into a loop to try again if it fails.

Full change list:

• Built on Go 1.8.1
• HTTPS interception detection
• Updated QUIC
• SIGUSR1 (reload) now works with QUIC servers
• New 'push' directive for HTTP/2 server push
• New 'index' directive to change the names of index files
• New -http-port and -https-port flags to change protocol ports
• New -disable-http-challenge and -disable-tls-sni-challenge flags
• New event hook plugin type
• New listener middleware plugin type
• New placeholders for cookie, query, and rewritten URI values
• basicauth: Ability to customize realm
• browse: Default template now sorts by name with directories first
• errors, log: Roll all logs by default
• errors, log: Ability to write to remote syslog
• errors, log: Standardized, simplified directive syntax
• log: Patched common log format by adding missing "-"
• proxy: New 'max_conns' setting to limit connections to upstreams
• proxy: New 'first' load balancing policy for first available host
• proxy: Health checks respect Host and insecure_skip_verify settings
• templates: New .RandomString action to add random padding to page
• timeouts: Disabled default HTTP timeouts
• tls: Settings now apply per-site rather than for entire listener
• tls: New 'alpn' setting to disable either HTTP/2 or HTTP/1.1 on per-site basis
• tls: Added curve X25519
• tls: Added ChaCha20-Poly1305 cipher suites
• tls: Renamed muststaple to must_staple
• tls: Setting max_certs obtains certs during handshakes for all hostnames
• Dozens of miscellaneous bug fixes and improvements
• New website
• New build infrastructure
• New deployment system

0.9.5

Caddy 0.9.5 contains several critical fixes and we recommend applying the update right away. Please read these notes first, though!

Thank you to the collaborators and contributors for all your hard work (especially @tw4452852 and @lhecker - among many others, see the commit history) while I've been busy working on the new website and build infrastructure!

HTTP Timeouts Enabled by Default

Caddy aims to be secure right out of the box. In order to prevent faulty or malicious clients from seeping resources away with slowloris behavior, Caddy now enables timeouts by default. In general, this will not affect most users. However, you may need to raise or disable these timeouts depending on your legitimate visitors' needs and your server's configuration. If your visitors have legitimately slow networks or you need to hold requests for a long time (e.g. long polling or proxying long requests to a trusted backend), consider raising these timeouts.

Default timeout values:

• read: 10s (time spent reading request headers and body)
• header: 10s (time spent reading just headers; not used until Go 1.8 is released)
• write: 20s (starts at reading request body, ends when finished writing response body)
• idle: 2m (time to hold connection between requests; not used until Go 1.8 is released)

As you can see, a couple of the timeout values will begin functioning when Caddy is built on Go 1.8, expected within about a month. Go ahead and set them now; they will just start working when supported. See the timeouts pull request and docs.

Critical Uptime/Connectivity Fix

This is a little embarrassing, but if conditions were just right, Caddy would initiate a certificate renewal using the TLS-SNI-01 challenge, which would cause a deadlock. Subsequent TLS handshakes would block forever until the server stopped responding to requests. It took months to find and fix this because it only happened when very specific conditions are met: certificate needs renewal (once every 60 days), TLS-SNI-01 challenge is chosen (by roll of dice), renewal is trigged from background maintenance goroutine (not on-demand or during startup), and Let's Encrypt did not have a cached authz for that domain. Now it's fixed.

A huge thanks to Bradley Falzon (@bradleyfalzon), Miek Gieben (@miekg), and Sebestian Erhart (@xenolf) for spending considerable time to help me debug this. It wasn't possible without their hours of help.

Proxy performance improvements

We continue to iterate on Caddy's proxy functionality. Caddy was never designed to be a reverse proxy except as a very simple one, just to say that it can do it. But it turns out that proxy is one of the most popular directives. So with this release, we've improved on a recent regression that buffered request bodies. Proxy configurations with a single upstream or with try_duration unset (0) will be much faster and use less memory. We're still improving upon failure conditions and retry behavior; we had a rich discussion in #1314 about it. You should also see better HTTPS+websockets support.

Also, the deprecated proxy_header subdirective is no longer accepted; use header_upstream instead.

Minor security fixes in browse

The browse middleware was improved a bit. First, a filter textbox was added to instantly filter the listings by file name. We also now sanitize the file names and links in case, for some reason, you are not already doing that with untrusted files. I want to thank Kevin Froman (@beardog108) for the responsible reporting of this as a precaution. I also went ahead and made sure the browse directive will hide the active Caddyfile if it is within your site's root, no matter the current working directory.

Other things

There's a new -validate flag to load and parse your Caddyfile, then terminate. It will tell you if the Caddyfile is syntactically valid or not. There's also new placeholders: {when_iso} gives you the UTC timestamp in ISO 8601 format, and {rewrite_path} gives you the URI path after a rewrite ({path} gives the path as it originally was on the request before any rewrites).

