You are here
Home/ New TurnKey Vanilla version (17.0)
Changes:
- Includes latest upstream version of Vanilla - v2021.009
- Updated all relevant Debian packages to Bullseye/11 versions; including
PHP 7.4.
- Provide predefined dh_params (via 'turnkey-make-ssl-cert' where relevant)
as per RFC7919 - part of #1653.
- Updated version of mysqltuner script.
- Enable HTTP/2 by default (where possible). Note: will not actually work
until a CA signed cert is generated or installed.
- Configure OCSP stapling (will only work once a valid cert is configured).
- Enable HSTS by default (only effects HTTPS traffic - full implementation
also requires HTTP redirect to HTTPS and valid cert).
- Enable Apache mod-headers by default (required for HSTS).
- Disable cipher order in default ssl.conf (no longer required with the
secure cipher suites we use; mild improvement in cpu resources).
- Note: Please refer to turnkey-core's 17.0 changelog for changes common to all appliances. Here we only describe changes specific to this appliance.
Links