Merge pull request #1314 from bunkerity/dev

Merge branch "dev" into branch "staging"
2026-05-24 09:28:37 +00:00 · 2024-06-28 11:43:31 +01:00 · 2024-06-28 11:43:31 +01:00 · 2b5ff369b7
commit 2b5ff369b7
parent f6655d3ff6 11c3737320
221 changed files with 1619 additions and 1966 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@ -47,7 +47,7 @@ body:
      label: BunkerWeb version
      description: What version of BunkerWeb are you running?
      placeholder: Version
-      value: 1.5.8
+      value: 1.5.9
    validations:
      required: true
  - type: dropdown
--- a/.github/workflows/container-build.yml
+++ b/.github/workflows/container-build.yml
@ -92,7 +92,7 @@ jobs:
      # Build cached image
      - name: Build image
        if: inputs.CACHE == true
-        uses: docker/build-push-action@c382f710d39a5bb4e430307530a720f50c2d3318 # v6.0.0
+        uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 # v6.2.0
        with:
          context: .
          file: ${{ inputs.DOCKERFILE }}
@ -105,7 +105,7 @@ jobs:
      # Build non-cached image
      - name: Build image
        if: inputs.CACHE != true
-        uses: docker/build-push-action@c382f710d39a5bb4e430307530a720f50c2d3318 # v6.0.0
+        uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 # v6.2.0
        with:
          context: .
          file: ${{ inputs.DOCKERFILE }}
--- a/.github/workflows/linux-build.yml
+++ b/.github/workflows/linux-build.yml
@ -94,7 +94,7 @@ jobs:
      # Build testing package image
      - name: Build package image
        if: inputs.RELEASE == 'testing' || inputs.RELEASE == 'dev' || inputs.RELEASE == 'ui'
-        uses: docker/build-push-action@c382f710d39a5bb4e430307530a720f50c2d3318 # v6.0.0
+        uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 # v6.2.0
        with:
          context: .
          load: true
@ -106,7 +106,7 @@ jobs:
      # Build non-testing package image
      - name: Build package image
        if: inputs.RELEASE != 'testing' && inputs.RELEASE != 'dev'
-        uses: docker/build-push-action@c382f710d39a5bb4e430307530a720f50c2d3318 # v6.0.0
+        uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 # v6.2.0
        with:
          context: .
          load: true
@ -142,7 +142,7 @@ jobs:
          images: ghcr.io/bunkerity/${{ inputs.LINUX }}-tests:${{ inputs.RELEASE }}
      - name: Build test image
        if: inputs.TEST == true
-        uses: docker/build-push-action@c382f710d39a5bb4e430307530a720f50c2d3318 # v6.0.0
+        uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 # v6.2.0
        with:
          context: .
          file: tests/linux/Dockerfile-${{ inputs.LINUX }}
--- a/.github/workflows/push-docker.yml
+++ b/.github/workflows/push-docker.yml
@ -70,7 +70,7 @@ jobs:
          images: bunkerity/${{ inputs.IMAGE }}
      # Build and push
      - name: Build and push
-        uses: docker/build-push-action@c382f710d39a5bb4e430307530a720f50c2d3318 # v6.0.0
+        uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 # v6.2.0
        with:
          context: .
          file: ${{ inputs.DOCKERFILE }}
--- a/.github/workflows/push-github.yml
+++ b/.github/workflows/push-github.yml
@ -51,7 +51,7 @@ jobs:
      # Create release
      - name: Create release
        if: inputs.VERSION != 'testing'
-        uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 # v2.0.5
+        uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6
        with:
          body: |
            Documentation : https://docs.bunkerweb.io/${{ inputs.VERSION }}/
@ -75,7 +75,7 @@ jobs:
      # Create release
      - name: Create release
        if: inputs.VERSION == 'testing'
-        uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 # v2.0.5
+        uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6
        with:
          body: |
            **The testing version of BunkerWeb should not be used in production, please use the latest stable version instead.**
--- a/.github/workflows/push-packagecloud.yml
+++ b/.github/workflows/push-packagecloud.yml
@ -42,7 +42,7 @@ jobs:
      - name: Check out repository code
        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
      - name: Install ruby
-        uses: ruby/setup-ruby@3783f195e29b74ae398d7caca108814bbafde90e # v1.180.1
+        uses: ruby/setup-ruby@af43264f2b94cc8451805dc51af7408f01de6471 # v1.182.0
        with:
          ruby-version: "3.0"
      - name: Install packagecloud
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,6 +1,13 @@
 # Changelog

-## v1.5.8 - ????/??/??
+## v1.5.9 - ????/??/??
+
+- [BUGFIX] Fix compatibility issues with mysql 8.4+ version and the `backup` plugin by adding the `mariadb-connector-c` dependency to the scheduler Dockerfile (on alpine)
+- [SECURITY] Update security headers in default pages and error pages for improved security
+- [DEPS] Updated LuaJIT version to v2.1-20240626
+- [DEPS] Updated coreruleset-v4 version to v4.4.0
+
+## v1.5.8 - 2024/06/19

 - [LINUX] Support Fedora 40 and drop support of Fedora 39
 - [BUGFIX] Fix potential errors when upgrading from a previous version
--- a/README.md
+++ b/README.md
@ -1,5 +1,5 @@
 <p align="center">
-	<img alt="BunkerWeb logo" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.8/misc/logo.png" height=100 width=350 />
+	<img alt="BunkerWeb logo" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.9/misc/logo.png" height=100 width=350 />
 </p>

 <p align="center">
@ -26,7 +26,7 @@
 	 &#124;
 	👨‍💻 <a href="https://demo.bunkerweb.io/?utm_campaign=self&utm_source=github">Demo</a>
 	 &#124;
-	🛡️ <a href="https://github.com/bunkerity/bunkerweb/raw/v1.5.8/examples">Examples</a>
+	🛡️ <a href="https://github.com/bunkerity/bunkerweb/raw/v1.5.9/examples">Examples</a>
 	 &#124;
 	💬 <a href="https://discord.com/invite/fTf46FmtyD">Chat</a>
 	 &#124;
@ -44,14 +44,14 @@
 # BunkerWeb

 <p align="center">
-	<img alt="Overview banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.8/docs/assets/img/intro-overview.svg" />
+	<img alt="Overview banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.9/docs/assets/img/intro-overview.svg" />
 </p>

 BunkerWeb is a next-generation and open-source Web Application Firewall (WAF).

-Being a full-featured web server (based on [NGINX](https://nginx.org/) under the hood), it will protect your web services to make them "secure by default". BunkerWeb integrates seamlessly into your existing environments ([Linux](https://docs.bunkerweb.io/1.5.8/integrations/?utm_campaign=self&utm_source=github#linux), [Docker](https://docs.bunkerweb.io/1.5.8/integrations/?utm_campaign=self&utm_source=github#docker), [Swarm](https://docs.bunkerweb.io/1.5.8/integrations/?utm_campaign=self&utm_source=github#swarm), [Kubernetes](https://docs.bunkerweb.io/1.5.8/integrations/?utm_campaign=self&utm_source=github#kubernetes), …) and is fully configurable (don't panic, there is an [awesome web UI](https://docs.bunkerweb.io/1.5.8/web-ui/?utm_campaign=self&utm_source=github) if you don't like the CLI) to meet your own use-cases . In other words, cybersecurity is no more a hassle.
+Being a full-featured web server (based on [NGINX](https://nginx.org/) under the hood), it will protect your web services to make them "secure by default". BunkerWeb integrates seamlessly into your existing environments ([Linux](https://docs.bunkerweb.io/1.5.9/integrations/?utm_campaign=self&utm_source=github#linux), [Docker](https://docs.bunkerweb.io/1.5.9/integrations/?utm_campaign=self&utm_source=github#docker), [Swarm](https://docs.bunkerweb.io/1.5.9/integrations/?utm_campaign=self&utm_source=github#swarm), [Kubernetes](https://docs.bunkerweb.io/1.5.9/integrations/?utm_campaign=self&utm_source=github#kubernetes), …) and is fully configurable (don't panic, there is an [awesome web UI](https://docs.bunkerweb.io/1.5.9/web-ui/?utm_campaign=self&utm_source=github) if you don't like the CLI) to meet your own use-cases . In other words, cybersecurity is no more a hassle.

-BunkerWeb contains primary [security features](https://docs.bunkerweb.io/1.5.8/security-tuning/?utm_campaign=self&utm_source=github) as part of the core but can be easily extended with additional ones thanks to a [plugin system](https://docs.bunkerweb.io/1.5.8/plugins/?utm_campaign=self&utm_source=github).
+BunkerWeb contains primary [security features](https://docs.bunkerweb.io/1.5.9/security-tuning/?utm_campaign=self&utm_source=github) as part of the core but can be easily extended with additional ones thanks to a [plugin system](https://docs.bunkerweb.io/1.5.9/plugins/?utm_campaign=self&utm_source=github).

 ## Why BunkerWeb ?

@ -76,7 +76,7 @@ A non-exhaustive list of security features :
 - **Block known bad IPs** with external blacklists and DNSBL
 - And much more ...

-Learn more about the core security features in the [security tuning](https://docs.bunkerweb.io/1.5.8/security-tuning/?utm_campaign=self&utm_source=github) section of the documentation.
+Learn more about the core security features in the [security tuning](https://docs.bunkerweb.io/1.5.9/security-tuning/?utm_campaign=self&utm_source=github) section of the documentation.

 ## Demo

@ -105,13 +105,13 @@ When using BunkerWeb you have the choice of the version you want to use : open-s

 Whether it's enhanced security, an enriched user experience, or technical supervision, the BunkerWeb PRO version will allow you to fully benefit from BunkerWeb and respond to your professional needs.

-Be it in the documentation or the user interface, the PRO features are annotated with a crown <img src="https://docs.bunkerweb.io/1.5.8/assets/img/pro-icon.svg" alt="crow pro icon" height="24px" width="24px"> to distinguish them from those integrated into the open-source version.
+Be it in the documentation or the user interface, the PRO features are annotated with a crown <img src="https://docs.bunkerweb.io/1.5.9/assets/img/pro-icon.svg" alt="crow pro icon" height="24px" width="24px"> to distinguish them from those integrated into the open-source version.

 You can upgrade from the open-source version to the PRO one easily and at any time you want. The process is pretty straightforward :

 - Claim your [free trial on the BunkerWeb panel](https://panel.bunkerweb.io/?utm_campaign=self&utm_source=doc)
 - Once connected to the client area, copy your PRO license key
- Paste your private key into BunkerWeb using the [web UI](https://docs.bunkerweb.io/1.5.8/web-ui/#upgrade-to-pro) or [specific setting](https://docs.bunkerweb.io/1.5.8/settings/#pro)
+- Paste your private key into BunkerWeb using the [web UI](https://docs.bunkerweb.io/1.5.9/web-ui/#upgrade-to-pro) or [specific setting](https://docs.bunkerweb.io/1.5.9/settings/#pro)

 Do not hesitate to visit the [BunkerWeb panel](https://panel.bunkerweb.io/knowledgebase?utm_campaign=self&utm_source=doc) or [contact us](https://panel.bunkerweb.io/contact.php?utm_campaign=self&utm_source=doc) if you have any question regarding the PRO version.

@ -144,10 +144,10 @@ Community and social networks :
 # Concepts

 <p align="center">
-	<img alt="Concepts banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.8/docs/assets/img/concepts.svg" />
+	<img alt="Concepts banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.9/docs/assets/img/concepts.svg" />
 </p>

-You will find more information about the key concepts of BunkerWeb in the [documentation](https://docs.bunkerweb.io/1.5.8/concepts/?utm_campaign=self&utm_source=github).
+You will find more information about the key concepts of BunkerWeb in the [documentation](https://docs.bunkerweb.io/1.5.9/concepts/?utm_campaign=self&utm_source=github).

 ## Integrations

@ -155,12 +155,12 @@ The first concept is the integration of BunkerWeb into the target environment. W

 The following integrations are officially supported :

- [Docker](https://docs.bunkerweb.io/1.5.8/integrations/?utm_campaign=self&utm_source=github#docker)
- [Linux](https://docs.bunkerweb.io/1.5.8/integrations/?utm_campaign=self&utm_source=github#linux)
- [Docker autoconf](https://docs.bunkerweb.io/1.5.8/integrations/?utm_campaign=self&utm_source=github#docker-autoconf)
- [Kubernetes](https://docs.bunkerweb.io/1.5.8/integrations/?utm_campaign=self&utm_source=github#kubernetes)
- [Swarm](https://docs.bunkerweb.io/1.5.8/integrations/?utm_campaign=self&utm_source=github#swarm)
- [Microsoft Azure](https://docs.bunkerweb.io/1.5.8/integrations/?utm_campaign=self&utm_source=github#microsoft-azure)
+- [Docker](https://docs.bunkerweb.io/1.5.9/integrations/?utm_campaign=self&utm_source=github#docker)
+- [Linux](https://docs.bunkerweb.io/1.5.9/integrations/?utm_campaign=self&utm_source=github#linux)
+- [Docker autoconf](https://docs.bunkerweb.io/1.5.9/integrations/?utm_campaign=self&utm_source=github#docker-autoconf)
+- [Kubernetes](https://docs.bunkerweb.io/1.5.9/integrations/?utm_campaign=self&utm_source=github#kubernetes)
+- [Swarm](https://docs.bunkerweb.io/1.5.9/integrations/?utm_campaign=self&utm_source=github#swarm)
+- [Microsoft Azure](https://docs.bunkerweb.io/1.5.9/integrations/?utm_campaign=self&utm_source=github#microsoft-azure)

 ## Settings

@ -192,7 +192,7 @@ When multisite mode is enabled, BunkerWeb will serve and protect multiple web ap

 ## Custom configurations

-Because meeting all the use cases only using the settings is not an option (even with [external plugins](https://docs.bunkerweb.io/1.5.8/plugins/?utm_campaign=self&utm_source=github)), you can use custom configurations to solve your specific challenges.
+Because meeting all the use cases only using the settings is not an option (even with [external plugins](https://docs.bunkerweb.io/1.5.9/plugins/?utm_campaign=self&utm_source=github)), you can use custom configurations to solve your specific challenges.

 Under the hood, BunkerWeb uses the notorious NGINX web server, that's why you can leverage its configuration system for your specific needs. Custom NGINX configurations can be included in different [contexts](https://docs.nginx.com/nginx/admin-guide/basic-functionality/managing-configuration-files/#contexts) like HTTP or server (all servers and/or specific server block).

@ -201,7 +201,7 @@ Another core component of BunkerWeb is the ModSecurity Web Application Firewall
 ## Database

 <p align="center">
-	<img alt="Database model" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.8/docs/assets/img/bunkerweb_db.svg" />
+	<img alt="Database model" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.9/docs/assets/img/bunkerweb_db.svg" />
 </p>

 State of the current configuration of BunkerWeb is stored in a backend database which contains the following data :
@ -230,7 +230,7 @@ In other words, the scheduler is the brain of BunkerWeb.
 ## BunkerWeb Cloud

 <p align="center">
-	<img alt="Docker banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.8/docs/assets/img/bunkerweb-cloud.webp" />
+	<img alt="Docker banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.9/docs/assets/img/bunkerweb-cloud.webp" />
 </p>

 BunkerWeb Cloud is the easiest way to get started with BunkerWeb. It offers you a fully managed BunkerWeb service with no hassle. Think of a like a BunkerWeb-as-a-Service !
@ -240,7 +240,7 @@ You will find more information about BunkerWeb Cloud beta [here](https://www.bun
 ## Docker

 <p align="center">
-	<img alt="Docker banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.8/docs/assets/img/integration-docker.svg" />
+	<img alt="Docker banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.9/docs/assets/img/integration-docker.svg" />
 </p>

 We provide ready to use prebuilt images for x64, x86, armv7 and arm64 platforms on [Docker Hub](https://hub.docker.com/u/bunkerity).
@ -251,46 +251,46 @@ Docker integration key concepts are :
 - **Scheduler** container to store configuration and execute jobs
 - **Networks** to expose ports for clients and connect to upstream web services

-You will find more information in the [Docker integration section](https://docs.bunkerweb.io/1.5.8/integrations/?utm_campaign=self&utm_source=github#docker) of the documentation.
+You will find more information in the [Docker integration section](https://docs.bunkerweb.io/1.5.9/integrations/?utm_campaign=self&utm_source=github#docker) of the documentation.