Full change list:

• New -validate flag to only check a Caddyfile, then exit
• New {when_iso} placeholder for timestamp ISO 8601 in UTC
• New {rewrite_path} and {rewrite_path_escaped} placeholders
• New 'timeouts' directive to configure or disable HTTP timeouts
• HTTP-level timeouts enabled by default
• browse: Added textbox to filter listing in default template
• browse: Sanitize file names and links in default template
• browse: Ensure active Caddyfile is hidden regardless of cwd
• fastcgi: New 'root' property, mainly for use with containers
• markdown: Apply some front matter fields as tags
• proxy: Fixed HTTP/2 upstream to backend; honors -http CLI flag
• proxy: Fixed websockets over HTTPS
• proxy: Reduced memory usage and improved performance
• proxy: Added support for HTTP trailers
• tls: Fixed deadlock that affected some background renewals
• Several other smaller bugs squashed and improvements made

Thanks for continuing to use Caddy!

0.9.4

Just in time for Christmas, the long-awaited patches in 0.9.4 are finally here! This release spans 83 commits, mostly of minor changes and improvements, but also some nice bug fixes and a few new features.

See the blog post for more information and highlights.

Full change list:

• Updated QUIC
• New maxrequestbody directive to limit size of request body
• New {latency_ms} placeholder for latency always in ms
• Serve statically compressed .gz and .br files
• fastcgi: Support for multiple backends with basic load balancing
• fastcgi: Customize connect, read, and send timeouts.
• proxy: Fixed handling of encoded 'without' paths
• proxy: Preserve trailing slash if present in request
• proxy: Fix HTTP/2 upstreams
• templates: New .Files action to list files in a directory
• templates: .Include can now pass arguments to included file
• tls: Added ability to customize preferred curves
• tls: Added support for Must-Staple on managed certificates
• tls: Fixed subtle edge case bug with TLS-SNI challenge
• Lots of minor fixes and improvements

0.9.3

This release contains bug fixes, including patches and more tests for bugs introduced in 0.9.2.

If you use proxy for load balancing in failure scenarios, pay attention to a few changes. We've made improvements that will help debug and eliminate sporadic, long-lasting 502 errors, but changed the way the failure logic works in order to do this.

Summarized change list:

• Updated QUIC to newer version
• import: Glob pattern matching 0 files is no longer an error
• fastcgi: Fixed persistent connections (disabled by default)
• fastcgi: Configurable connection pool size parameter
• proxy: Improved failover load balancing logic
• proxy: Avoids duplicating header fields that would be confusing
• proxy: New try_duration and try_interval parameters
• proxy: Fix for IP hash policy when downed hosts come back up
• Several other bug fixes and new tests

Changes specific to proxy (see PR #1135):

• fail_timeout now defaults to 0. This means that requests which fail will not count against that host's availability. With a value > 0, request failure counting is enabled, and proxy will remember a failed request for this long. If the number of remembered failures accumulates to max_fails, the backend will be considered down (for everyone) until the failed requests begin to be forgotten.
• max_fails defaults to 1 as before, but cannot be set to 0. If your network is flaky (almost all are), try a more reasonable value like 5. Remember, once the number of failed requests to a backend reaches this number within the window of fail_timeout, the host will be considered down for all clients until the window shifts ahead.
• try_duration is a new parameter that specifies how long proxy will check for available hosts. So if a host becomes available within this duration, the request may still succeed. The default is 0, meaning that proxy will not retry when a host initially goes down or no hosts are available. You must set this to a reasonable value > 0 (e.g. 30s) if you want robust redundancy.
• try_interval specifies how long to wait between attempts to reach an upstream host. This defaults to 250ms. The idea is to avoid spinning the CPU, so if you set this to 0 along with a non-zero fail_timeout, your CPU may spin until hosts become available again.

Basically: If you want to have proper, redundant load balancing, you must set fail_timeout and try_duration to durations > 0.

We may continue to tweak this logic in the future to get the best defaults for as many users as possible.

Thank you to all who contributed for this release!

0.9.2

Caddy 0.9.2 contains delicious bug fixes and improvements; the only real external change is the addition of the -catimeout option which can be used in some cases where network latency to the ACME CA is exceptionally high.

This release is vital for Caddyfiles that use the wildcard site address syntax with on-demand TLS. For example, if you have:

*.mysite.com
tls {
     max_certs 10
}

Then this release is critical for you; it fixes a bug that would prevent certificate renewal. However, everyone should consider upgrading anyway to get the latest improvements!

This release is built on Go 1.7.1 (which has some http/2 fixes in it as well).

Known issues (already fixed on master): Site addresses in the Caddyfile that are not lowercased cause duplicate site configs.

