Version

v1.5.8 — 2026-04-27

Brotli build correctness fix — the .so we shipped in 1.5.7 testing
landed with undefined BrotliEncoderTakeOutput, refusing dlopen.

Highlights

Dropped -flto from the libbrotli CFLAGS. With LTO on, the
static archive at deps/brotli/out/libbrotlienc.a contains
GIMPLE byte-code rather than native objects. nginx's subsequent
make modules invokes plain gcc with no lto-wrapper, silently
extracts zero symbols from the archive, and links a .so where
every Brotli* symbol is left as an undefined dynamic
reference. The link succeeds (.so files allow undefined symbols
by default) but dlopen() later refuses to load it with
undefined symbol: BrotliEncoderTakeOutput
Caught live on AlmaLinux 8 testing. Replaced the previous
-Ofast -flto -march=native -mtune=native … flag soup with a
boring -O2 -fPIC -ffunction-sections -fdata-sections — the
same equivalence every distro libbrotli package ships, with no
measurable encoding-throughput penalty and a portable archive.
Also dropped -march=native -mtune=native. The previous
flags baked the build host's micro-architecture into the .so —
fine on a single-server install, a SIGILL waiting to happen on
fleets cloned from a golden image to mixed CPUs.
Post-build symbol sanity check. After make modules,
step 7b runs nm -D --undefined-only against the freshly-built
filter .so and aborts the install if Brotli* symbols are
undefined AND no NEEDED libbrotli*.so entry exists. Catches
this whole class of link-time-OK / runtime-broken bugs at the
build step, with a message that names the most likely cause,
rather than letting them surface from nginx -t four steps
later.

Recovering from a broken 1.5.7 install

If a previous --nginx-install=brotli left a broken .so on the
server (nginx refuses to start with the BrotliEncoderTakeOutput
emerg), run:

wsa --nginx-uninstall=brotli
wsa --rebuild-nginx-conf
systemctl restart nginx

then re-attempt the install on 1.5.8.

v1.5.7 — 2026-04-27

Module-builder version gate + clearer diagnostics when nginx -t
fails on the main configuration file.

Highlights

Minimum nginx version for module builds: 1.30.0. First test
on AlmaLinux 8 ran into the EL 8 stock nginx 1.14.1: GCC 8 ships
-Wcast-function-type and nginx's auto/cc/conf injects
-Werror, so re-compiling that tarball aborts inside
src/stream/ngx_stream_script.c before Brotli even gets to play.
Rather than carrying a CFLAGS patch indefinitely we draw a hard
line: canInstall_brotli now refuses early with an actionable
message pointing the operator at the upstream nginx.org repo.
One-liner upgrade for them, removes a whole class of GCC vs.
legacy-nginx surprises for us.
Main-conf syntax errors no longer trigger an infinite repair
loop. Validate_Nginx_Config extracts the offending vhost user
by stripping .conf off the last token of nginx -t's error line.
When the error is in /etc/nginx/nginx.conf itself the resulting
"user" is the path-like string /etc/nginx/nginx — which
obviously has no per-user vhost to rebuild. The recursive
ValidateNginxConfig now detects path-shaped err_user values and
bails out immediately with the actual nginx -t message, instead
of pretending a non-existent user can be repaired.
nginx -t says: … printed on FAILLED. When the verbose
rebuild path hits Testing Nginx configuration file… FAILLED
it now also prints the real error message from nginx. Up to
1.5.6 the operator had to SSH in and re-run nginx -t by hand
just to find out which directive was the culprit; with nginx
1.30 tightening several syntax rules, that round-trip was the
most common diagnosis bottleneck.

v1.5.6 — 2026-04-24

Simple-mode table polish — the description column now gets the
breathing room it needs.

Highlights

Redundant in-cell heading removed. The "Caching Level"
mini-title (opt_title) that sat above the SpeedDisplay
gradient duplicated the new <th> column heading from 1.5.4.
Dropped — one heading per column is enough.
Column widths rebalanced. The title column's min-width: 425px was capping roughly 78 % of the table, leaving the
description a narrow strip. Dropped to a fixed width: 320px
that just fits the arrow + radio labels, so the description
column gets the rest. Makes the at-a-glance summary of each
cache preset actually readable without horizontal squeezing.
Radio list gets its correct width. The .simple_table_option
rule (350 px, text-align center) was a misnamed target — the
actual class in the markup is .simple_caching_options. The
width moved onto the right class so the six radio labels line
up properly and the block doesn't collapse on narrow viewports.
Dead CSS retired. .opt_title removed now that its heading
is gone from the template.

v1.5.4 — 2026-04-24

Small cPanel UI polish — clearer labels in the Bot Protection tab,
and a tighter Simple-mode header.