 ## Docker autoconf

 <p align="center">
-	<img alt="Docker autoconf banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.8/docs/assets/img/integration-autoconf.svg" />
+	<img alt="Docker autoconf banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.9/docs/assets/img/integration-autoconf.svg" />
 </p>

 The downside of using environment variables is that the container needs to be recreated each time there is an update which is not very convenient. To counter that issue, you can use another image called **autoconf** which will listen for Docker events and automatically reconfigure BunkerWeb in real-time without recreating the container.

 Instead of defining environment variables for the BunkerWeb container, you simply add **labels** to your web applications containers and the **autoconf** will "automagically" take care of the rest.

-You will find more information in the [Docker autoconf section](https://docs.bunkerweb.io/1.5.8/integrations/?utm_campaign=self&utm_source=github#docker-autoconf) of the documentation.
+You will find more information in the [Docker autoconf section](https://docs.bunkerweb.io/1.5.9/integrations/?utm_campaign=self&utm_source=github#docker-autoconf) of the documentation.

 ## Swarm

 <p align="center">
-	<img alt="Swarm banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.8/docs/assets/img/integration-swarm.svg" />
+	<img alt="Swarm banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.9/docs/assets/img/integration-swarm.svg" />
 </p>

 To automatically configure BunkerWeb instances, a special service, called **autoconf** will listen for Docker Swarm events like service creation or deletion and automatically configure the **BunkerWeb instances** in real-time without downtime.

-Like the [Docker autoconf integration](https://docs.bunkerweb.io/1.5.8/integrations/?utm_campaign=self&utm_source=github#docker-autoconf), configuration for web services is defined using labels starting with the special **bunkerweb.** prefix.
+Like the [Docker autoconf integration](https://docs.bunkerweb.io/1.5.9/integrations/?utm_campaign=self&utm_source=github#docker-autoconf), configuration for web services is defined using labels starting with the special **bunkerweb.** prefix.

-You will find more information in the [Swarm section](https://docs.bunkerweb.io/1.5.8/integrations/?utm_campaign=self&utm_source=github#swarm) of the documentation.
+You will find more information in the [Swarm section](https://docs.bunkerweb.io/1.5.9/integrations/?utm_campaign=self&utm_source=github#swarm) of the documentation.

 ## Kubernetes

 <p align="center">
-	<img alt="Kubernetes banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.8/docs/assets/img/integration-kubernetes.svg" />
+	<img alt="Kubernetes banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.9/docs/assets/img/integration-kubernetes.svg" />
 </p>

 The autoconf acts as an [Ingress controller](https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/) and will configure the BunkerWeb instances according to the [Ingress resources](https://kubernetes.io/docs/concepts/services-networking/ingress/). It also monitors other Kubernetes objects like [ConfigMap](https://kubernetes.io/docs/concepts/configuration/configmap/) for custom configurations.

-You will find more information in the [Kubernetes section](https://docs.bunkerweb.io/1.5.8/integrations/?utm_campaign=self&utm_source=github#kubernetes) of the documentation.
+You will find more information in the [Kubernetes section](https://docs.bunkerweb.io/1.5.9/integrations/?utm_campaign=self&utm_source=github#kubernetes) of the documentation.

 ## Linux

 <p align="center">
-	<img alt="Linux banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.8/docs/assets/img/integration-linux.svg" />
+	<img alt="Linux banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.9/docs/assets/img/integration-linux.svg" />
 </p>

 List of supported Linux distros :
@ -304,21 +304,21 @@ List of supported Linux distros :

 Repositories of Linux packages for BunkerWeb are available on [PackageCloud](https://packagecloud.io/bunkerity/bunkerweb), they provide a bash script to automatically add and trust the repository (but you can also follow the [manual installation](https://packagecloud.io/bunkerity/bunkerweb/install) instructions if you prefer).

-You will find more information in the [Linux section](https://docs.bunkerweb.io/1.5.8/integrations/?utm_campaign=self&utm_source=github#linux) of the documentation.
+You will find more information in the [Linux section](https://docs.bunkerweb.io/1.5.9/integrations/?utm_campaign=self&utm_source=github#linux) of the documentation.

 ## Microsoft Azure

 <p align="center">
-	<img alt="Azure banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.8/docs/assets/img/integration-azure.webp" />
+	<img alt="Azure banner" src="https://github.com/bunkerity/bunkerweb/raw/v1.5.9/docs/assets/img/integration-azure.webp" />
 </p>

-BunkerWeb is referenced in the [Azure Marketplace](https://azuremarketplace.microsoft.com/fr-fr/marketplace/apps/bunkerity.bunkerweb?tab=Overview) and a ARM template is available in the [misc folder](https://github.com/bunkerity/bunkerweb/raw/v1.5.8/misc/integrations/azure-arm-template.json).
+BunkerWeb is referenced in the [Azure Marketplace](https://azuremarketplace.microsoft.com/fr-fr/marketplace/apps/bunkerity.bunkerweb?tab=Overview) and a ARM template is available in the [misc folder](https://github.com/bunkerity/bunkerweb/raw/v1.5.9/misc/integrations/azure-arm-template.json).

-You will find more information in the [Microsoft Azure section](https://docs.bunkerweb.io/1.5.8/integrations/?utm_campaign=self&utm_source=github#microsoft-azure) of the documentation.
+You will find more information in the [Microsoft Azure section](https://docs.bunkerweb.io/1.5.9/integrations/?utm_campaign=self&utm_source=github#microsoft-azure) of the documentation.

 # Quickstart guide

-Once you have setup BunkerWeb with the integration of your choice, you can follow the [quickstart guide](https://docs.bunkerweb.io/1.5.8/quickstart-guide/?utm_campaign=self&utm_source=github) that will cover the following common use cases :
+Once you have setup BunkerWeb with the integration of your choice, you can follow the [quickstart guide](https://docs.bunkerweb.io/1.5.9/quickstart-guide/?utm_campaign=self&utm_source=github) that will cover the following common use cases :

 - Protecting a single HTTP application
 - Protecting multiple HTTP application
@ -329,9 +329,9 @@ Once you have setup BunkerWeb with the integration of your choice, you can follo

 # Security tuning

-BunkerWeb offers many security features that you can configure with [settings](https://docs.bunkerweb.io/1.5.8/settings/?utm_campaign=self&utm_source=github). Even if the default values of settings ensure a minimal "security by default", we strongly recommend you to tune them. By doing so you will be able to ensure a security level of your choice but also manage false positives.
+BunkerWeb offers many security features that you can configure with [settings](https://docs.bunkerweb.io/1.5.9/settings/?utm_campaign=self&utm_source=github). Even if the default values of settings ensure a minimal "security by default", we strongly recommend you to tune them. By doing so you will be able to ensure a security level of your choice but also manage false positives.

-You will find more information in the [security tuning section](https://docs.bunkerweb.io/1.5.8/security-tuning/?utm_campaign=self&utm_source=github) of the documentation.
+You will find more information in the [security tuning section](https://docs.bunkerweb.io/1.5.9/security-tuning/?utm_campaign=self&utm_source=github) of the documentation.

 # Settings

@ -341,13 +341,13 @@ As a general rule when multisite mode is enabled, if you want to apply settings

 When settings are considered as "multiple", it means that you can have multiple groups of settings for the same feature by adding numbers as suffix like `REVERSE_PROXY_URL_1=/subdir`, `REVERSE_PROXY_HOST_1=http://myhost1`, `REVERSE_PROXY_URL_2=/anotherdir`, `REVERSE_PROXY_HOST_2=http://myhost2`, ... for example.

-Check the [settings section](https://docs.bunkerweb.io/1.5.8/settings/?utm_campaign=self&utm_source=github) of the documentation to get the full list.
+Check the [settings section](https://docs.bunkerweb.io/1.5.9/settings/?utm_campaign=self&utm_source=github) of the documentation to get the full list.

 # Web UI

 <p align="center">
 	<a href="https://www.youtube.com/watch?v=Ao20SfvQyr4">
-		<img src="https://github.com/bunkerity/bunkerweb/raw/v1.5.8/docs/assets/img/user_interface_demo.webp" height="300" />
+		<img src="https://github.com/bunkerity/bunkerweb/raw/v1.5.9/docs/assets/img/user_interface_demo.webp" height="300" />
 	</a>
 </p>

@ -361,7 +361,7 @@ The "Web UI" is a web application that helps you manage your BunkerWeb instance
 - Monitor jobs execution
 - View the logs and search pattern

-You will find more information in the [Web UI section](https://docs.bunkerweb.io/1.5.8/web-ui/?utm_campaign=self&utm_source=github) of the documentation.
+You will find more information in the [Web UI section](https://docs.bunkerweb.io/1.5.9/web-ui/?utm_campaign=self&utm_source=github) of the documentation.

 # Plugins

@ -379,7 +379,7 @@ Here is the list of "official" plugins that we maintain (see the [bunkerweb-plug
 | **VirusTotal** |   1.5   | Automatically scans uploaded files with the VirusTotal API and denies the request when a file is detected as malicious.          | [bunkerweb-plugins/virustotal](https://github.com/bunkerity/bunkerweb-plugins/tree/main/virustotal) |
 |  **WebHook**   |   1.5   | Send security notifications to a custom HTTP endpoint using a Webhook.                                                           |     [bunkerweb-plugins/slack](https://github.com/bunkerity/bunkerweb-plugins/tree/main/webhook)     |

-You will find more information in the [plugins section](https://docs.bunkerweb.io/1.5.8/plugins/?utm_campaign=self&utm_source=github) of the documentation.
+You will find more information in the [plugins section](https://docs.bunkerweb.io/1.5.9/plugins/?utm_campaign=self&utm_source=github) of the documentation.

 # Support

@ -402,15 +402,15 @@ Please don't use [GitHub issues](https://github.com/bunkerity/bunkerweb/issues)

 # License

-This project is licensed under the terms of the [GNU Affero General Public License (AGPL) version 3](https://github.com/bunkerity/bunkerweb/raw/v1.5.8/LICENSE.md).
+This project is licensed under the terms of the [GNU Affero General Public License (AGPL) version 3](https://github.com/bunkerity/bunkerweb/raw/v1.5.9/LICENSE.md).

 # Contribute

-If you would like to contribute to the plugins you can read the [contributing guidelines](https://github.com/bunkerity/bunkerweb/raw/v1.5.8/CONTRIBUTING.md) to get started.
+If you would like to contribute to the plugins you can read the [contributing guidelines](https://github.com/bunkerity/bunkerweb/raw/v1.5.9/CONTRIBUTING.md) to get started.

 # Security policy

-We take security bugs as serious issues and encourage responsible disclosure, see our [security policy](https://github.com/bunkerity/bunkerweb/raw/v1.5.8/SECURITY.md) for more information.
+We take security bugs as serious issues and encourage responsible disclosure, see our [security policy](https://github.com/bunkerity/bunkerweb/raw/v1.5.9/SECURITY.md) for more information.

 # Stargazers over time

--- a/docs/concepts.md
+++ b/docs/concepts.md
@ -83,7 +83,7 @@ app3.example.com_USE_BAD_BEHAVIOR=no

 !!! info "Going further"

-    You will find concrete examples of multisite mode in the [quickstart guide](quickstart-guide.md) of the documentation and the [examples](https://github.com/bunkerity/bunkerweb/tree/v1.5.8/examples) directory of the repository.
+    You will find concrete examples of multisite mode in the [quickstart guide](quickstart-guide.md) of the documentation and the [examples](https://github.com/bunkerity/bunkerweb/tree/v1.5.9/examples) directory of the repository.

 ## Custom configurations

@ -97,7 +97,7 @@ By leveraging custom configurations, you unlock a world of possibilities to tail

 !!! info "Going further"

-    You will find concrete examples of custom configurations in the [quickstart guide](quickstart-guide.md) of the documentation and the [examples](https://github.com/bunkerity/bunkerweb/tree/v1.5.8/examples) directory of the repository.
+    You will find concrete examples of custom configurations in the [quickstart guide](quickstart-guide.md) of the documentation and the [examples](https://github.com/bunkerity/bunkerweb/tree/v1.5.9/examples) directory of the repository.

 ## Database

--- a/docs/integrations.md
+++ b/docs/integrations.md
@ -35,13 +35,13 @@ By accessing these prebuilt images from Docker Hub, you can quickly pull and run
 Whether you're conducting tests, developing applications, or deploying BunkerWeb in production, the Docker containerization option provides flexibility and ease of use. Embracing this method empowers you to take full advantage of BunkerWeb's features while leveraging the benefits of Docker technology.

 ```shell
-docker pull bunkerity/bunkerweb:1.5.8
+docker pull bunkerity/bunkerweb:1.5.9
 ```

 Docker images are also available on [GitHub packages](https://github.com/orgs/bunkerity/packages?repo_name=bunkerweb) and can be downloaded using the `ghcr.io` repository address :

 ```shell
-docker pull ghcr.io/bunkerity/bunkerweb:1.5.8
+docker pull ghcr.io/bunkerity/bunkerweb:1.5.9
 ```

 Alternatively, if you prefer a more hands-on approach, you have the option to build the Docker image directly from the [source](https://github.com/bunkerity/bunkerweb). Building the image from source gives you greater control and customization over the deployment process. However, please note that this method may take some time to complete, depending on your hardware configuration.
@ -71,7 +71,7 @@ When integrating BunkerWeb with Docker, there are key concepts to keep in mind,
 - **Networks**: Docker networks play a vital role in the integration of BunkerWeb. These networks serve two main purposes: exposing ports to clients and connecting to upstream web services. By exposing ports, BunkerWeb can accept incoming requests from clients, allowing them to access the protected web services. Additionally, by connecting to upstream web services, BunkerWeb can efficiently route and manage the traffic, providing enhanced security and performance.

 !!! info "Database backend"
-    Please be aware that our instructions assume you are using SQLite as the default database backend, as configured by the `DATABASE_URI` setting. However, we understand that you may prefer to utilize alternative backends for your Docker integration. If that is the case, rest assured that other database backends are still possible. See docker-compose files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.8/misc/integrations) folder of the repository for more information.
+    Please be aware that our instructions assume you are using SQLite as the default database backend, as configured by the `DATABASE_URI` setting. However, we understand that you may prefer to utilize alternative backends for your Docker integration. If that is the case, rest assured that other database backends are still possible. See docker-compose files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.9/misc/integrations) folder of the repository for more information.

