docs - add missing stream support icons and review security tuning backup section

2026-05-24 09:28:37 +00:00 · 2024-04-05 15:00:34 +02:00 · 2024-04-05 15:00:34 +02:00 · cca461b4ba
commit cca461b4ba
parent 391868b040
5 changed files with 22 additions and 9 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -8,8 +8,10 @@
 - [FEATURE] Add the possibility to add custom bwcli commands in plugins
 - [FEATURE] Add backup plugin to backup and restore easily the database
 - [FEATURE] Add LETS_ENCRYPT_CLEAR_OLD_CERTS setting to control if old certificates should be removed when generating Let's Encrypt certificates (default is no)
+- [FEATURE] Add DISABLE_DEFAULT_SERVER_STRICT_SNI setting to allow/block requests when SNI is unknown or unset (default is no)
 - [MISC] Remove potential false positives with ModSecurity on the jobs page of the web UI
 - [MISC] Fix rare bug when downloading new mmdb files
+- [DOCUMENTATION] Add procedure to follow when upgrading from 1.5.7+
 - [DOCUMENTATION] Add documentation about the procedure to follow when upgrading from a version prior to 1.5.0
 - [DEPS] Updated LuaJIT version to v2.1-20240314

--- a/docs/json2md.py
+++ b/docs/json2md.py
@ -10,6 +10,7 @@ import zipfile
 import shutil
 from contextlib import suppress

+from os import getenv

 def print_md_table(settings) -> MarkdownTableWriter:
    writer = MarkdownTableWriter(
@ -84,8 +85,11 @@ for core in glob("src/common/core/*/plugin.json"):
                core_settings[core_plugin["name"]] = core_plugin

 # Get PRO plugins
-with open("src/VERSION", "r") as f:
-    version = f.read().strip()
+if getenv("VERSION"):
+    version = getenv("VERSION")
+else:
+    with open("src/VERSION", "r") as f:
+        version = f.read().strip()
 url = f"https://assets.bunkerity.com/bw-pro/preview/v{version}.zip"
 response = requests.get(url)
 response.raise_for_status()
--- a/docs/security-tuning.md
+++ b/docs/security-tuning.md
@ -553,6 +553,8 @@ You can deploy complex authentication (e.g. SSO), by using the auth request sett

 ### Monitoring <img src='../assets/img/pro-icon.svg' alt='crow pro icon' height='24px' width='24px' style="transform : translateY(3px);"> (PRO)

+STREAM support :x:
+
 The monitoring plugin lets you collect and retrieve metrics about BunkerWeb. By enabling it, your instance(s) will start collecting various data related to attacks, requests and performance. You can then retrieve them by calling the `/monitoring` API endpoint on regular basis or by using other plugins like the Prometheus exporter one.

 **List of features**
@ -571,6 +573,8 @@ The monitoring plugin lets you collect and retrieve metrics about BunkerWeb. By

 ### Prometheus exporter <img src='../assets/img/pro-icon.svg' alt='crow pro icon' height='24px' width='24px' style="transform : translateY(3px);"> (PRO)

+STREAM support :x:
+
 The Prometheus exporter plugin adds a [Prometheus exporter](https://prometheus.io/docs/instrumenting/exporters/) on your BunkerWeb instance(s). When enabled, you can configure your Prometheus instance(s) to scrape a specific endpoint on Bunkerweb and gather internal metrics.

 We also provide a [Grafana dashboard](https://grafana.com/grafana/dashboards/20755-bunkerweb/) that you can import into your own instance and connect to your own Prometheus datasource.
@ -595,10 +599,11 @@ We also provide a [Grafana dashboard](https://grafana.com/grafana/dashboards/207

 ### Reporting <img src='../assets/img/pro-icon.svg' alt='crow pro icon' height='24px' width='24px' style="transform : translateY(3px);"> (PRO)

+STREAM support :x:
+
 !!! warning "Monitoring plugin needed"
    This plugins requires the Monitoring Pro plugin to be installed and enabled with the `USE_MONITORING` setting set to `yes`.

-
 The Reporting plugin provides a comprehensive solution for regular reporting of important data from BunkerWeb, including global statistics, attacks, bans, requests, reasons, and AS information. It offers a wide range of features, including automatic report creation, customization options, and seamless integration with monitoring pro plugin. With the Reporting plugin, you can easily generate and manage reports to monitor the performance and security of your application.

 **List of features**
@ -625,7 +630,6 @@ The Reporting plugin provides a comprehensive solution for regular reporting of
 | `REPORTING_SMTP_FROM_PASSWORD` |          | `global` | The password authentication value for sending via the from email address.                                                          |
 | `REPORTING_SMTP_SSL`           | `SSL`    | `global` | Determine whether or not to use a secure connection for SMTP.                                                                      |

-
 !!! info "Information and behavior"
    - case `USE_REPORTING_SMTP` is set to `yes`, the setting `REPORTING_SMTP_EMAILS` must be set.
    - case `USE_REPORTING_WEBHOOK` is set to `yes`, the setting `REPORTING_WEBHOOK_URLS` must be set.
@ -636,7 +640,9 @@ The Reporting plugin provides a comprehensive solution for regular reporting of

 ## Backup and restore

-### Backup
+STREAM support :white_check_mark:
+
+### Automated backup

 Data is invaluable, especially in digital environments where it's susceptible to loss due to various factors such as hardware failures, software errors, or human mistakes. To mitigate such risks and ensure the safety and availability of your important files, it's crucial to establish a robust backup system. This section outlines the backup functionality provided by BunkerWeb, allowing you to securely store your data in a custom location through regular backups.

@ -652,7 +658,7 @@ Data is invaluable, especially in digital environments where it's susceptible to
 | `BACKUP_SCHEDULE`  | `daily`                      | global  | no       | The frequency of the backup                   |
 | `BACKUP_ROTATION`  | `7`                          | global  | no       | The number of backups to keep                 |

-### Manual Backup
+### Manual backup

 To manually initiate a backup, execute the following command:

@ -718,7 +724,7 @@ You can also specify a custom directory for the backup by providing the `BACKUP_
            ...
        ```

-### Manual Restore
+### Manual restore

 To manually initiate a restore, execute the following command:

--- a/docs/settings.md
+++ b/docs/settings.md
@ -88,7 +88,7 @@ Enforce login before accessing a resource or the whole site using HTTP basic aut

 ## Backup

-STREAM support :x:
+STREAM support :white_check_mark:

 Backup your data to a custom location. Ensure the safety and availability of your important files by creating regular backups.

@ -656,3 +656,4 @@ Allow access based on internal and external IP/network/rDNS/ASN whitelists.
 |`WHITELIST_USER_AGENT_URLS`|                                                                                                                                                                            |global   |no      |List of URLs, separated with spaces, containing good User-Agent to whitelist.     |
 |`WHITELIST_URI`            |                                                                                                                                                                            |multisite|no      |List of URI (PCRE regex), separated with spaces, to whitelist.                    |
 |`WHITELIST_URI_URLS`       |                                                                                                                                                                            |global   |no      |List of URLs, separated with spaces, containing bad URI to whitelist.             |
+
--- a/src/common/core/backup/plugin.json
+++ b/src/common/core/backup/plugin.json
@ -3,7 +3,7 @@
  "name": "Backup",
  "description": "Backup your data to a custom location. Ensure the safety and availability of your important files by creating regular backups.",
  "version": "1.0",
-  "stream": "no",
+  "stream": "yes",
  "settings": {
    "USE_BACKUP": {
      "context": "global",