Highlights

Bot Protection toggles now say Blocked / Allowed. The
per-domain overrides in the Advance popup's Bot Protection tab
used the generic On / Off labels, which were ambiguous — is
"On" the blocklist being active, or the bot being allowed
through? Now each tri-state radio reads Server default /
Blocked / Allowed and the "Default:" indicator uses the same
vocabulary, so the outcome is stated explicitly. New dedicated
lang keys (bot_protection.block, bot_protection.allow) so
other tabs keep their own On / Off labels untouched.
Simple-mode header merged into the table. The standalone
"Caching Selection" heading that used to sit in its own
.simple_titles block above the table is gone. The heading is
now the first <th> of the table itself, so the page carries
one header instead of two. The .simple_titles /
.simple_title CSS rules were retired along with it.
Simple-mode card sits flush against the tab bar. The
.innerblock.simpleseection card no longer rounds its top
corners or draws a top border, so it visually continues the
options_list tab bar directly above instead of looking like a
detached block with a seam between them.

v1.5.3 — 2026-04-24

Compression status moved from an inline table row to a traffic-light
dot in the cPanel top status bar.

Highlights

Compression row removed from Simple and Advance tables. The
read-only GZIP / Brotli badges introduced in 1.4.4 duplicated
information that already belonged in the page-level status card.
The row is gone from both simple.tpl and
advance_cache_basic.tpl.
Traffic-light indicator in the status bar. Directly below
"Cache is enabled" the card now shows a small green dot
followed by the codec(s) actively being served:
- both on → ● Brotli/Gzip
- Brotli only → ● Brotli
- Gzip only → ● Gzip
- neither → the line is hidden entirely (no dead "off" label).
Same data source. Driven by $compressionStatus assigned in
cpanel_area/index.live.php, which already combines the WHM
toggles with module_builder::isInstalled('brotli'). No
client-side caching change.
Legacy CSS + lang keys retired — the old
.compression_status / .cstat_item pill rules and the
simple.table.compression / adv.pu.com_tab.basic.compression_status
lang keys were removed; nothing else in the plugin referenced
them.

v1.5.2 — 2026-04-24

Small UI polish on the Bot Protection stats panel introduced in
1.5.1.

Highlights

Top offenders is now collapsed by default. The top-10
User-Agent breakdown on the WHM home page lives inside a native
<details>/<summary> element. The three headline stat cards
(Total / Unique IPs / Top UA) stay in view; the long UA list is
one click away via a caret that rotates on expand. Keeps the
home page compact for admins who just want the at-a-glance
numbers.
The summary shows the UA count in parentheses so it's clear how
much is hidden before clicking.

v1.5.1 — 2026-04-24

Adds a Bot Protection stats panel to the WHM home page. Gives
admins an at-a-glance view of how much traffic the new bot
blocklists are actually dropping, without having to SSH into the
server and pipe awk through the nginx logs.

Highlights

Bot Protection stats on the WHM home page

A new overview card sits directly below Clear Cache on the main
WHM menu, summarising the last 24 h of HTTP 444 responses
(the code Bot Protection and Rate Limiting emit when rejecting a
request at the edge):

Total requests blocked — all 444s in the window.
Unique source IPs — distinct offending clients.
Top User-Agent — the single noisiest UA, with its hit count.
Top-10 User-Agents table — ranked, truncated to 80 chars per
UA to keep the layout predictable.

How it works

Parses /var/log/nginx/access.log via a tail -n 2M | awk '$9 == 444' shell pipeline — orders of magnitude faster than a pure-PHP
walk, with a hard line cap so a runaway unrotated log can never
wedge the WHM page.
Results are cached to /etc/wsa/conf/bot_stats.json with a 5
min TTL, so refreshing the home page is cheap.
The panel is hidden entirely when the log is unreadable rather
than showing a confusing empty card. Shows a friendly "No bots
blocked in the last 24 hours" message when the window is empty.
UA strings are HTML-escaped on render — hostile User-Agent
content can't break out of the cell.

v1.5.0 — 2026-04-24

Consolidated minor release. Rolls up every 1.4.1 → 1.4.4 increment
into a single user-facing version. Three big themes: Bot
Protection (a new edge-level filter for unwanted crawlers),
compression moved entirely under admin control, and a
modernization of the Simple-mode caching presets to match
2026 Lighthouse / web.dev recommendations. Full commit-level
history remains available in git.

Highlights

Bot Protection (new)

A new opt-in layer that drops unwanted bots at the Nginx edge
before they reach the backend. Matched requests are closed with
HTTP 444 (no response) — cheaper than a 403 and harder for
abusive clients to distinguish from a dead server.