 ### Environment variables

@ -81,7 +81,7 @@ Settings are passed to BunkerWeb using Docker environment variables :
 ...
 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    labels:
      - "bunkerweb.INSTANCE=yes"
    environment:
@ -100,7 +100,7 @@ Please note that the `bunkerweb.INSTANCE` is mandatory to make sure the schedule
 The [scheduler](concepts.md#scheduler) is executed in its own container which is also available on Docker Hub :

 ```shell
-docker pull bunkerity/bunkerweb-scheduler:1.5.8
+docker pull bunkerity/bunkerweb-scheduler:1.5.9
 ```

 Alternatively, you can build the Docker image directly from the [source](https://github.com/bunkerity/bunkerweb) (less coffee ☕ needed than BunkerWeb image) :
@ -117,7 +117,7 @@ A volume is needed to store the SQLite database that will be used by the schedul
 ...
 services:
  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    volumes:
      - bw-data:/data
 ...
@ -179,7 +179,7 @@ You will need to create the Docker API proxy container, mount the socket and set
 ...
 services:
  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    env:
      - DOCKER_HOST=tcp://bw-docker:2375
 ...
@ -227,7 +227,7 @@ To secure the communication between the scheduler and BunkerWeb API, it is impor
 ...
 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -236,7 +236,7 @@ services:
      - bw-universe
 ...
  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    networks:
      - bw-universe
      - bw-docker
@ -266,7 +266,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -280,7 +280,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -371,12 +371,12 @@ To simplify the installation process, Linux package repositories for BunkerWeb a
    export UI_WIZARD=1
    ```

-    And finally install BunkerWeb 1.5.8 :
+    And finally install BunkerWeb 1.5.9 :

    ```shell
    curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.deb.sh | sudo bash && \
    sudo apt update && \
-    sudo -E apt install -y bunkerweb=1.5.8
+    sudo -E apt install -y bunkerweb=1.5.9
    ```

    To prevent upgrading NGINX and/or BunkerWeb packages when executing `apt upgrade`, you can use the following command :
@ -418,12 +418,12 @@ To simplify the installation process, Linux package repositories for BunkerWeb a
    export UI_WIZARD=1
    ```

-    And finally install BunkerWeb 1.5.8 :
+    And finally install BunkerWeb 1.5.9 :

    ```shell
    curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.deb.sh | sudo bash && \
    sudo apt update && \
-    sudo -E apt install -y bunkerweb=1.5.8
+    sudo -E apt install -y bunkerweb=1.5.9
    ```

    To prevent upgrading NGINX and/or BunkerWeb packages when executing `apt upgrade`, you can use the following command :
@ -453,14 +453,14 @@ To simplify the installation process, Linux package repositories for BunkerWeb a
    export UI_WIZARD=1
    ```

-    And finally install BunkerWeb 1.5.8 :
+    And finally install BunkerWeb 1.5.9 :

    ```shell
    curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.rpm.sh | \
  	sed 's/yum install -y pygpgme --disablerepo='\''bunkerity_bunkerweb'\''/yum install -y python-gnupg/g' | \
  	sed 's/pypgpme_check=`rpm -qa | grep -qw pygpgme`/python-gnupg_check=`rpm -qa | grep -qw python-gnupg`/g' | sudo bash && \
  	sudo dnf makecache && \
-  	sudo -E dnf install -y bunkerweb-1.5.8
+  	sudo -E dnf install -y bunkerweb-1.5.9
    ```

    To prevent upgrading NGINX and/or BunkerWeb packages when executing `dnf upgrade`, you can use the following command :
@ -504,13 +504,13 @@ To simplify the installation process, Linux package repositories for BunkerWeb a
    export UI_WIZARD=1
    ```

-    And finally install BunkerWeb 1.5.8 :
+    And finally install BunkerWeb 1.5.9 :

    ```shell
 	  sudo dnf install -y epel-release && \
    curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.rpm.sh | sudo bash && \
    sudo dnf check-update && \
-    sudo -E dnf install -y bunkerweb-1.5.8
+    sudo -E dnf install -y bunkerweb-1.5.9
    ```

    To prevent upgrading NGINX and/or BunkerWeb packages when executing `dnf upgrade`, you can use the following command :
@ -558,7 +558,7 @@ By adopting this approach, you can enjoy real-time reconfiguration of BunkerWeb
    The Docker autoconf integration implies the use of **multisite mode**. Please refer to the [multisite section](concepts.md#multisite-mode) of the documentation for more information.

 !!! info "Database backend"
-    Please be aware that our instructions assume you are using MariaDB as the default database backend, as configured by the `DATABASE_URI` setting. However, we understand that you may prefer to utilize alternative backends for your Docker integration. If that is the case, rest assured that other database backends are still possible. See docker-compose files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.8/misc/integrations) folder of the repository for more information.
+    Please be aware that our instructions assume you are using MariaDB as the default database backend, as configured by the `DATABASE_URI` setting. However, we understand that you may prefer to utilize alternative backends for your Docker integration. If that is the case, rest assured that other database backends are still possible. See docker-compose files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.9/misc/integrations) folder of the repository for more information.

 To enable automated configuration updates, include an additional container called `bw-autoconf` in the stack. This container hosts the autoconf service, which manages dynamic configuration changes for BunkerWeb. To support this functionality, use a dedicated "real" database backend (e.g., MariaDB, MySQL, or PostgreSQL) for synchronized configuration storage. By integrating `bw-autoconf` and a suitable database backend, you establish the infrastructure for seamless automated configuration management in BunkerWeb.

@ -567,7 +567,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -584,7 +584,7 @@ services:
      - bw-services

  bw-autoconf:
-    image: bunkerity/bunkerweb-autoconf:1.5.8
+    image: bunkerity/bunkerweb-autoconf:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -597,7 +597,7 @@ services:
      - bw-docker

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -689,7 +689,7 @@ For an optimal setup, it is recommended to define BunkerWeb as a **[DaemonSet](h
 Given the presence of multiple BunkerWeb instances, it is necessary to establish a shared data store implemented as a [Redis](https://redis.io/) service. This Redis service will be utilized by the instances to cache and share data among themselves. Further information about the Redis settings can be found [here](settings.md#redis).

 !!! info "Database backend"
-    Please be aware that our instructions assume you are using MariaDB as the default database backend, as configured by the `DATABASE_URI` setting. However, we understand that you may prefer to utilize alternative backends for your Docker integration. If that is the case, rest assured that other database backends are still possible. See docker-compose files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.8/misc/integrations) folder of the repository for more information.
+    Please be aware that our instructions assume you are using MariaDB as the default database backend, as configured by the `DATABASE_URI` setting. However, we understand that you may prefer to utilize alternative backends for your Docker integration. If that is the case, rest assured that other database backends are still possible. See docker-compose files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.9/misc/integrations) folder of the repository for more information.

    Clustered database backends setup are out-of-the-scope of this documentation.

@ -750,7 +750,7 @@ spec:
      containers:
        # using bunkerweb as name is mandatory
        - name: bunkerweb
-          image: bunkerity/bunkerweb:1.5.8
+          image: bunkerity/bunkerweb:1.5.9
          imagePullPolicy: Always
          securityContext:
            runAsUser: 101
@ -820,7 +820,7 @@ spec:
      serviceAccountName: sa-bunkerweb
      containers:
        - name: bunkerweb-controller
-          image: bunkerity/bunkerweb-autoconf:1.5.8
+          image: bunkerity/bunkerweb-autoconf:1.5.9
          imagePullPolicy: Always
          env:
            - name: KUBERNETES_MODE
@ -847,7 +847,7 @@ spec:
      serviceAccountName: sa-bunkerweb
      containers:
        - name: bunkerweb-scheduler
-          image: bunkerity/bunkerweb-scheduler:1.5.8
+          image: bunkerity/bunkerweb-scheduler:1.5.9
          imagePullPolicy: Always
          env:
            - name: KUBERNETES_MODE
@ -1010,7 +1010,7 @@ Since multiple instances of BunkerWeb are running, a shared data store implement
 As for the database volume, the documentation does not specify a specific approach. Choosing either a shared folder or a specific driver for the database volume is dependent on your unique use-case and is left as an exercise for the reader.

 !!! info "Database backend"
-    Please be aware that our instructions assume you are using MariaDB as the default database backend, as configured by the `DATABASE_URI` setting. However, we understand that you may prefer to utilize alternative backends for your Docker integration. If that is the case, rest assured that other database backends are still possible. See docker-compose files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.8/misc/integrations) folder of the repository for more information.
+    Please be aware that our instructions assume you are using MariaDB as the default database backend, as configured by the `DATABASE_URI` setting. However, we understand that you may prefer to utilize alternative backends for your Docker integration. If that is the case, rest assured that other database backends are still possible. See docker-compose files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.9/misc/integrations) folder of the repository for more information.

    Clustered database backends setup are out-of-the-scope of this documentation.

@ -1021,7 +1021,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - published: 80
        target: 8080
@ -1051,7 +1051,7 @@ services:
        - "bunkerweb.INSTANCE=yes"

  bw-autoconf:
-    image: bunkerity/bunkerweb-autoconf:1.5.8
+    image: bunkerity/bunkerweb-autoconf:1.5.9
    environment:
      - SWARM_MODE=yes
      - DOCKER_HOST=tcp://bw-docker:2375
@ -1083,7 +1083,7 @@ services:
          - "node.role == manager"

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    environment:
      - SWARM_MODE=yes
      - DOCKER_HOST=tcp://bw-docker:2375
--- a/docs/plugins.md
+++ b/docs/plugins.md
@ -91,7 +91,7 @@ The first step is to install the plugin by putting the plugin files inside the c
    services:
    ...
      bw-scheduler:
-        image: bunkerity/bunkerweb-scheduler:1.5.8
+        image: bunkerity/bunkerweb-scheduler:1.5.9
        volumes:
          - ./bw-data:/data
    ...
@ -128,7 +128,7 @@ The first step is to install the plugin by putting the plugin files inside the c
    services:
    ...
      bw-scheduler:
-        image: bunkerity/bunkerweb-scheduler:1.5.8
+        image: bunkerity/bunkerweb-scheduler:1.5.9
        volumes:
          - ./bw-data:/data
    ...
@ -167,7 +167,7 @@ The first step is to install the plugin by putting the plugin files inside the c
    services:
    ...
      bw-scheduler:
-        image: bunkerity/bunkerweb-scheduler:1.5.8
+        image: bunkerity/bunkerweb-scheduler:1.5.9
        volumes:
          - /shared/bw-plugins:/data/plugins
    ...
@ -214,7 +214,7 @@ The first step is to install the plugin by putting the plugin files inside the c
          serviceAccountName: sa-bunkerweb
          containers:
            - name: bunkerweb-scheduler
-              image: bunkerity/bunkerweb-scheduler:1.5.8
+              image: bunkerity/bunkerweb-scheduler:1.5.9
              imagePullPolicy: Always
              env:
                - name: KUBERNETES_MODE
@ -254,7 +254,7 @@ The first step is to install the plugin by putting the plugin files inside the c

 !!! tip "Existing plugins"

-    If the documentation is not enough, you can have a look at the existing source code of [official plugins](https://github.com/bunkerity/bunkerweb-plugins) and the [core plugins](https://github.com/bunkerity/bunkerweb/tree/v1.5.8/src/common/core) (already included in BunkerWeb but they are plugins, technically speaking).
+    If the documentation is not enough, you can have a look at the existing source code of [official plugins](https://github.com/bunkerity/bunkerweb-plugins) and the [core plugins](https://github.com/bunkerity/bunkerweb/tree/v1.5.9/src/common/core) (already included in BunkerWeb but they are plugins, technically speaking).

