New TurnKey Drupal 10 version (18.1)

Changes:

  • v18.1 rebuild - includes latest Debian & TurnKey packages.
  • Update Drupal10 to latest upstream version - v10.3.1.
  • Ensure hashfile includes URL to public key - closes #1864.
  • Configuration console (confconsole) - v2.1.6:
    • Bugfix broken DNS-01 Let's Encrypt challenge - closes #1876 & #1895. Fixed in v2.1.5 - already included in some appliances.
    • Let's Encrypt/Dehydrated - bugfix cron failure - closes #1962.
    • General dehydrated-wrapper code cleanup - now passes shellcheck.
  • Web management console (webmin):
    • Include webmin-logviewer module by default - closes #1866.
    • Upgraded webmin to v2.105.
    • Replace webmin-shell with webmin-xterm module by default - closes #1904.
  • Reduce log noise by creating ntpsec log dir - closes #1952.
  • Includes new 'tkl-upgrade-php' helper script - to allow easy update/change of PHP version - closes #1892. [Marcos Méndez @ POPSOLUTIONS ]
  • Apache mod_evasive config improvements:
    • Bump DOSPageCount from (default) 2 -> 5 - closes #1951.
    • DOSLogDir - use default log dir & fix permissions - closes #1950.
    • Add DOSWhitelist example - commented out.
  • DEV: Add support for setting max_execution_time & max_input_vars in php.ini via appliance Makefile (PHP_MAX_EXECUTION_TIME & PHP_MAX_INPUT_VARS)A

Links

New TurnKey Drupal 9 version (17.1)

Changes:

  • Updated all Debian packages to latest. [ autopatched by buildtasks ]
  • Patched bugfix release. Closes #1734. [ autopatched by buildtasks ]

Links

New TurnKey Drupal 9 version (17.0)

Changes:

  • Update Drupal9 to latest upstream version - 9.3.12.
  • Updated all relevant Debian packages to Bullseye/11 versions; including PHP 7.4.
  • Provide predefined dh_params (via 'turnkey-make-ssl-cert' where relevant) as per RFC7919 - part of #1653.
  • Updated version of mysqltuner script.
  • Enable HTTP/2 by default (where possible). Note: will not actually work until a CA signed cert is generated or installed.
  • Configure OCSP stapling (will only work once a valid cert is configured).
  • Enable HSTS by default (only effects HTTPS traffic - full implementation also requires HTTP redirect to HTTPS and valid cert).
  • Enable Apache mod-headers by default (required for HSTS).
  • Disable cipher order in default ssl.conf (no longer required with the secure cipher suites we use; mild improvement in cpu resources).
  • Note: Please refer to turnkey-core's 17.0 changelog for changes common to all appliances. Here we only describe changes specific to this appliance.

Links

Pages