Version 7 to 8 Changes

System Wide

• updated to Debian 11 Bullseye

Website

• nginx 1.20

• ModSecurity 3/OWASP CRS 3.3, see Web Application Firewall

• MariaDB 10.10

• PHP the SERVER_NAME is now dynamic, see PHP

• PHP deactivated include of .php.ini

• PHP 5.6 disabled the modules xdebug and apcu

• PHP 7.0 disabled the modules xdebug and memcached

• added composer v2, see Composer

• added named locations in nginx for the following website types: nodejs, proxy, ruby, python.

• added default charset utf-8 for the html website type

• added the X-Forwarded-Host header in our proxy website type

• added umask 027 for PHP (all versions), Node.js, ruby and python

See Website.

Firewall

• added order parameter for firewall rules

See Firewall Rules.

FTP

• updated ProFTPD to support TLSv1.2 and TLSv1.3

See FTP Access.