 What a plugin structure looks like :
 ```
@ -524,7 +524,7 @@ end

 !!! tip "More examples"

-    If you want to see the full list of available functions, you can have a look at the files present in the [lua directory](https://github.com/bunkerity/bunkerweb/tree/v1.5.8/src/bw/lua/bunkerweb) of the repository.
+    If you want to see the full list of available functions, you can have a look at the files present in the [lua directory](https://github.com/bunkerity/bunkerweb/tree/v1.5.9/src/bw/lua/bunkerweb) of the repository.

 ### Jobs

--- a/docs/quickstart-guide.md
+++ b/docs/quickstart-guide.md
@ -6,7 +6,7 @@

 !!! tip "Going further"

-	To demonstrate the use of BunkerWeb, we will deploy a dummy "Hello World" web application as an example. See the [examples folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.8/examples) of the repository to get real-world examples.
+	To demonstrate the use of BunkerWeb, we will deploy a dummy "Hello World" web application as an example. See the [examples folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.9/examples) of the repository to get real-world examples.

 ## Protect HTTP applications

@ -37,7 +37,7 @@ You will find more settings about reverse proxy in the [settings section](settin
          - bw-services

      bunkerweb:
-        image: bunkerity/bunkerweb:1.5.8
+        image: bunkerity/bunkerweb:1.5.9
        ports:
          - 80:8080
          - 443:8443
@ -54,7 +54,7 @@ You will find more settings about reverse proxy in the [settings section](settin
          - bw-services

      bw-scheduler:
-        image: bunkerity/bunkerweb-scheduler:1.5.8
+        image: bunkerity/bunkerweb-scheduler:1.5.9
        depends_on:
          - bunkerweb
          - bw-docker
@ -295,7 +295,7 @@ You will find more settings about reverse proxy in the [settings section](settin
          - bw-services

      bunkerweb:
-        image: bunkerity/bunkerweb:1.5.8
+        image: bunkerity/bunkerweb:1.5.9
        ports:
          - 80:8080
          - 443:8443
@ -315,7 +315,7 @@ You will find more settings about reverse proxy in the [settings section](settin
          - bw-services

      bw-scheduler:
-        image: bunkerity/bunkerweb-scheduler:1.5.8
+        image: bunkerity/bunkerweb-scheduler:1.5.9
        depends_on:
          - bunkerweb
          - bw-docker
@ -634,7 +634,7 @@ REAL_IP_HEADER=X-Forwarded-For

    ```yaml
    mybunker:
-      image: bunkerity/bunkerweb:1.5.8
+      image: bunkerity/bunkerweb:1.5.9
      ...
      environment:
        - USE_REAL_IP=yes
@ -649,7 +649,7 @@ REAL_IP_HEADER=X-Forwarded-For

    ```yaml
    mybunker:
-      image: bunkerity/bunkerweb:1.5.8
+      image: bunkerity/bunkerweb:1.5.9
      ...
      environment:
        - USE_REAL_IP=yes
@ -664,7 +664,7 @@ REAL_IP_HEADER=X-Forwarded-For

    ```yaml
    mybunker:
-      image: bunkerity/bunkerweb:1.5.8
+      image: bunkerity/bunkerweb:1.5.9
      ...
      environment:
        - USE_REAL_IP=yes
@ -738,7 +738,7 @@ REAL_IP_HEADER=proxy_protocol

    ```yaml
    mybunker:
-      image: bunkerity/bunkerweb:1.5.8
+      image: bunkerity/bunkerweb:1.5.9
      ...
      environment:
        - USE_REAL_IP=yes
@ -754,7 +754,7 @@ REAL_IP_HEADER=proxy_protocol

    ```yaml
    mybunker:
-      image: bunkerity/bunkerweb:1.5.8
+      image: bunkerity/bunkerweb:1.5.9
      ...
      environment:
        - USE_REAL_IP=yes
@ -770,7 +770,7 @@ REAL_IP_HEADER=proxy_protocol

    ```yaml
    mybunker:
-      image: bunkerity/bunkerweb:1.5.8
+      image: bunkerity/bunkerweb:1.5.9
      ...
      environment:
        - USE_REAL_IP=yes
@ -869,7 +869,7 @@ For complete list of settings regarding `stream` mode, please refer to the [sett
          - bw-services

      bunkerweb:
-        image: bunkerity/bunkerweb:1.5.8
+        image: bunkerity/bunkerweb:1.5.9
        ports:
          - 80:8080 # Keep it if you want to use Let's Encrypt automation
          - 10000:10000 # app1
@ -891,7 +891,7 @@ For complete list of settings regarding `stream` mode, please refer to the [sett
          - bw-services

      bw-scheduler:
-        image: bunkerity/bunkerweb-scheduler:1.5.8
+        image: bunkerity/bunkerweb-scheduler:1.5.9
        depends_on:
          - bunkerweb
          - bw-docker
@ -940,7 +940,7 @@ For complete list of settings regarding `stream` mode, please refer to the [sett
    services:

      bunkerweb:
-        image: bunkerity/bunkerweb:1.5.8
+        image: bunkerity/bunkerweb:1.5.9
        ports:
          - 80:8080 # Keep it if you want to use Let's Encrypt automation
          - 10000:10000 # app1
@ -998,7 +998,7 @@ For complete list of settings regarding `stream` mode, please refer to the [sett

    services:
      bunkerweb:
-        image: bunkerity/bunkerweb:1.5.8
+        image: bunkerity/bunkerweb:1.5.9
        ports:
          # Keep it if you want to use Let's Encrypt automation
          - published: 80
@ -1142,7 +1142,7 @@ Some integrations provide more convenient ways to apply configurations, such as
    ```yaml
    ...
    mybunker:
-      image: bunkerity/bunkerweb:1.5.8
+      image: bunkerity/bunkerweb:1.5.9
      environment:
        - |
          CUSTOM_CONF_SERVER_HTTP_hello-world=
@ -1185,7 +1185,7 @@ Some integrations provide more convenient ways to apply configurations, such as

    ```yaml
    bw-scheduler:
-      image: bunkerity/bunkerweb-scheduler:1.5.8
+      image: bunkerity/bunkerweb-scheduler:1.5.9
      volumes:
        - ./bw-data:/data
      ...
@ -1255,7 +1255,7 @@ Some integrations provide more convenient ways to apply configurations, such as

    ```yaml
    bw-scheduler:
-      image: bunkerity/bunkerweb-scheduler:1.5.8
+      image: bunkerity/bunkerweb-scheduler:1.5.9
      volumes:
        - ./bw-data:/data
      ...
@ -1439,7 +1439,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma
          - bw-services

      bunkerweb:
-        image: bunkerity/bunkerweb:1.5.8
+        image: bunkerity/bunkerweb:1.5.9
        volumes:
          - ./www:/var/www/html
        ports:
@ -1462,7 +1462,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma
          - bw-services

      bw-scheduler:
-        image: bunkerity/bunkerweb-scheduler:1.5.8
+        image: bunkerity/bunkerweb-scheduler:1.5.9
        depends_on:
          - bunkerweb
          - bw-docker
@ -1540,7 +1540,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma

    services:
      bunkerweb:
-        image: bunkerity/bunkerweb:1.5.8
+        image: bunkerity/bunkerweb:1.5.9
        volumes:
          - ./www:/var/www/html
        labels:
@ -1554,7 +1554,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma
          - bw-services

      bw-scheduler:
-        image: bunkerity/bunkerweb-scheduler:1.5.8
+        image: bunkerity/bunkerweb-scheduler:1.5.9
        depends_on:
          - bunkerweb
          - bw-docker
@ -1698,7 +1698,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma

    services:
      bunkerweb:
-        image: bunkerity/bunkerweb:1.5.8
+        image: bunkerity/bunkerweb:1.5.9
        volumes:
          - /shared/www:/var/www/html
    ...
@ -1889,7 +1889,7 @@ By default, BunkerWeb will only listen on IPv4 addresses and won't use IPv6 for
    services:

      bunkerweb:
-        image: bunkerity/bunkerweb:1.5.8
+        image: bunkerity/bunkerweb:1.5.9
        environment:
          - USE_IPv6=yes

@ -1934,7 +1934,7 @@ By default, BunkerWeb will only listen on IPv4 addresses and won't use IPv6 for
    services:

      bunkerweb:
-        image: bunkerity/bunkerweb:1.5.8
+        image: bunkerity/bunkerweb:1.5.9
        environment:
          - USE_IPv6=yes

--- a/docs/requirements.in
+++ b/docs/requirements.in
@ -1,4 +1,4 @@
-mike==2.1.1
+mike==2.1.2
 mkdocs-material[imaging]==9.5.27
 mkdocs-print-site-plugin==2.5.0
 pytablewriter==1.2.0
--- a/docs/requirements.txt
+++ b/docs/requirements.txt
@ -8,9 +8,9 @@ babel==2.15.0 \
    --hash=sha256:08706bdad8d0a3413266ab61bd6c34d0c28d6e1e7badf40a2cebe67644e2e1fb \
    --hash=sha256:8daf0e265d05768bc6c7a314cf1321e9a123afc328cc635c18622a2f30a04413
    # via mkdocs-material
-cairocffi==1.7.0 \
-    --hash=sha256:1f29a8d41dbda4090c0aa33bcdea64f3b493e95f74a43ea107c4a8a7b7f632ef \
-    --hash=sha256:7761863603894305f3160eca68452f373433ca8745ab7dd445bd2c6ce50dcab7
+cairocffi==1.7.1 \
+    --hash=sha256:2e48ee864884ec4a3a34bfa8c9ab9999f688286eb714a15a43ec9d068c36557b \
+    --hash=sha256:9803a0e11f6c962f3b0ae2ec8ba6ae45e957a146a004697a1ac1bbf16b073b3f
    # via cairosvg
 cairosvg==2.7.1 \
    --hash=sha256:432531d72347291b9a9ebfb6777026b607563fd8719c46ee742db0aef7271ba0 \
@ -200,9 +200,9 @@ idna==3.7 \
    --hash=sha256:028ff3aadf0609c1fd278d8ea3089299412a7a8b9bd005dd08b9f8285bcb5cfc \
    --hash=sha256:82fee1fc78add43492d3a1898bfa6d8a904cc97d8427f683ed8e798d07761aa0
    # via requests
-importlib-metadata==7.1.0 \
-    --hash=sha256:30962b96c0c223483ed6cc7280e7f0199feb01a0e40cfae4d4450fc6fab1f570 \
-    --hash=sha256:b78938b926ee8d5f020fc4772d487045805a55ddbad2ecf21c6d60938dc7fcd2
+importlib-metadata==8.0.0 \
+    --hash=sha256:15584cf2b1bf449d98ff8a6ff1abef57bf20f3ac6454f431736cd3e660921b2f \
+    --hash=sha256:188bd24e4c346d3f0a933f275c2fec67050326a856b9a359881d7c2a697e8812
    # via
    #   markdown
    #   mike
@ -303,9 +303,9 @@ mergedeep==1.3.4 \
    # via
    #   mkdocs
    #   mkdocs-get-deps
-mike==2.1.1 \
-    --hash=sha256:0b1d01a397a423284593eeb1b5f3194e37169488f929b860c9bfe95c0d5efb79 \
-    --hash=sha256:f39ed39f3737da83ad0adc33e9f885092ed27f8c9e7ff0523add0480352a2c22
+mike==2.1.2 \
+    --hash=sha256:d59cc8054c50f9c8a046cfd47f9b700cf9ff1b2b19f420bd8812ca6f94fa8bd3 \
+    --hash=sha256:d61d9b423ab412d634ca2bd520136d5114e3cc73f4bbd1aa6a0c6625c04918c0
    # via -r requirements.in
 mkdocs==1.6.0 \
    --hash=sha256:1eb5cb7676b7d89323e62b56235010216319217d4af5ddc543a91beb8d125ea7 \
@ -608,9 +608,9 @@ requests==2.32.3 \
    #   importlib-resources

 # The following packages are considered to be unsafe in a requirements file:
-setuptools==70.0.0 \
-    --hash=sha256:54faa7f2e8d2d11bcd2c07bed282eef1046b5c080d1c32add737d7b5817b1ad4 \
-    --hash=sha256:f211a66637b8fa059bb28183da127d4e86396c991a942b028c6650d4319c3fd0
+setuptools==70.1.1 \
+    --hash=sha256:937a48c7cdb7a21eb53cd7f9b59e525503aa8abaf3584c730dc5f7a5bec3a650 \
+    --hash=sha256:a58a8fde0541dab0419750bcc521fbdf8585f6e5cb41909df3a472ef7b81ca95
    # via mkdocs-material
 six==1.16.0 \
    --hash=sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926 \
--- a/docs/security-tuning.md
+++ b/docs/security-tuning.md
@ -256,7 +256,7 @@ ModSecurity is integrated and enabled by default alongside the OWASP Core Rule S
 You can choose between the following versions of the OWASP Core Rule Set :

 - **3** : The version [v3.3.5](https://github.com/coreruleset/coreruleset/releases/tag/v3.3.5) of the OWASP Core Rule Set (***default***)
- **4** : The version [v4.2.0](https://github.com/coreruleset/coreruleset/releases/tag/v4.2.0) of the OWASP Core Rule Set
+- **4** : The version [v4.4.0](https://github.com/coreruleset/coreruleset/releases/tag/v4.4.0) of the OWASP Core Rule Set
 - **nightly** : The latest [nightly](https://github.com/coreruleset/coreruleset/releases/tag/nightly) build of the OWASP Core Rule Set which is updated every day

 !!! example "OWASP Core Rule Set's nightly build"
@ -605,7 +605,7 @@ You can quickly protect sensitive resources like the admin area for example, by

 ### Auth request

-You can deploy complex authentication (e.g. SSO), by using the auth request settings (see [here](https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-subrequest-authentication/) for more information on the feature). Please note that you will find [Authelia](https://www.authelia.com/) and [Authentik](https://goauthentik.io/) examples in the [repository](https://github.com/bunkerity/bunkerweb/tree/v1.5.8/examples).
+You can deploy complex authentication (e.g. SSO), by using the auth request settings (see [here](https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-subrequest-authentication/) for more information on the feature). Please note that you will find [Authelia](https://www.authelia.com/) and [Authentik](https://goauthentik.io/) examples in the [repository](https://github.com/bunkerity/bunkerweb/tree/v1.5.9/examples).

 **Auth request settings are related to reverse proxy rules.**

--- a/docs/upgrading.md
+++ b/docs/upgrading.md
@ -128,16 +128,16 @@
                ```yaml
                services:
                    bunkerweb:
-                        image: bunkerity/bunkerweb:1.5.8
+                        image: bunkerity/bunkerweb:1.5.9
                        ...
                    bw-scheduler:
-                        image: bunkerity/bunkerweb-scheduler:1.5.8
+                        image: bunkerity/bunkerweb-scheduler:1.5.9
                        ...
                    bw-autoconf:
-                        image: bunkerity/bunkerweb-autoconf:1.5.8
+                        image: bunkerity/bunkerweb-autoconf:1.5.9
                        ...
                    bw-ui:
-                        image: bunkerity/bunkerweb-ui:1.5.8
+                        image: bunkerity/bunkerweb-ui:1.5.9
                        ...
                ```

@ -170,7 +170,7 @@
                    Them, you can update BunkerWeb package :

                    ```shell
-                    sudo apt install -y bunkerweb=1.5.8
+                    sudo apt install -y bunkerweb=1.5.9
                    ```

                    To prevent upgrading BunkerWeb package when executing `apt upgrade`, you can use the following command :
@ -194,7 +194,7 @@
                    Them, you can update BunkerWeb package :

                    ```shell
-                    sudo dnf install -y bunkerweb-1.5.8
+                    sudo dnf install -y bunkerweb-1.5.9
                    ```

                    To prevent upgrading BunkerWeb package when executing `dnf upgrade`, you can use the following command :
@ -380,7 +380,7 @@

 !!! warning "Read this if you were a 1.4.X user"

-    A lot of things changed since the 1.4.X releases. Container-based integrations stacks contain more services but, trust us, fundamental principles of BunkerWeb are still there. You will find ready to use boilerplates for various integrations in the [misc/integrations](https://github.com/bunkerity/bunkerweb/tree/v1.5.8/misc/integrations) folder of the repository.
+    A lot of things changed since the 1.4.X releases. Container-based integrations stacks contain more services but, trust us, fundamental principles of BunkerWeb are still there. You will find ready to use boilerplates for various integrations in the [misc/integrations](https://github.com/bunkerity/bunkerweb/tree/v1.5.9/misc/integrations) folder of the repository.

 ### Scheduler

--- a/docs/web-ui.md
+++ b/docs/web-ui.md
@ -31,7 +31,7 @@ Because the web UI is a web application, the recommended installation procedure
    * Do not open the web UI on the Internet without any further restrictions
    * Apply settings listed in the [security tuning section](security-tuning.md) of the documentation

-    **Please note that using HTTPS in front the web UI is mandatory since version 1.5.8 of BunkerWeb.**
+    **Please note that using HTTPS in front the web UI is mandatory since version 1.5.9 of BunkerWeb.**

 !!! info "Multisite mode"

@ -82,7 +82,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th

    services:
      bunkerweb:
-        image: bunkerity/bunkerweb:1.5.8
+        image: bunkerity/bunkerweb:1.5.9
        ports:
          - 80:8080
          - 443:8443
@ -98,7 +98,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
          - bw-services

      bw-scheduler:
-        image: bunkerity/bunkerweb-scheduler:1.5.8
+        image: bunkerity/bunkerweb-scheduler:1.5.9
        depends_on:
          - bunkerweb
          - bw-docker
@ -120,7 +120,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
          - bw-docker

      bw-ui:
-        image: bunkerity/bunkerweb-ui:1.5.8
+        image: bunkerity/bunkerweb-ui:1.5.9
        depends_on:
          - bw-docker
        environment:
@ -173,7 +173,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th

