Tags give the ability to mark specific points in history as being important
  • v10.9   Release 10.9
    547414f2 · Release 10.9 ·
    • Let's Encrypt script installed via CMake.
    • mbed TLS updated to 2.16.0.
    • Small improvements.
  • v10.8.3   Release 10.8.3
    1bd5464b · Release 10.8.3 ·
    • Several fixes in build system.
    • mbed TLS updated to 2.13.0.
    • Added build system for nghttp2.
  • v10.8.2   Release 10.8.2
    dbbd2544 · Release 10.8.2 ·
    • mbed TLS updated to 2.12.0.
    • New style for directory index.
    • uri_depth added to XML for directory index.
  • v10.8.1   Release 10.8.1
    b11c8c98 · Release 10.8.1 ·
    • mbed TLS updated to 2.8.0.
    • Removed support for secp192r1 and secp192k1 curves, to make it PCI DSS compliant out of the box.
    • Small improvements to Let's Encrypt ACMEv2 script.
  • v10.8   Release 10.8
    7091cfc1 · Release 10.8 ·
    • New Let's Encrypt script that supports ACME v2.
    • Added Syslog option.
    • Added GZipExtensions option.
    • AllowDotFiles now used to show hidden files in directory listings.
    • mbed TLS updated to 2.7.0.
    • Removed support for static RSA ciphers.
    • Hiawatha log format changed.
    • Small improvements.
    • Bugfix: certain characters in filenames disrupted directory index output.
    • Bugfix: requesting non-regular files now results in a 403 instead of blocking that thread.
  • v10.7   Release 10.7
    1d2192f8 · Release 10.7 ·
    • Connect to a Unix socket via a reverse proxy.
    • Added BlockExtensions setting.
    • mbed TLS updated to 2.6.0.
    • Small improvements.
    • Bugfix: error in handling renewal scripts in Let's Encrypt script.
  • v10.6   Release 10.6
    d3310c4c · Release 10.6 ·
    • Added PublicKeyPins option.
    • Added renewal-scripts to Let's Encrypt script.
    • mbed TLS updated to 2.4.2.
    • Small changes to CMake build system.
    • Small improvements.
    • Bugfix: SCSV bug in mbed TLS.
  • v10.5   Release 10.5
    3f911691 · Release 10.5 ·
    • mbed TLS updated to 2.4.0, using GPL version.
    • Added CustomHeaderBackend option.
    • Renamed CustomHeader option to CustomHeaderClient. Old name still works.
    • Hiawatha ignores FileHashes and ReverseProxy for Let's Encrypt authentication requests.
    • Small bugfixes.
  • v10.4   Release 10.4
    1f4bda69 · Release 10.4 ·
    • mbed TLS updated to 2.3.0.
    • SkipCacheCookie option added.
    • Added Systemd init script to Debian package.
    • Small improvements and bugfixes.
  • v10.3   Release 10.3
    d98f4d40 · Release 10.3 ·
    • PreventCSRF, PreventSQLi and PreventXSS improved.
    • Prevention of MySQL data mining via SQL injection. Thanks to Esmaeil Rahimian rahimian@securehost.co.
    • Added revoke option to Let's Encrypt script.
    • Hiawatha ignores RequireTLS for Let's Encrypt authentication requests.
    • Small bugfixes and improvements.
    • Bugfix: possible HTTP request pipelining error after CSRF prevented.
  • v10.2   Release 10.2
    52334016 · Release 10.2 ·
    • Added Let's Encrypt script (see extra/letsencrypt).
    • Added support for requesting Let's Encrypt certificates (see AccessList and PasswordFile settings in manual page).
    • Small improvements.
    • Bugfix: HideProxy not working for Forwarded header.
  • v10.1   Release 10.1
    e0a1bb1a · Release 10.1 ·
    • Added Extensions setting.
    • Added support for X-Sendfile header.
    • mbed TLS updated to 2.2.1.
    • Improved SQL injection detection.
    • Small bugfixes and improvements.
  • v10.0   Release 10.0
    0e0f05d4 · Release 10.0 ·
    • Usage of Directory sections changed.
    • Added support for RFC 5785.
    • Added support for GZip compression. Removed the UseGZfile option.
    • Added ECDSA support for TLS 1.0 and TLS 1.1.
    • Replaced UrlToolkit Expire option with ExpirePeriod in Directory section.
    • Replaced IgnoreDotHiawatha option with UseLocalConfig.
    • Removed the VolatileObject option.
    • Improved SQL injection detection.
    • mbed TLS updated to 2.2.0.
    • Small improvements.
  • v9.15   Release 9.15
    1268b12d · Release 9.15 ·
    • Support for WebSockets via reverse proxy.
    • UNIX socket support for connections to WebSockets.
    • Responsive design for directory index and error message.
    • mbed TLS updated to 2.1.2.
    • Fixed mbed TLS linking in CMake configuration.
    • ListenBacklog option added.
    • Small bugfixes.
  • v9.14   Release 9.14
    d17cd702 · Release 9.14 ·
    • mbed TLS updated to 2.0.0.
    • Small bugfixes.
    • Bugfix: crash when sending very large request to FastCGI server.
  • v9.13   Release 9.13
    6b839c4c · Release 9.13 ·
    • Renamed SSLcertFile to TLScertFile.
    • Renamed RequireSSL to RequireTLS.
    • Renamed SSL_* CGI environment variables to TLS_*.
    • Renamed UrlToolkit option UseSSL to UseTLS.
    • Replaced MinSSLversion by MinTLSversion.
    • LogTimeouts option added.
    • Added 'skip directories' parameter to reverse proxy.
    • Failed logins sent to Hiawatha Monitor.
    • Small bugfix and improvements.
  • v9.12   Release 9.12
    ac7e052d · Release 9.12 ·
    • PolarSSL 1.3.9 upgraded to mbed TLS 1.3.10.
    • MacOS X PreferencePane removed from MacOS X package.
    • Bugfix: memory leak in SSL library.
    • Small bugfix.
  • v9.11   Release 9.11
    db22fed7 · Release 9.11 ·
    • ChallengeClient option added.
    • UrlToolkit options TotalConnections and OmitRequestLog added.
    • Improvements to UrlToolkit and reverse proxy swap.
    • UrlToolkit rules are also applied to PUT and DELETE.
    • Small improvements.
  • v9.10   Release 9.10
    e6c5e7c9 · Release 9.10 ·
    • Support for banning bad clients who connect via a proxy.
    • UrlToolkit option Do added. Changed how Call and Skip should be called.
    • General UrlToolkit improvements. See config/toolkit.conf for syntax.
    • Hiawatha now prefers reverse proxies with a scheme matching the one of the client connection. See config/toolkit.conf for syntax.
    • Hiawatha will now first process UrlToolkit rules before using ReverseProxy.
    • Small bugfixes and improvements.
  • v9.9   Release 9.9
    4d72b52d · Release 9.9 ·
    • HTTPAuthToCGI option added.
    • BanByCGI option added.
    • PolarSSL updated to version 1.3.9.
    • Improved SSL ciphersuite selections.
    • CAcertificates options added.
    • Dropped support for SSL3.0.
    • Small bugfixes and improvements.