Change list:

• New -catimeout option to customize ACME CA HTTP timeout
• import: Fix nested import absolute/relative paths
• log: Fix multiple log outputs
• proxy: Fix for keepalive in certain cases
• tls: Fix for PreferServerCipherSuites
• Numerous other bug fixes and internal improvements

Two new plugins were published as well: awslambda and multipass.

(No blog post this time, because notable changes are few and I've also been really busy.)

0.9.1

This patch release fixes many of the bugs introduced in 0.9 including a few other enhancements and minor features. Caddy is now built on Go 1.7. This update is recommended for all Caddy users.

For more information, read the announcement blog post.

Change log:

• New {request_body} placeholder to log request body
• {remote} placeholder no longer uses X-Forwarded-For header
• {latency} placeholder rounds to nice looking number
• Add support for ratelimit plugin
• basicauth: Declaring realm named "Restricted"
• errors: Define catch-all/default error page with * character
• header: More control to add, set, or remove headers
• proxy: New keepalive setting to help accommodate busy servers
• proxy: New load balancing policy ip_hash
• proxy: Fixed WebSocket connections
• proxy: Fixed broken header logic
• proxy: Reuse existing connection for Upgrade requests
• proxy: Support for basic auth from header or upstream address
• templates: New .Env action to access environment variables
• tls: OCSP staples persisted to disk
• tls: ACME challenges honor bind directive
• tls: Fix default protocol version (minimum TLS 1.1)
• tls: Consume challenge requests only for names Caddy is solving for
• tls: The protocol syntax allows just one value if desired
• tls: Scoped max_certs limit to site instead of global maximum
• Many other bug fixes and minor enhancements

0.9

After more than 6 months since 0.8, I'm very pleased to release Caddy 0.9! We've got a whole lot of improvements here, including some breaking changes, so pay attention before pushing into production. Please see the blog post for more information.

Notable changes are an entirely new core, new plugin model, ACME DNS challenge support, experimental QUIC support, in-process graceful restarts, easy self-signed certificates, and major code refactoring.

Hope you like it. Stay tuned for any patch releases and please report bugs! Also, a huge thanks to all contributors who made this possible.

Note: Some plugins that were available for earlier versions of Caddy are not yet available with Caddy 0.9 because they have not been updated to be compatible with version 0.9. We have a wiki page for plugin authors about how to do this. I know that's annoying; sorry for the inconvenience.

Known issues: #941 is about a deadlock when calling caddy.Stop() and #943 is about setting TLS protocol versions. #916 relates to headers not being set properly in proxy situations. All are already fixed on master.

Full change log:

• New core
• New experimental QUIC support with -quic flag (HTTPS only)
• New -type option to specify other server types
• Moved ~/.caddy/letsencrypt to ~/.caddy/acme and reorganized assets
• Moved caddy package to top level folder, and pushed main to subfolder
• New {request} placeholder to dump entire request (without body)
• New {hostonly} placeholder for only hostname portion of host value
• Site addresses can have paths
• Site addresses can make some use of wildcards in domains
• Renamed -directives flag to -plugins
• Restarting no longer requires spawning a new process
• Removed -restart option
• fastcgi: Env variables now support placeholders
• import: Import paths now relative to Caddyfile, not current working dir
• markdown: Overhauled; removed site generation features
• proxy: More control of headers; deprecating proxy_header subdirective
• proxy: Specify multiple upstreams with optional port ranges
• proxy: New preset 'transparent' to simplify common pass-thru headers
• proxy: Chooses longest matching path; order declared is irrelevant
• redir: Added if and if_op subdirectives to make conditional redirects
• rewrite: Support for if_op to change how conditions are evaluated
• tls: Generate self-signed certificates in memory
• tls: Support for ACME DNS challenge with 10 providers
• tls: Support for TLS-SNI challenge during restarts
• Various bug fixes and enhancements

0.8.3

Caddy 0.8.3 introduces TLS session ticket key rotation and a number of bug fixes and other internal improvements. There are also two new middlewares: expvar and pprof, mostly useful for debugging purposes.

All users are encouraged to upgrade as soon as possible with proper testing. Thank you to all who made this possible!

Change list:

• Built with Go 1.6.2
• New pprof middleware for exposing process profiling endpoints
• New expvar middleware for exposing memory/GC performance
• New -restart option to force in-process restarts on Unix systems
• Only fail to start if managed certificate is expired (issue #642)
• Toggle case-sensitive path matching with environment variable
• File server now adds ETag header for static files
• browse: Replace .LinkedPath action with .BreadcrumbMap
• fastcgi: New except clause to exclude paths
• proxy: New max_conns setting to limit max connections per upstream
• proxy: New replaceable value for name of upstream host
• templates: New utility actions for dealing with strings
• tls: Customize certificate key with key_type (+ECC)
• tls: Session ticket keys are now rotated
• Many other minor internal improvements and bug fixes