    services:
      bunkerweb:
-        image: bunkerity/bunkerweb:1.5.8
+        image: bunkerity/bunkerweb:1.5.9
        ports:
          - 80:8080
          - 443:8443
@ -190,7 +190,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
          - bw-services

      bw-autoconf:
-        image: bunkerity/bunkerweb-autoconf:1.5.8
+        image: bunkerity/bunkerweb-autoconf:1.5.9
        depends_on:
          - bunkerweb
          - bw-docker
@ -203,7 +203,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
          - bw-docker

      bw-scheduler:
-        image: bunkerity/bunkerweb-scheduler:1.5.8
+        image: bunkerity/bunkerweb-scheduler:1.5.9
        depends_on:
          - bunkerweb
          - bw-docker
@ -238,7 +238,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
          - bw-docker

      bw-ui:
-        image: bunkerity/bunkerweb-ui:1.5.8
+        image: bunkerity/bunkerweb-ui:1.5.9
        networks:
          bw-docker:
          bw-universe:
@ -280,7 +280,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th

    services:
      bunkerweb:
-        image: bunkerity/bunkerweb:1.5.8
+        image: bunkerity/bunkerweb:1.5.9
        ports:
          - published: 80
            target: 8080
@ -310,7 +310,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
            - "bunkerweb.INSTANCE=yes"

      bw-autoconf:
-        image: bunkerity/bunkerweb-autoconf:1.5.8
+        image: bunkerity/bunkerweb-autoconf:1.5.9
        environment:
          - SWARM_MODE=yes
          - DOCKER_HOST=tcp://bw-docker:2375
@ -338,7 +338,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
              - "node.role == manager"

      bw-scheduler:
-        image: bunkerity/bunkerweb-scheduler:1.5.8
+        image: bunkerity/bunkerweb-scheduler:1.5.9
        environment:
          - SWARM_MODE=yes
          - DOCKER_HOST=tcp://bw-docker:2375
@ -365,7 +365,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
          - bw-universe

      bw-ui:
-        image: bunkerity/bunkerweb-ui:1.5.8
+        image: bunkerity/bunkerweb-ui:1.5.9
        environment:
          - SWARM_MODE=yes
          - DOCKER_HOST=tcp://bw-docker:2375
@ -456,7 +456,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
          containers:
            # using bunkerweb as name is mandatory
            - name: bunkerweb
-              image: bunkerity/bunkerweb:1.5.8
+              image: bunkerity/bunkerweb:1.5.9
              imagePullPolicy: Always
              securityContext:
                runAsUser: 101
@ -529,7 +529,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
          serviceAccountName: sa-bunkerweb
          containers:
            - name: bunkerweb-controller
-              image: bunkerity/bunkerweb-autoconf:1.5.8
+              image: bunkerity/bunkerweb-autoconf:1.5.9
              imagePullPolicy: Always
              env:
                - name: KUBERNETES_MODE
@ -556,7 +556,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
          serviceAccountName: sa-bunkerweb
          containers:
            - name: bunkerweb-scheduler
-              image: bunkerity/bunkerweb-scheduler:1.5.8
+              image: bunkerity/bunkerweb-scheduler:1.5.9
              imagePullPolicy: Always
              env:
                - name: KUBERNETES_MODE
@ -641,7 +641,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
          serviceAccountName: sa-bunkerweb
          containers:
            - name: bunkerweb-ui
-              image: bunkerity/bunkerweb-ui:1.5.8
+              image: bunkerity/bunkerweb-ui:1.5.9
              imagePullPolicy: Always
              env:
                - name: KUBERNETES_MODE
@ -840,7 +840,7 @@ After a successful login/password combination, you will be prompted to enter you

    !!! info "Database backend"

-        If you want another Database backend than MariaDB please refer to the docker-compose files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.8/misc/integrations) of the repository.
+        If you want another Database backend than MariaDB please refer to the docker-compose files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.9/misc/integrations) of the repository.

    Here is the docker-compose boilerplate that you can use (don't forget to edit the `changeme` data) :

@ -849,7 +849,7 @@ After a successful login/password combination, you will be prompted to enter you

    services:
      bunkerweb:
-        image: bunkerity/bunkerweb:1.5.8
+        image: bunkerity/bunkerweb:1.5.9
        ports:
          - 80:8080
          - 443:8443
@ -874,7 +874,7 @@ After a successful login/password combination, you will be prompted to enter you
          - bw-services

      bw-scheduler:
-        image: bunkerity/bunkerweb-scheduler:1.5.8
+        image: bunkerity/bunkerweb-scheduler:1.5.9
        depends_on:
          - bunkerweb
          - bw-docker
@ -896,7 +896,7 @@ After a successful login/password combination, you will be prompted to enter you
          - bw-docker

      bw-ui:
-        image: bunkerity/bunkerweb-ui:1.5.8
+        image: bunkerity/bunkerweb-ui:1.5.9
        depends_on:
          - bw-docker
        environment:
@ -962,7 +962,7 @@ After a successful login/password combination, you will be prompted to enter you

    !!! info "Database backend"

-        If you want another Database backend than MariaDB please refer to the docker-compose files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.8/misc/integrations) of the repository.
+        If you want another Database backend than MariaDB please refer to the docker-compose files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.9/misc/integrations) of the repository.

    Here is the docker-compose boilerplate that you can use (don't forget to edit the `changeme` data) :

@ -971,7 +971,7 @@ After a successful login/password combination, you will be prompted to enter you

    services:
      bunkerweb:
-        image: bunkerity/bunkerweb:1.5.8
+        image: bunkerity/bunkerweb:1.5.9
        ports:
          - 80:8080
          - 443:8443
@ -988,7 +988,7 @@ After a successful login/password combination, you will be prompted to enter you
          - bw-services

      bw-autoconf:
-        image: bunkerity/bunkerweb-autoconf:1.5.8
+        image: bunkerity/bunkerweb-autoconf:1.5.9
        depends_on:
          - bunkerweb
          - bw-docker
@ -1001,7 +1001,7 @@ After a successful login/password combination, you will be prompted to enter you
          - bw-docker

      bw-scheduler:
-        image: bunkerity/bunkerweb-scheduler:1.5.8
+        image: bunkerity/bunkerweb-scheduler:1.5.9
        depends_on:
          - bunkerweb
          - bw-docker
@ -1036,7 +1036,7 @@ After a successful login/password combination, you will be prompted to enter you
          - bw-docker

      bw-ui:
-        image: bunkerity/bunkerweb-ui:1.5.8
+        image: bunkerity/bunkerweb-ui:1.5.9
        networks:
          bw-docker:
          bw-universe:
@ -1098,7 +1098,7 @@ After a successful login/password combination, you will be prompted to enter you

    !!! info "Database backend"

-        If you want another Database backend than MariaDB please refer to the stack files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.8/misc/integrations) of the repository.
+        If you want another Database backend than MariaDB please refer to the stack files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.9/misc/integrations) of the repository.

    Here is the stack boilerplate that you can use (don't forget to edit the `changeme` data) :

@ -1107,7 +1107,7 @@ After a successful login/password combination, you will be prompted to enter you

    services:
      bunkerweb:
-        image: bunkerity/bunkerweb:1.5.8
+        image: bunkerity/bunkerweb:1.5.9
        ports:
          - published: 80
            target: 8080
@ -1137,7 +1137,7 @@ After a successful login/password combination, you will be prompted to enter you
            - "bunkerweb.INSTANCE=yes"

      bw-autoconf:
-        image: bunkerity/bunkerweb-autoconf:1.5.8
+        image: bunkerity/bunkerweb-autoconf:1.5.9
        environment:
          - SWARM_MODE=yes
          - DOCKER_HOST=tcp://bw-docker:2375
@ -1165,7 +1165,7 @@ After a successful login/password combination, you will be prompted to enter you
              - "node.role == manager"

      bw-scheduler:
-        image: bunkerity/bunkerweb-scheduler:1.5.8
+        image: bunkerity/bunkerweb-scheduler:1.5.9
        environment:
          - SWARM_MODE=yes
          - DOCKER_HOST=tcp://bw-docker:2375
@ -1192,7 +1192,7 @@ After a successful login/password combination, you will be prompted to enter you
          - bw-universe

      bw-ui:
-        image: bunkerity/bunkerweb-ui:1.5.8
+        image: bunkerity/bunkerweb-ui:1.5.9
        environment:
          - DATABASE_URI=mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db # Remember to set a stronger password for the database
          - DOCKER_HOST=tcp://bw-docker:2375
@ -1247,7 +1247,7 @@ After a successful login/password combination, you will be prompted to enter you

    !!! info "Database backend"

-        If you want another Database backend than MariaDB please refer to the yaml files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.8/misc/integrations) of the repository.
+        If you want another Database backend than MariaDB please refer to the yaml files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.9/misc/integrations) of the repository.

    Here is the yaml boilerplate that you can use (don't forget to edit the `changeme` data) :

@ -1302,7 +1302,7 @@ After a successful login/password combination, you will be prompted to enter you
          containers:
            # using bunkerweb as name is mandatory
            - name: bunkerweb
-              image: bunkerity/bunkerweb:1.5.8
+              image: bunkerity/bunkerweb:1.5.9
              imagePullPolicy: Always
              securityContext:
                runAsUser: 101
@ -1372,7 +1372,7 @@ After a successful login/password combination, you will be prompted to enter you
          serviceAccountName: sa-bunkerweb
          containers:
            - name: bunkerweb-controller
-              image: bunkerity/bunkerweb-autoconf:1.5.8
+              image: bunkerity/bunkerweb-autoconf:1.5.9
              imagePullPolicy: Always
              env:
                - name: KUBERNETES_MODE
@ -1399,7 +1399,7 @@ After a successful login/password combination, you will be prompted to enter you
          serviceAccountName: sa-bunkerweb
          containers:
            - name: bunkerweb-scheduler
-              image: bunkerity/bunkerweb-scheduler:1.5.8
+              image: bunkerity/bunkerweb-scheduler:1.5.9
              imagePullPolicy: Always
              env:
                - name: KUBERNETES_MODE
@ -1484,7 +1484,7 @@ After a successful login/password combination, you will be prompted to enter you
          serviceAccountName: sa-bunkerweb
          containers:
            - name: bunkerweb-ui
-              image: bunkerity/bunkerweb-ui:1.5.8
+              image: bunkerity/bunkerweb-ui:1.5.9
              imagePullPolicy: Always
              env:
                - name: ADMIN_USERNAME
--- a/examples/authelia/docker-compose.yml
+++ b/examples/authelia/docker-compose.yml
@ -2,7 +2,7 @@ version: "3.4"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -44,7 +44,7 @@ services:
      - app2.example.com_REVERSE_PROXY_HEADERS=Remote-User $$user;Remote-Groups $$groups;Remote-Name $$name;Remote-Email $$email

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/authentik/docker-compose.yml
+++ b/examples/authentik/docker-compose.yml
@ -2,7 +2,7 @@ version: "3.4"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -53,7 +53,7 @@ services:
      - app2.example.com_REVERSE_PROXY_HEADERS=X-authentik-username $$authentik_username;X-authentik-groups $$authentik_groups;X-authentik-email $$authentik_email;X-authentik-name $$authentik_name;X-authentik-uid $$authentik_uid

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/behind-reverse-proxy/docker-compose.yml
+++ b/examples/behind-reverse-proxy/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    environment:
      - SERVER_NAME=www.example.com # replace with your domains
      - API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
@ -24,7 +24,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/bigbluebutton/docker-compose.yml
+++ b/examples/bigbluebutton/docker-compose.yml
@ -27,7 +27,7 @@ services:
  ...

  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -50,7 +50,7 @@ services:
      bw-universe:

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/certbot-dns-cloudflare/docker-compose.yml
+++ b/examples/certbot-dns-cloudflare/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -33,7 +33,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/certbot-dns-digitalocean/docker-compose.yml
+++ b/examples/certbot-dns-digitalocean/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -33,7 +33,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/certbot-dns-google/docker-compose.yml
+++ b/examples/certbot-dns-google/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -33,7 +33,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/certbot-dns-ovh/docker-compose.yml
+++ b/examples/certbot-dns-ovh/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -33,7 +33,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/certbot-dns-route53/docker-compose.yml
+++ b/examples/certbot-dns-route53/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -33,7 +33,7 @@ services:
      - bw-services

  bbw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/cors/docker-compose.yml
+++ b/examples/cors/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -38,7 +38,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/docker-configs/docker-compose.yml
+++ b/examples/docker-configs/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -53,7 +53,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/drupal/docker-compose.yml
+++ b/examples/drupal/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -28,7 +28,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/ghost/docker-compose.yml
+++ b/examples/ghost/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -24,7 +24,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/gogs/docker-compose.yml
+++ b/examples/gogs/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -28,7 +28,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/hardened/docker-compose.yml
+++ b/examples/hardened/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    # dropping all capabilities
    cap_drop:
      - ALL
@ -39,7 +39,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/joomla/docker-compose.yml
+++ b/examples/joomla/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -28,7 +28,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/load-balancer/docker-compose.yml
+++ b/examples/load-balancer/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -31,7 +31,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/magento/docker-compose.yml
+++ b/examples/magento/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -29,7 +29,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/mattermost/docker-compose.yml
+++ b/examples/mattermost/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -44,7 +44,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/mongo-express/docker-compose.yml
+++ b/examples/mongo-express/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -27,7 +27,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/moodle/docker-compose.yml
+++ b/examples/moodle/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -25,7 +25,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/nextcloud/docker-compose.yml
+++ b/examples/nextcloud/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -54,7 +54,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/passbolt/docker-compose.yml
+++ b/examples/passbolt/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -26,7 +26,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/php-cookie-flags/docker-compose.yml
+++ b/examples/php-cookie-flags/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -31,7 +31,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/php-multisite/docker-compose.yml
+++ b/examples/php-multisite/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -34,7 +34,7 @@ services:
      - net-app2

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/php-singlesite/docker-compose.yml
+++ b/examples/php-singlesite/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -30,7 +30,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/prestashop/docker-compose.yml
+++ b/examples/prestashop/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -28,7 +28,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/proxy-protocol/docker-compose.yml
+++ b/examples/proxy-protocol/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    environment:
      - SERVER_NAME=www.example.com # replace with your domains
      - API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
@ -27,7 +27,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/radarr/docker-compose.yml
+++ b/examples/radarr/docker-compose.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -34,7 +34,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/redmine/docker-compose.yml
+++ b/examples/redmine/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -24,7 +24,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/reverse-proxy-multisite/docker-compose.yml
+++ b/examples/reverse-proxy-multisite/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -27,7 +27,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/reverse-proxy-singlesite/docker-compose.yml
+++ b/examples/reverse-proxy-singlesite/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -32,7 +32,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/reverse-proxy-websocket/docker-compose.yml
+++ b/examples/reverse-proxy-websocket/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -25,7 +25,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/stream-multisite/docker-compose.yml
+++ b/examples/stream-multisite/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080 # required to resolve let's encrypt challenges
      - 10000:10000 # app1 without SSL/TLS
@ -33,7 +33,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/syslog/docker-compose.yml
+++ b/examples/syslog/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    logging:
      driver: syslog
      options:
@ -28,7 +28,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    logging:
      driver: syslog
      options:
--- a/examples/tomcat/docker-compose.yml
+++ b/examples/tomcat/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -23,7 +23,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/tor-hidden-service/docker-compose.yml
+++ b/examples/tor-hidden-service/docker-compose.yml
@ -12,7 +12,7 @@ services:
      - bw-universe

  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    environment:
      - API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
      # disable common security measures based on IP
@ -34,7 +34,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/examples/web-ui/docker-compose.wizard.yml
+++ b/examples/web-ui/docker-compose.wizard.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -23,7 +23,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -45,7 +45,7 @@ services:
      - bw-docker

  bw-ui:
-    image: bunkerity/bunkerweb-ui:1.5.8
+    image: bunkerity/bunkerweb-ui:1.5.9
    depends_on:
      - bw-docker
    environment:
--- a/examples/web-ui/docker-compose.yml
+++ b/examples/web-ui/docker-compose.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -28,7 +28,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -50,7 +50,7 @@ services:
      - bw-docker

  bw-ui:
-    image: bunkerity/bunkerweb-ui:1.5.8
+    image: bunkerity/bunkerweb-ui:1.5.9
    depends_on:
      - bw-docker
    environment:
--- a/examples/wordpress/docker-compose.yml
+++ b/examples/wordpress/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"

 services:
  mybunker:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -25,7 +25,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - mybunker
    environment:
--- a/misc/integrations/autoconf.mariadb.ui.yml
+++ b/misc/integrations/autoconf.mariadb.ui.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -19,7 +19,7 @@ services:
      - bw-services

  bw-autoconf:
-    image: bunkerity/bunkerweb-autoconf:1.5.8
+    image: bunkerity/bunkerweb-autoconf:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -32,7 +32,7 @@ services:
      - bw-docker

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -67,7 +67,7 @@ services:
      - bw-docker

  bw-ui:
-    image: bunkerity/bunkerweb-ui:1.5.8
+    image: bunkerity/bunkerweb-ui:1.5.9
    networks:
      bw-docker:
      bw-universe:
--- a/misc/integrations/autoconf.mariadb.yml
+++ b/misc/integrations/autoconf.mariadb.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -19,7 +19,7 @@ services:
      - bw-services

  bw-autoconf:
-    image: bunkerity/bunkerweb-autoconf:1.5.8
+    image: bunkerity/bunkerweb-autoconf:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -32,7 +32,7 @@ services:
      - bw-docker

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
--- a/misc/integrations/autoconf.mysql.ui.yml
+++ b/misc/integrations/autoconf.mysql.ui.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -19,7 +19,7 @@ services:
      - bw-services

  bw-autoconf:
-    image: bunkerity/bunkerweb-autoconf:1.5.8
+    image: bunkerity/bunkerweb-autoconf:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -32,7 +32,7 @@ services:
      - bw-docker

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -67,7 +67,7 @@ services:
      - bw-docker

  bw-ui:
-    image: bunkerity/bunkerweb-ui:1.5.8
+    image: bunkerity/bunkerweb-ui:1.5.9
    networks:
      bw-docker:
      bw-universe:
--- a/misc/integrations/autoconf.mysql.yml
+++ b/misc/integrations/autoconf.mysql.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -19,7 +19,7 @@ services:
      - bw-services

  bw-autoconf:
-    image: bunkerity/bunkerweb-autoconf:1.5.8
+    image: bunkerity/bunkerweb-autoconf:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -32,7 +32,7 @@ services:
      - bw-docker

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
--- a/misc/integrations/autoconf.postgres.ui.yml
+++ b/misc/integrations/autoconf.postgres.ui.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -19,7 +19,7 @@ services:
      - bw-services

  bw-autoconf:
-    image: bunkerity/bunkerweb-autoconf:1.5.8
+    image: bunkerity/bunkerweb-autoconf:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -32,7 +32,7 @@ services:
      - bw-docker

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -66,7 +66,7 @@ services:
      - bw-docker

  bw-ui:
-    image: bunkerity/bunkerweb-ui:1.5.8
+    image: bunkerity/bunkerweb-ui:1.5.9
    networks:
      bw-docker:
      bw-universe:
--- a/misc/integrations/autoconf.postgres.yml
+++ b/misc/integrations/autoconf.postgres.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -19,7 +19,7 @@ services:
      - bw-services

  bw-autoconf:
-    image: bunkerity/bunkerweb-autoconf:1.5.8
+    image: bunkerity/bunkerweb-autoconf:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -32,7 +32,7 @@ services:
      - bw-docker

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
--- a/misc/integrations/autoconf.ui.yml
+++ b/misc/integrations/autoconf.ui.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -18,7 +18,7 @@ services:
      - bw-services

  bw-autoconf:
-    image: bunkerity/bunkerweb-autoconf:1.5.8
+    image: bunkerity/bunkerweb-autoconf:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -32,7 +32,7 @@ services:
      - bw-docker

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -56,7 +56,7 @@ services:
      - bw-docker

  bw-ui:
-    image: bunkerity/bunkerweb-ui:1.5.8
+    image: bunkerity/bunkerweb-ui:1.5.9
    networks:
      bw-docker:
      bw-universe:
--- a/misc/integrations/autoconf.yml
+++ b/misc/integrations/autoconf.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -18,7 +18,7 @@ services:
      - bw-services

  bw-autoconf:
-    image: bunkerity/bunkerweb-autoconf:1.5.8
+    image: bunkerity/bunkerweb-autoconf:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -32,7 +32,7 @@ services:
      - bw-docker

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
--- a/misc/integrations/docker.mariadb.ui.yml
+++ b/misc/integrations/docker.mariadb.ui.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -27,7 +27,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -49,7 +49,7 @@ services:
      - bw-docker

  bw-ui:
-    image: bunkerity/bunkerweb-ui:1.5.8
+    image: bunkerity/bunkerweb-ui:1.5.9
    depends_on:
      - bw-docker
    environment:
--- a/misc/integrations/docker.mariadb.yml
+++ b/misc/integrations/docker.mariadb.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -17,7 +17,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
--- a/misc/integrations/docker.mysql.ui.yml
+++ b/misc/integrations/docker.mysql.ui.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -27,7 +27,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -49,7 +49,7 @@ services:
      - bw-docker

  bw-ui:
-    image: bunkerity/bunkerweb-ui:1.5.8
+    image: bunkerity/bunkerweb-ui:1.5.9
    depends_on:
      - bw-docker
    environment:
--- a/misc/integrations/docker.mysql.yml
+++ b/misc/integrations/docker.mysql.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -17,7 +17,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
--- a/misc/integrations/docker.postgres.ui.yml
+++ b/misc/integrations/docker.postgres.ui.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -28,7 +28,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -50,7 +50,7 @@ services:
      - bw-docker

  bw-ui:
-    image: bunkerity/bunkerweb-ui:1.5.8
+    image: bunkerity/bunkerweb-ui:1.5.9
    depends_on:
      - bw-docker
    environment:
--- a/misc/integrations/docker.postgres.yml
+++ b/misc/integrations/docker.postgres.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -17,7 +17,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
--- a/misc/integrations/docker.ui.yml
+++ b/misc/integrations/docker.ui.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -23,7 +23,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
@ -46,7 +46,7 @@ services:
      - bw-docker

  bw-ui:
-    image: bunkerity/bunkerweb-ui:1.5.8
+    image: bunkerity/bunkerweb-ui:1.5.9
    depends_on:
      - bw-docker
    volumes:
--- a/misc/integrations/docker.yml
+++ b/misc/integrations/docker.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - 80:8080
      - 443:8443
@ -16,7 +16,7 @@ services:
      - bw-services

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    depends_on:
      - bunkerweb
      - bw-docker
--- a/misc/integrations/k8s.mariadb.ui.yml
+++ b/misc/integrations/k8s.mariadb.ui.yml
@ -48,7 +48,7 @@ spec:
      containers:
        # using bunkerweb as name is mandatory
        - name: bunkerweb
-          image: bunkerity/bunkerweb:1.5.8
+          image: bunkerity/bunkerweb:1.5.9
          imagePullPolicy: Always
          securityContext:
            runAsUser: 101
@ -118,7 +118,7 @@ spec:
      serviceAccountName: sa-bunkerweb
      containers:
        - name: bunkerweb-controller
-          image: bunkerity/bunkerweb-autoconf:1.5.8
+          image: bunkerity/bunkerweb-autoconf:1.5.9
          imagePullPolicy: Always
          env:
            - name: KUBERNETES_MODE
@ -145,7 +145,7 @@ spec:
      serviceAccountName: sa-bunkerweb
      containers:
        - name: bunkerweb-scheduler
-          image: bunkerity/bunkerweb-scheduler:1.5.8
+          image: bunkerity/bunkerweb-scheduler:1.5.9
          imagePullPolicy: Always
          env:
            - name: KUBERNETES_MODE
@ -230,7 +230,7 @@ spec:
      serviceAccountName: sa-bunkerweb
      containers:
        - name: bunkerweb-ui
-          image: bunkerity/bunkerweb-ui:1.5.8
+          image: bunkerity/bunkerweb-ui:1.5.9
          imagePullPolicy: Always
          env:
            - name: ADMIN_USERNAME
--- a/misc/integrations/k8s.mariadb.yml
+++ b/misc/integrations/k8s.mariadb.yml
@ -59,7 +59,7 @@ spec:
      containers:
        # using bunkerweb as name is mandatory
        - name: bunkerweb
-          image: bunkerity/bunkerweb:1.5.8
+          image: bunkerity/bunkerweb:1.5.9
          imagePullPolicy: Always
          securityContext:
            runAsUser: 101
@ -129,7 +129,7 @@ spec:
      serviceAccountName: sa-bunkerweb
      containers:
        - name: bunkerweb-controller
-          image: bunkerity/bunkerweb-autoconf:1.5.8
+          image: bunkerity/bunkerweb-autoconf:1.5.9
          imagePullPolicy: Always
          env:
            - name: KUBERNETES_MODE
@ -156,7 +156,7 @@ spec:
      serviceAccountName: sa-bunkerweb
      containers:
        - name: bunkerweb-scheduler
-          image: bunkerity/bunkerweb-scheduler:1.5.8
+          image: bunkerity/bunkerweb-scheduler:1.5.9
          imagePullPolicy: Always
          env:
            - name: KUBERNETES_MODE
--- a/misc/integrations/k8s.mysql.ui.yml
+++ b/misc/integrations/k8s.mysql.ui.yml
@ -48,7 +48,7 @@ spec:
      containers:
        # using bunkerweb as name is mandatory
        - name: bunkerweb
-          image: bunkerity/bunkerweb:1.5.8
+          image: bunkerity/bunkerweb:1.5.9
          imagePullPolicy: Always
          securityContext:
            runAsUser: 101
@ -118,7 +118,7 @@ spec:
      serviceAccountName: sa-bunkerweb
      containers:
        - name: bunkerweb-controller
-          image: bunkerity/bunkerweb-autoconf:1.5.8
+          image: bunkerity/bunkerweb-autoconf:1.5.9
          imagePullPolicy: Always
          env:
            - name: KUBERNETES_MODE
@ -145,7 +145,7 @@ spec:
      serviceAccountName: sa-bunkerweb
      containers:
        - name: bunkerweb-scheduler
-          image: bunkerity/bunkerweb-scheduler:1.5.8
+          image: bunkerity/bunkerweb-scheduler:1.5.9
          imagePullPolicy: Always
          env:
            - name: KUBERNETES_MODE
@ -230,7 +230,7 @@ spec:
      serviceAccountName: sa-bunkerweb
      containers:
        - name: bunkerweb-ui
-          image: bunkerity/bunkerweb-ui:1.5.8
+          image: bunkerity/bunkerweb-ui:1.5.9
          imagePullPolicy: Always
          env:
            - name: ADMIN_USERNAME
--- a/misc/integrations/k8s.mysql.yml
+++ b/misc/integrations/k8s.mysql.yml
@ -48,7 +48,7 @@ spec:
      containers:
        # using bunkerweb as name is mandatory
        - name: bunkerweb
-          image: bunkerity/bunkerweb:1.5.8
+          image: bunkerity/bunkerweb:1.5.9
          imagePullPolicy: Always
          securityContext:
            runAsUser: 101
@ -118,7 +118,7 @@ spec:
      serviceAccountName: sa-bunkerweb
      containers:
        - name: bunkerweb-controller
-          image: bunkerity/bunkerweb-autoconf:1.5.8
+          image: bunkerity/bunkerweb-autoconf:1.5.9
          imagePullPolicy: Always
          env:
            - name: KUBERNETES_MODE
@ -144,7 +144,7 @@ spec:
    spec:
      containers:
        - name: bunkerweb-controller
-          image: bunkerity/bunkerweb-autoconf:1.5.8
+          image: bunkerity/bunkerweb-autoconf:1.5.9
          imagePullPolicy: Always
          env:
            - name: KUBERNETES_MODE
--- a/misc/integrations/k8s.postgres.ui.yml
+++ b/misc/integrations/k8s.postgres.ui.yml
@ -48,7 +48,7 @@ spec:
      containers:
        # using bunkerweb as name is mandatory
        - name: bunkerweb
-          image: bunkerity/bunkerweb:1.5.8
+          image: bunkerity/bunkerweb:1.5.9
          imagePullPolicy: Always
          securityContext:
            runAsUser: 101
@ -118,7 +118,7 @@ spec:
      serviceAccountName: sa-bunkerweb
      containers:
        - name: bunkerweb-controller
-          image: bunkerity/bunkerweb-autoconf:1.5.8
+          image: bunkerity/bunkerweb-autoconf:1.5.9
          imagePullPolicy: Always
          env:
            - name: KUBERNETES_MODE
@ -145,7 +145,7 @@ spec:
      serviceAccountName: sa-bunkerweb
      containers:
        - name: bunkerweb-scheduler
-          image: bunkerity/bunkerweb-scheduler:1.5.8
+          image: bunkerity/bunkerweb-scheduler:1.5.9
          imagePullPolicy: Always
          env:
            - name: KUBERNETES_MODE
@ -230,7 +230,7 @@ spec:
      serviceAccountName: sa-bunkerweb
      containers:
        - name: bunkerweb-ui
-          image: bunkerity/bunkerweb-ui:1.5.8
+          image: bunkerity/bunkerweb-ui:1.5.9
          imagePullPolicy: Always
          env:
            - name: ADMIN_USERNAME
--- a/misc/integrations/k8s.postgres.yml
+++ b/misc/integrations/k8s.postgres.yml
@ -48,7 +48,7 @@ spec:
      containers:
        # using bunkerweb as name is mandatory
        - name: bunkerweb
-          image: bunkerity/bunkerweb:1.5.8
+          image: bunkerity/bunkerweb:1.5.9
          imagePullPolicy: Always
          securityContext:
            runAsUser: 101
@ -118,7 +118,7 @@ spec:
      serviceAccountName: sa-bunkerweb
      containers:
        - name: bunkerweb-controller
-          image: bunkerity/bunkerweb-autoconf:1.5.8
+          image: bunkerity/bunkerweb-autoconf:1.5.9
          imagePullPolicy: Always
          env:
            - name: KUBERNETES_MODE
@ -144,7 +144,7 @@ spec:
    spec:
      containers:
        - name: bunkerweb-controller
-          image: bunkerity/bunkerweb-autoconf:1.5.8
+          image: bunkerity/bunkerweb-autoconf:1.5.9
          imagePullPolicy: Always
          env:
            - name: KUBERNETES_MODE
--- a/misc/integrations/swarm.mariadb.ui.yml
+++ b/misc/integrations/swarm.mariadb.ui.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - published: 80
        target: 8080
@ -32,7 +32,7 @@ services:
        - "bunkerweb.INSTANCE=yes"

  bw-autoconf:
-    image: bunkerity/bunkerweb-autoconf:1.5.8
+    image: bunkerity/bunkerweb-autoconf:1.5.9
    environment:
      - SWARM_MODE=yes
      - DOCKER_HOST=tcp://bw-docker:2375
@ -60,7 +60,7 @@ services:
          - "node.role == manager"

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    environment:
      - SWARM_MODE=yes
      - DOCKER_HOST=tcp://bw-docker:2375
@ -87,7 +87,7 @@ services:
      - bw-universe

  bw-ui:
-    image: bunkerity/bunkerweb-ui:1.5.8
+    image: bunkerity/bunkerweb-ui:1.5.9
    environment:
      - DATABASE_URI=mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db # Remember to set a stronger password for the database
      - DOCKER_HOST=tcp://bw-docker:2375
--- a/misc/integrations/swarm.mariadb.yml
+++ b/misc/integrations/swarm.mariadb.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - published: 80
        target: 8080
@ -32,7 +32,7 @@ services:
        - "bunkerweb.INSTANCE=yes"

  bw-autoconf:
-    image: bunkerity/bunkerweb-autoconf:1.5.8
+    image: bunkerity/bunkerweb-autoconf:1.5.9
    environment:
      - SWARM_MODE=yes
      - DOCKER_HOST=tcp://bw-docker:2375
@ -64,7 +64,7 @@ services:
          - "node.role == manager"

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    environment:
      - SWARM_MODE=yes
      - DOCKER_HOST=tcp://bw-docker:2375
--- a/misc/integrations/swarm.mysql.ui.yml
+++ b/misc/integrations/swarm.mysql.ui.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - published: 80
        target: 8080
@ -32,7 +32,7 @@ services:
        - "bunkerweb.INSTANCE=yes"

  bw-autoconf:
-    image: bunkerity/bunkerweb-autoconf:1.5.8
+    image: bunkerity/bunkerweb-autoconf:1.5.9
    environment:
      - SWARM_MODE=yes
      - DOCKER_HOST=tcp://bw-docker:2375
@ -60,7 +60,7 @@ services:
          - "node.role == manager"

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    environment:
      - SWARM_MODE=yes
      - DOCKER_HOST=tcp://bw-docker:2375
@ -87,7 +87,7 @@ services:
      - bw-universe

  bw-ui:
-    image: bunkerity/bunkerweb-ui:1.5.8
+    image: bunkerity/bunkerweb-ui:1.5.9
    environment:
      - DATABASE_URI=mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db # Remember to set a stronger password for the database
      - DOCKER_HOST=tcp://bw-docker:2375
--- a/misc/integrations/swarm.mysql.yml
+++ b/misc/integrations/swarm.mysql.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - published: 80
        target: 8080
@ -32,7 +32,7 @@ services:
        - "bunkerweb.INSTANCE=yes"

  bw-autoconf:
-    image: bunkerity/bunkerweb-autoconf:1.5.8
+    image: bunkerity/bunkerweb-autoconf:1.5.9
    environment:
      - SWARM_MODE=yes
      - DOCKER_HOST=tcp://bw-docker:2375
@ -60,7 +60,7 @@ services:
          - "node.role == manager"

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    environment:
      - SWARM_MODE=yes
      - DOCKER_HOST=tcp://bw-docker:2375
--- a/misc/integrations/swarm.postgres.ui.yml
+++ b/misc/integrations/swarm.postgres.ui.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - published: 80
        target: 8080
@ -32,7 +32,7 @@ services:
        - "bunkerweb.INSTANCE=yes"

  bw-autoconf:
-    image: bunkerity/bunkerweb-autoconf:1.5.8
+    image: bunkerity/bunkerweb-autoconf:1.5.9
    environment:
      - SWARM_MODE=yes
      - DOCKER_HOST=tcp://bw-docker:2375
@ -60,7 +60,7 @@ services:
          - "node.role == manager"

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    environment:
      - SWARM_MODE=yes
      - DOCKER_HOST=tcp://bw-docker:2375
@ -86,7 +86,7 @@ services:
      - bw-universe

  bw-ui:
-    image: bunkerity/bunkerweb-ui:1.5.8
+    image: bunkerity/bunkerweb-ui:1.5.9
    environment:
      - DATABASE_URI=postgresql://bunkerweb:changeme@bw-db:5432/db
      - DOCKER_HOST=tcp://bw-docker:2375
--- a/misc/integrations/swarm.postgres.yml
+++ b/misc/integrations/swarm.postgres.yml
@ -2,7 +2,7 @@ version: "3.5"

 services:
  bunkerweb:
-    image: bunkerity/bunkerweb:1.5.8
+    image: bunkerity/bunkerweb:1.5.9
    ports:
      - published: 80
        target: 8080
@ -32,7 +32,7 @@ services:
        - "bunkerweb.INSTANCE=yes"

  bw-autoconf:
-    image: bunkerity/bunkerweb-autoconf:1.5.8
+    image: bunkerity/bunkerweb-autoconf:1.5.9
    environment:
      - SWARM_MODE=yes
      - DOCKER_HOST=tcp://bw-docker:2375
@ -60,7 +60,7 @@ services:
          - "node.role == manager"

  bw-scheduler:
-    image: bunkerity/bunkerweb-scheduler:1.5.8
+    image: bunkerity/bunkerweb-scheduler:1.5.9
    environment:
      - SWARM_MODE=yes
      - DOCKER_HOST=tcp://bw-docker:2375
--- a/misc/update-version.sh
+++ b/misc/update-version.sh
@ -44,7 +44,7 @@ sed -i "s@${OLD_VERSION}@${NEW_VERSION}@g" .github/ISSUE_TEMPLATE/bug_report.yml
 # pyproject
 sed -i "s@${OLD_VERSION}@${NEW_VERSION}@g" pyproject.toml
 # Dockerfiles
-sed -i "s@LABEL version.*@LABEL version \"$NEW_VERSION\"@g" src/bw/Dockerfile
-sed -i "s@LABEL version.*@LABEL version \"$NEW_VERSION\"@g" src/scheduler/Dockerfile
-sed -i "s@LABEL version.*@LABEL version \"$NEW_VERSION\"@g" src/ui/Dockerfile
-sed -i "s@LABEL version.*@LABEL version \"$NEW_VERSION\"@g" src/autoconf/Dockerfile
+sed -i "s@LABEL version.*@LABEL version=\"$NEW_VERSION\"@g" src/bw/Dockerfile
+sed -i "s@LABEL version.*@LABEL version=\"$NEW_VERSION\"@g" src/scheduler/Dockerfile
+sed -i "s@LABEL version.*@LABEL version=\"$NEW_VERSION\"@g" src/ui/Dockerfile
+sed -i "s@LABEL version.*@LABEL version=\"$NEW_VERSION\"@g" src/autoconf/Dockerfile
--- a/pyproject.toml
+++ b/pyproject.toml
@ -1,7 +1,7 @@
 [project]
 name = "BunkerWeb"
 description = "Make your web services secure by default !"
-version = "1.5.8"
+version = "1.5.9"
 authors = [
    { name = "Bunkerity", email = "contact@bunkerity.com" }
 ]
--- a/src/VERSION
+++ b/src/VERSION
@ -1 +1 @@
-1.5.8
+1.5.9
--- a/src/autoconf/Dockerfile
+++ b/src/autoconf/Dockerfile
@ -1,4 +1,4 @@
-FROM python:3.12.4-alpine3.19@sha256:ef3397d09070efd36583e83d2619cf8006158641e5b6b629d4d92a9778f5aa1c as builder
+FROM python:3.12.4-alpine3.19@sha256:ef3397d09070efd36583e83d2619cf8006158641e5b6b629d4d92a9778f5aa1c AS builder

 # Export var for specific actions on linux/arm/v7
 ARG TARGETPLATFORM
@ -64,10 +64,10 @@ RUN apk add --no-cache bash && \
 RUN apk add --no-cache "busybox>=1.36.1-r17" "busybox-binsh>=1.36.1-r17" "ssl_client>=1.36.1-r17" # CVE-2023-42363 CVE-2023-42364 CVE-2023-42365 CVE-2023-42366
 RUN apk add --no-cache "libcrypto3>=3.1.5-r0" "libssl3>=3.1.5-r0" # CVE-2024-4603

-LABEL maintainer "Bunkerity <contact@bunkerity.com>"
-LABEL version "1.5.8"
-LABEL url "https://www.bunkerweb.io"
-LABEL bunkerweb.type "autoconf"
+LABEL maintainer="Bunkerity <contact@bunkerity.com>"
+LABEL version="1.5.9"
+LABEL url="https://www.bunkerweb.io"
+LABEL bunkerweb.type="autoconf"

 VOLUME /data

--- a/src/bw/Dockerfile
+++ b/src/bw/Dockerfile
@ -1,4 +1,4 @@
-FROM nginx:1.26.1-alpine-slim@sha256:3df0d85b2e46d4195e7436c22694ef65944c48624282292cadfbf58ee0ad34ce AS builder
+FROM nginx:1.26.1-alpine-slim@sha256:ce01dacf330fdcbc3c93926291ab027396e7e9680a4180318b06e86525d1aa9f AS builder

 # Install temporary requirements for the dependencies
 RUN apk add --no-cache bash autoconf libtool automake geoip-dev g++ gcc curl-dev libxml2-dev pcre-dev make linux-headers musl-dev gd-dev gnupg brotli-dev openssl-dev patch readline-dev yajl yajl-dev yajl-tools py3-pip
@ -42,7 +42,7 @@ COPY src/common/utils utils
 COPY src/VERSION VERSION
 COPY misc/*.ascii misc/

-FROM nginx:1.26.1-alpine-slim@sha256:3df0d85b2e46d4195e7436c22694ef65944c48624282292cadfbf58ee0ad34ce
+FROM nginx:1.26.1-alpine-slim@sha256:ce01dacf330fdcbc3c93926291ab027396e7e9680a4180318b06e86525d1aa9f

 # Set default umask to prevent huge recursive chmod increasing the final image size
 RUN umask 027
@ -70,11 +70,11 @@ RUN apk add --no-cache openssl pcre bash python3 yajl geoip libxml2 libgd curl &
 # Fix CVEs
 RUN apk add --no-cache "busybox>=1.36.1-r17" "busybox-binsh>=1.36.1-r17" "ssl_client>=1.36.1-r17" # CVE-2023-42363 CVE-2023-42366

-LABEL maintainer "Bunkerity <contact@bunkerity.com>"
-LABEL version "1.5.8"
-LABEL url "https://www.bunkerweb.io"
-LABEL bunkerweb.type "bunkerweb"
-LABEL bunkerweb.INSTANCE "bunkerweb"
+LABEL maintainer="Bunkerity <contact@bunkerity.com>"
+LABEL version="1.5.9"
+LABEL url="https://www.bunkerweb.io"
+LABEL bunkerweb.type="bunkerweb"
+LABEL bunkerweb.INSTANCE="bunkerweb"

 EXPOSE 8080/tcp 8443/tcp 8443/udp

--- a/src/common/confs/default-server-http.conf
+++ b/src/common/confs/default-server-http.conf
@ -74,11 +74,16 @@ server {
 						.. nonce_script
 						.. "'; style-src 'nonce-"
 						.. nonce_style
-						.. "'; base-uri 'none'; img-src 'self' data:; font-src 'self' data:; require-trusted-types-for 'script';"
+						.. "'; frame-ancestors 'none'; base-uri 'none'; img-src 'self' data:; font-src 'self' data:; require-trusted-types-for 'script';"

 				-- Remove server header
 				ngx.header["Server"] = nil

+				-- Override HSTS header
+				if ngx.var.scheme == "https" then
+					ngx.header["Strict-Transport-Security"] = "max-age=31536000; includeSubDomains; preload"
+				end
+
 				-- Render template
 				render("index.html", {
 					nonce_style = nonce_style,
--- a/src/common/core/antibot/antibot.lua
+++ b/src/common/core/antibot/antibot.lua
@ -70,6 +70,7 @@ function antibot:header()
 			.. self.ctx.bw.antibot_nonce_script
 			.. "'",
 		["style-src"] = "'self' 'nonce-" .. self.ctx.bw.antibot_nonce_style .. "'",
+		["frame-ancestors"] = "'none'",
 		["require-trusted-types-for"] = "'script'",
 	}
 	if self.session_data.type == "recaptcha" then
--- a/src/common/core/errors/errors.lua
+++ b/src/common/core/errors/errors.lua
@ -89,16 +89,30 @@ function errors:render_template(code)
 	local nonce_script = rand(16)
 	local nonce_style = rand(16)

-	-- Override headers
-	local header = "Content-Security-Policy"
-	if self.variables["CONTENT_SECURITY_POLICY_REPORT_ONLY"] == "yes" then
-		header = header .. "-Report-Only"
-	end
-	ngx.header[header] = "default-src 'none'; form-action 'self'; script-src 'strict-dynamic' 'nonce-"
+	-- Override CSP header
+	--luacheck: ignore 631
+	ngx.header["Content-Security-Policy"] = "default-src 'none'; script-src http: https: 'unsafe-inline' 'strict-dynamic' 'nonce-"
 		.. nonce_script
-		.. "' 'unsafe-inline' http: https:; img-src 'self' data:; style-src 'self' 'nonce-"
+		.. "'; style-src 'nonce-"
 		.. nonce_style
-		.. "'; font-src 'self' data:; base-uri 'self'; require-trusted-types-for 'script';"
+		--luacheck: ignore 631
+		.. "'; frame-ancestors 'none'; base-uri 'none'; img-src 'self' data:; font-src 'self' data:; require-trusted-types-for 'script';"
+
+	-- Remove server header
+	ngx.header["Server"] = nil
+
+	-- Override HSTS header
+	local ssl
+
+	if self.ctx.bw and self.ctx.bw.scheme == "https" then
+		ssl = true
+	else
+		ssl = ngx.var.scheme == "https"
+	end
+
+	if ssl then
+		ngx.header["Strict-Transport-Security"] = "max-age=31536000; includeSubDomains; preload"
+	end

 	-- Render template
 	render("error.html", {
--- a/src/common/core/misc/confs/default-server-http/page.conf
+++ b/src/common/core/misc/confs/default-server-http/page.conf
@ -20,13 +20,18 @@ location / {
 			local nonce_style = rand(16)

 			-- Override CSP header
-			ngx.header["Content-Security-Policy"] = "default-src 'none'; form-action 'self'; img-src 'self' data:; style-src 'self' 'nonce-"
+			ngx.header["Content-Security-Policy"] = "default-src 'none'; frame-ancestors 'none'; form-action 'self'; img-src 'self' data:; style-src 'self' 'nonce-"
 				.. nonce_style
 				.. "'; font-src 'self' data:; base-uri 'self'; require-trusted-types-for 'script';"

 			-- Remove server header
 			ngx.header["Server"] = nil

+			-- Override HSTS header
+			if ngx.var.scheme == "https" then
+				ngx.header["Strict-Transport-Security"] = "max-age=31536000; includeSubDomains; preload"
+			end
+
 			-- Render template
 			render("default.html", {
 				nonce_style = nonce_style,
--- a/src/common/core/modsecurity/files/coreruleset-v4/.changes-pending.md
+++ b/src/common/core/modsecurity/files/coreruleset-v4/.changes-pending.md
--- a/src/common/core/modsecurity/files/coreruleset-v4/.github/create-changelog-prs.py
+++ b/src/common/core/modsecurity/files/coreruleset-v4/.github/create-changelog-prs.py
@ -1,356 +0,0 @@
-#! /usr/bin/env python
-
-import argparse
-import subprocess
-import json
-import datetime
-import sys
-import os
-import re
-from inspect import getframeinfo, currentframe
-
-DEVELOPERS = {}
-CHANGELOG_LABEL = "changelog-pr"
-
-
-def get_pr(repository: str, number: int) -> dict:
-    command = f"""gh pr view \
-        --repo "{repository}" \
-        "{number}" \
-        --json mergeCommit,mergedBy,title,author,headRefName,baseRefName,number,body
-    """
-    with subprocess.Popen(
-        command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE
-    ) as proc:
-        pr_json, errors = proc.communicate()
-        if proc.returncode != 0:
-            print_errors(errors)
-            sys.exit(1)
-        return json.loads(pr_json)
-
-
-def get_prs(
-    repository: str, start_date: datetime.date, end_date: datetime.date, dry_run: bool
-) -> (list, list):
-    print(f"Fetching merged PRs from {start_date} through {end_date}")
-    options = ['--merged-at "{start_date}..{end_date}"']
-    all_prs = fetch_prs(repository, options, dry_run)
-
-    print(f"Fetching open changelog PRs from {start_date} through {end_date}")
-    options = ["--state open"]
-    all_prs.extend(fetch_prs(repository, options, dry_run))
-    prs = []
-    changelog_prs = []
-    for result in all_prs:
-        if CHANGELOG_LABEL in [label["name"] for label in result["labels"]]:
-            changelog_prs.append(get_pr(repository, result["number"]))
-        else:
-            prs.append(get_pr(repository, result["number"]))
-
-    return (prs, changelog_prs)
-
-
-def fetch_prs(repository: str, options: list[str], dry_run: bool) -> list[dict]:
-    command = f"""gh search prs \
-        --repo "{repository}" \
-        --json number,labels \
-    """
-    for option in options:
-        command += " " + option
-
-    if dry_run:
-        print(command)
-        return []
-
-    with subprocess.Popen(
-        command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE
-    ) as proc:
-        prs_json, errors = proc.communicate()
-        if proc.returncode != 0:
-            print_errors(errors)
-            sys.exit(1)
-        return json.loads(prs_json)
-
-
-def parse_prs(prs: list) -> dict:
-    pr_map = {}
-    for pr in prs:
-        merged_by = pr["mergedBy"]["login"]
-        if merged_by not in pr_map:
-            pr_list = []
-            pr_map[merged_by] = pr_list
-        else:
-            pr_list = pr_map[merged_by]
-        pr_list.append(pr)
-    return pr_map
-
-
-def create_prs(
-    repository: str,
-    merged_by_prs_map: dict,
-    changelog_prs: list,
-    start_date: datetime.date,
-    end_date: datetime.date,
-    dry_run: bool,
-):
-    for author in merged_by_prs_map.keys():
-        create_pr(
-            repository,
-            author,
-            merged_by_prs_map[author],
-            changelog_prs,
-            start_date,
-            end_date,
-            dry_run,
-        )
-
-
-def create_pr(
-    repository: str,
-    merged_by: str,
-    prs: list,
-    changelog_prs: list,
-    start_date: datetime.date,
-    end_date: datetime.date,
-    dry_run: bool,
-):
-    if len(prs) == 0:
-        return
-
-    print(f"Creating changelog PR for @{merged_by}")
-
-    base_branch = prs[0]["baseRefName"]
-    checkout_base(base_branch, dry_run)
-    pr_branch_name = create_pr_branch(start_date, end_date, merged_by, dry_run)
-    pr_body, changelog_lines = generate_content(prs, merged_by)
-    create_commit(changelog_lines, dry_run)
-    push_pr_branch(pr_branch_name, dry_run)
-
-    print("\tCreating PR...")
-    command = f"""gh pr create \
-        --repo "{repository}" \
-        --assignee "{merged_by}" \
-        --base "{base_branch}" \
-        --label "{CHANGELOG_LABEL}" \
-        --title "chore: changelog updates since {start_date}, merged by @{merged_by}" \
-        --body-file -
-    """
-
-    if dry_run:
-        print(command)
-        return
-
-    with subprocess.Popen(
-        command,
-        shell=True,
-        stdin=subprocess.PIPE,
-        stdout=subprocess.PIPE,
-        stderr=subprocess.PIPE,
-    ) as proc:
-        outs, errors = proc.communicate(input=pr_body.encode())
-        if proc.returncode != 0:
-            print_errors(errors)
-            sys.exit(1)
-        print(f"Created PR: {outs.decode()}")
-
-
-def checkout_base(base_ref: str, dry_run: bool):
-    print("\tChecking out base ref ...")
-    command = f"git checkout {base_ref}"
-
-    if dry_run:
-        print(command)
-        return
-
-    with subprocess.Popen(
-        command,
-        shell=True,
-        stdout=subprocess.PIPE,
-        stderr=subprocess.PIPE,
-    ) as proc:
-        outs, errors = proc.communicate()
-        if proc.returncode != 0:
-            print_errors(errors)
-            sys.exit(1)
-
-
-def create_commit(changelog_lines: str, dry_run: bool):
-    print("\tCreating commit...")
-
-    if dry_run:
-        print("Changelogs to append:")
-        print(changelog_lines)
-    else:
-        with open(".changes-pending.md", "a", encoding="utf-8") as changelog:
-            changelog.write(changelog_lines)
-
-    command = "git commit .changes-pending.md -m 'Add pending changelog entries'"
-    if dry_run:
-        print(command)
-    else:
-        with subprocess.Popen(command, shell=True, stderr=subprocess.PIPE) as proc:
-            _, errors = proc.communicate()
-            if proc.returncode != 0:
-                print_errors(errors)
-                sys.exit(1)
-
-
-def generate_content(prs: list, merged_by: str) -> (str, str):
-    print("\tGenerating PR content...")
-    changelog_lines = ""
-    pr_body = f"This PR was auto-generated to update the changelog with the following entries, merged by @{merged_by}:\n```\n"
-    pr_links = ""
-    for pr in prs:
-        pr_number = pr["number"]
-        pr_title = pr["title"]
-        pr_author = get_pr_author_name(pr["author"]["login"])
-        new_line = f" * {pr_title} ({pr_author}) [#{pr_number}]\n"
-        pr_body += new_line
-        pr_links += f"- #{pr_number}\n"
-
-        changelog_lines += new_line
-    pr_body += "```\n\n" + pr_links
-
-    return pr_body, changelog_lines
-
-
-def get_pr_author_name(login: str) -> str:
-    if len(DEVELOPERS) == 0:
-        parse_contributors()
-
-    return DEVELOPERS[login] if login in DEVELOPERS else f"@{login}"
-
-
-def parse_contributors():
-    regex = re.compile(r"^\s*?-\s*?\[([^]]+)\]\s*?\(http.*/([^/]+)\s*?\)")
-    with open("CONTRIBUTORS.md", "rt", encoding="utf-8") as handle:
-        line = handle.readline()
-        while not ("##" in line and "Contributors" in line):
-            match = regex.match(line)
-            if match:
-                DEVELOPERS[match.group(2)] = match.group(1)
-            line = handle.readline()
-
-
-def create_pr_branch(
-    start_date: datetime.date,
-    end_date: datetime.date,
-    author: str,
-    dry_run: bool,
-) -> str:
-    print("\tCreating branch...")
-    branch_name = f"changelog-updates-{start_date}-{end_date}-{author}"
-    command = f"git checkout -b {branch_name}"
-
-    if dry_run:
-        print(command)
-    else:
-        with subprocess.Popen(command, shell=True, stderr=subprocess.PIPE) as proc:
-            _, errors = proc.communicate()
-            if proc.returncode != 0:
-                print_errors(errors)
-                sys.exit(1)
-
-    return branch_name
-
-
-def push_pr_branch(branch_name: str, dry_run: bool):
-    print("\tPushing branch...")
-    command = f"git push -u origin {branch_name}"
-
-    if dry_run:
-        print(command)
-    else:
-        with subprocess.Popen(command, shell=True, stderr=subprocess.PIPE) as proc:
-            _, errors = proc.communicate()
-            if proc.returncode != 0:
-                print_errors(errors)
-                sys.exit(1)
-
-
-def run():
-    # disable pager
-    os.environ["GH_PAGER"] = ""
-    # set variables for Git
-    os.environ["GIT_AUTHOR_NAME"] = "changelog-pr-bot"
-    os.environ["GIT_AUTHOR_EMAIL"] = "dummy@coreruleset.org"
-    os.environ["GIT_COMMITTER_NAME"] = "changelog-pr-bot"
-    os.environ["GIT_COMMITTER_EMAIL"] = "dummy@coreruleset.org"
-
-    args = parse_command_line()
-    from_date = (
-        args.from_date
-        if args.from_date is not None
-        else args.to_date - datetime.timedelta(days=7)
-    )
-    run_workflow(args.source, args.target, from_date, args.to_date, args.dry_run)
-
-
-def run_workflow(
-    source_repository: str,
-    target_repository: str,
-    start_date: datetime.date,
-    end_date: datetime.date,
-    dry_run: bool,
-):
-    prs, changelog_prs = get_prs(source_repository, start_date, end_date, dry_run)
-    prs_length = len(prs)
-    print(f"Found {prs_length} PRs")
-    if prs_length == 0:
-        return
-
-    prs = filter_prs(prs, changelog_prs)
-
-    merged_by_prs_map = parse_prs(prs)
-    create_prs(
-        target_repository,
-        merged_by_prs_map,
-        changelog_prs,
-        start_date,
-        end_date,
-        dry_run,
-    )
-
-
-def filter_prs(prs: list, changelog_prs: list) -> list:
-    filtered_prs = []
-    for pr in prs:
-        found = False
-        for cpr in changelog_prs:
-            for line in cpr["body"].splitlines():
-                if line.endswith(f"[#{pr['number']}]"):
-                    print(
-                        f"PR {pr['number']} was processed in a previous run. Skipping..."
-                    )
-                    found = True
-                    break
-            if found:
-                break
-        if not found:
-            filtered_prs.append(pr)
-    return filtered_prs
-
-
-def print_errors(errors: str):
-    print(f"{getframeinfo(currentframe().f_back).lineno}:", errors)
-
-
-def parse_command_line():
-    parser = argparse.ArgumentParser()
-    parser.add_argument("--source", default="coreruleset/coreruleset")
-    parser.add_argument("--target", default="coreruleset/coreruleset")
-    # the cron schedule for the workflow uses UTC
-    parser.add_argument("--from", type=datetime.date.fromisoformat, dest="from_date")
-    parser.add_argument(
-        "--to",
-        type=datetime.date.fromisoformat,
-        default=datetime.datetime.now(datetime.timezone.utc).date(),
-        dest="to_date",
-    )
-    parser.add_argument("--dry-run", action="store_true")
-
-    return parser.parse_args()
-
-
-if __name__ == "__main__":
-    run()
--- a/src/common/core/modsecurity/files/coreruleset-v4/.github/workflows/update-changelog.yaml
+++ b/src/common/core/modsecurity/files/coreruleset-v4/.github/workflows/update-changelog.yaml
@ -1,42 +0,0 @@
-name: Create changelog PRs
-
-# default token permissions: none
-permissions: {}
-
-on:
-  workflow_dispatch:
-  schedule:
-    - cron: '0 4 * * Sun' # run on Sundays at 4 AM UTC
-
-jobs:
-  create-changelog-prs:
-    permissions:
-      contents: write
-      pull-requests: write
-    runs-on: ubuntu-latest
-    steps:
-      - name: "Checkout repo"
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.2
-
-      - name: Set up Python 3
-        uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
-        with:
-          python-version: 3.12
-
-      - name: Check GH API rate limits
-        run: |
-          gh api -i repos/coreruleset/coreruleset/releases/latest | grep -i "x-ratelimit"
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: "Run script"
-        run: ".github/create-changelog-prs.py"
-        env:
-          # Required for the use of the gh CLI in the script
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Check GH API rate limits
-        run: |
-          gh api -i repos/coreruleset/coreruleset/releases/latest | grep -i "x-ratelimit"
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/src/common/core/modsecurity/files/coreruleset-v4/CHANGES.md
+++ b/src/common/core/modsecurity/files/coreruleset-v4/CHANGES.md
@ -8,6 +8,16 @@
 ## Nightly builds
 New changelog entries are written to `.changes-pending.md`. They will be moved to the main changelog before a release.

+## Version 4.4.0 - 2024-06-23
+
+### 🆕 New features and detections 🎉
+* fix: ignore checking compressed response body by @azurit in https://github.com/coreruleset/coreruleset/pull/3712
+
+### 🧰 Other Changes
+* fix(934140): update regex by @fzipi in https://github.com/coreruleset/coreruleset/pull/3731
+* fix: replacing t:UrlDecode with t:UrlDecodeUni (921240 PL1, 932170 PL1, 932171 PL1, 932190 PL3, 932190 PL1, 933211 PL3, 941310 PL1, 941350 PL1) by @azurit in https://github.com/coreruleset/coreruleset/pull/3713
+* feat: skip response rules if data are compressed by @azurit in https://github.com/coreruleset/coreruleset/pull/3742
+
 ## Version 4.3.0 - 2024-05-24

 ### 🆕 New features and detections 🎉
--- a/src/common/core/modsecurity/files/coreruleset-v4/crs-setup.conf.example
+++ b/src/common/core/modsecurity/files/coreruleset-v4/crs-setup.conf.example
@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP CRS ver.4.3.0
+# OWASP CRS ver.4.4.0
 # Copyright (c) 2006-2020 Trustwave and contributors. All rights reserved.
 # Copyright (c) 2021-2024 CRS project. All rights reserved.
 #
@ -181,7 +181,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:tx.blocking_paranoia_level=1"


@ -209,7 +209,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:tx.detection_paranoia_level=1"


@ -235,7 +235,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:tx.enforce_bodyproc_urlencoded=1"


@ -270,7 +270,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:tx.critical_anomaly_score=5,\
 #    setvar:tx.error_anomaly_score=4,\
 #    setvar:tx.warning_anomaly_score=3,\
@ -324,7 +324,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:tx.inbound_anomaly_score_threshold=5,\
 #    setvar:tx.outbound_anomaly_score_threshold=4"

@ -385,7 +385,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:tx.reporting_level=4"


@ -417,7 +417,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:tx.early_blocking=1"


@ -438,7 +438,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:tx.enable_default_collections=1"


@ -466,7 +466,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:'tx.allowed_methods=GET HEAD POST OPTIONS'"

 # Content-Types that a client is allowed to send in a request.
@ -496,7 +496,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    nolog,\
 #    tag:'OWASP_CRS',\
 #    ctl:ruleRemoveById=920420,\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    chain"
 #    SecRule REQUEST_URI "@rx ^/foo/bar" \
 #        "t:none"
@ -510,7 +510,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:'tx.allowed_request_content_type=|application/x-www-form-urlencoded| |multipart/form-data| |multipart/related| |text/xml| |application/xml| |application/soap+xml| |application/json| |application/cloudevents+json| |application/cloudevents-batch+json|'"

 # Allowed HTTP versions.
@ -526,7 +526,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:'tx.allowed_http_versions=HTTP/1.0 HTTP/1.1 HTTP/2 HTTP/2.0 HTTP/3 HTTP/3.0'"

 # Forbidden file extensions.
@ -550,7 +550,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:'tx.restricted_extensions=.asa/ .asax/ .ascx/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .rdb/ .resources/ .resx/ .sql/ .swp/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/'"

 # Restricted request headers.
@ -595,7 +595,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:'tx.restricted_headers_basic=/content-encoding/ /proxy/ /lock-token/ /content-range/ /if/ /x-http-method-override/ /x-http-method/ /x-method-override/'"
 #
 # [ Extended ]
@ -621,7 +621,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:'tx.restricted_headers_extended=/accept-charset/'"

 # Content-Types charsets that a client is allowed to send in a request.
@ -635,7 +635,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:'tx.allowed_request_content_type_charset=|utf-8| |iso-8859-1| |iso-8859-15| |windows-1252|'"

 #
@ -661,7 +661,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:tx.max_num_args=255"

 # Block request if the length of any argument name is too high
@ -675,7 +675,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:tx.arg_name_length=100"

 # Block request if the length of any argument value is too high
@ -689,7 +689,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:tx.arg_length=400"

 # Block request if the total length of all combined arguments is too high
@ -703,7 +703,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:tx.total_arg_length=64000"

 # Block request if the file size of any individual uploaded file is too high
@ -717,7 +717,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:tx.max_file_size=1048576"

 # Block request if the total size of all combined uploaded files is too high
@ -731,7 +731,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:tx.combined_file_sizes=1048576"


@ -771,7 +771,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    pass,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:tx.sampling_percentage=100"


@ -792,7 +792,7 @@ SecDefaultAction "phase:2,log,auditlog,pass"
 #    t:none,\
 #    nolog,\
 #    tag:'OWASP_CRS',\
-#    ver:'OWASP_CRS/4.3.0',\
+#    ver:'OWASP_CRS/4.4.0',\
 #    setvar:tx.crs_validate_utf8_encoding=1"


@ -814,5 +814,5 @@ SecAction \
    t:none,\
    nolog,\
    tag:'OWASP_CRS',\
-    ver:'OWASP_CRS/4.3.0',\
-    setvar:tx.crs_setup_version=430"
+    ver:'OWASP_CRS/4.4.0',\
+    setvar:tx.crs_setup_version=440"
--- a/src/common/core/modsecurity/files/coreruleset-v4/regex-assembly/934140.ra
+++ b/src/common/core/modsecurity/files/coreruleset-v4/regex-assembly/934140.ra
@ -1,4 +1,15 @@
 ##! Please refer to the documentation at
 ##! https://coreruleset.org/docs/development/regex_assembly/.

-\@\{.*\}
+##! The text describes a performance issue with a simple regular expression "@{.*}" used for searching. The problem arises because the ".*" part matches any character zero or more times, which can lead to inefficient searching in some engines.
+
+##! We want to reduce the possibility of impacting performance by removing the strings we can match before the one we are looking, "@{"
+##! This regex avoids the double backtracking problem and ensures it finds the first "@{" efficiently.
+
+##! The prefix here to prevent backtracking is:
+##! - something that is not an '@'
+##! - or something that is an '@', but is not followed by '{'
+
+##!^ ^(?:[^@]|@[^{])*
+
+@+{.*}
--- a/Show more
+++ b/Show more
 @ -1 +1 @@
 .5.8
 .5.9