Four curated, independently-toggleable blocklists:
- AI crawlers (default ON) — GPTBot, ClaudeBot, CCBot,
  Google-Extended, PerplexityBot, Bytespider and ~35 more AI
  training / RAG fetchers, curated April 2026.
- Vulnerability scanners (default ON) — sqlmap, nikto,
  masscan, nuclei, WPScan and other offensive-security tooling.
- SEO crawlers (default OFF) — AhrefsBot, SemrushBot,
  MJ12bot, DotBot, etc. Off because some sites actively want
  these.
- Empty User-Agent (default OFF) — drops UA-less requests.
  Off to avoid surprising health-check scripts.
Two-level configuration — WHM admins set server-wide
defaults and own the raw blocklists (editable as plain-text
TEXTAREA fields under Bot Protection in the Nginx config
page). cPanel users see a tri-state Server default / On / Off
control per category on their own domain, inside a dedicated
Bot Protection tab in the Advance popup (sitting between
Basic and Dynamic).
Shared whitelist — Bot Protection honours the same IP
whitelist already used by Rate Limiting, so monitoring IPs
exempted from rate limits are automatically exempted from UA
blocking too. No separate list to maintain.

Compression is now fully admin-controlled

Gzip joins Brotli as a server-wide switch in WHM Nginx
Configuration > Compression. Site owners no longer make
compression decisions from cPanel — the old per-vhost toggle
(Simple mode + Advance > Basic) is gone.

New Enable Gzip compression switch in WHM — default ON.
Flipping it off suppresses the entire gzip block (gzip
directives and gzip_static) for every vhost on the server.
Read-only compression status badge in cPanel — a
"Compression — GZIP: ✓ · Brotli: ✓" indicator replaces the
old checkbox. Brotli shows green only when the module is
installed AND the admin has enabled it.
Silent migration — any site that had gzip explicitly
disabled in its stored config is transparently re-enabled on
upgrade. The legacy field is still written for schema
compatibility but no longer consulted by the config generator.

Why not leave the client toggle in place? Compression is a
delivery-layer concern, not a content-policy one. Gzip and
Brotli complement each other (nginx negotiates one codec per
response via Accept-Encoding); disabling gzip would punish
HTTP traffic, older browsers, corporate SSL-inspection proxies
and programmatic clients. Keeping both active alongside each
other is essentially free — gzip_static and brotli_static
serve pre-compressed files with zero CPU.

Simple mode presets — modernized

The Simple-mode cache values dated back to when a "1 week"
browser cache was considered aggressive. Lighthouse and
web.dev now expect 1 year for fingerprinted static assets,
and stale-while-revalidate (exposed here as
cachebackgroundupdate) removes the freshness-vs-latency
trade-off that used to force conservative dynamic TTLs.

1-year browser cache for images and fonts on all four
active presets (month, week, day, store). Matches the
Lighthouse "Serve static assets with an efficient cache
policy" audit.
cachebackgroundupdate=1 enabled on month / week /
day — nginx serves the stale cached copy immediately
while refreshing in the background, so dynamic pages return
in the low-millisecond range even on a cache miss.
Deliberately not enabled on store — e-commerce
inventory/price pages can't tolerate a stale response.
store dynamic TTL raised 5 s → 10 s — modern carts
tolerate it comfortably and the throughput win is substantial
on traffic spikes.
CSS/JS and static server TTLs rebalanced and normalized
across presets (previously the week value for CSS/JS was
longer than the month preset — backwards).
SIMPLE_MODE_1 ("none") intentionally untouched — still
disables caching end-to-end.
User-facing descriptions synced in EN + FR so the preset
selector text matches what actually gets applied.

Smaller polish shipped along the way

WHM Nginx Configuration page — language keys realigned.
Option labels for the new Bot Protection and Brotli
sub-sections now follow the same nested nomenclature as the
legacy Dynamic files / CSS & JS / Images & Fonts
sections, and section headers pull from a consistent
$LANG['config'][<section>] path. One shape across the
whole plugin instead of two.
Cache Configuration page no longer double-surfaces Bot
Protection controls (it was rendering them both in the Bot
Protection page and inside the generic walker, with the
walker version showing raw __comment text).
Advance popup scroll-jump fixed — clicking a tri-state
radio no longer pushes the form out of the popup. The hidden
radio now sits in a proper containing block and uses the
standard clip/1px visually-hidden accessibility pattern.

v1.4.0 — 2026-04-24

Consolidated minor release. Rolls up every 1.3.25 → 1.3.40
increment into a single user-facing version. Highlights below;
full commit-level history remains available in git.

Highlights

Brotli compression (new) — optional on-demand install of the
ngx_brotli dynamic modules, with a dedicated UI row (status
indicator + Install / Uninstall / Rebuild) and a matching CLI
(wsa --nginx-install=brotli, --nginx-uninstall=brotli,
--nginx-enable=brotli, --nginx-disable=brotli). Build output
is streamed live and colour-coded so operators can tell a failed
step from a successful one at a glance. Supported on
AlmaLinux / RHEL / Rocky / Oracle / CloudLinux 8, 9 and 10.
Rate limiting & anti-DoS layer (new) — per-server
limit_req and limit_conn with a whitelist, exposed as first-
class options in the WHM configuration page.
Nginx configuration page — redesign — options are now split
into clearly-labelled sub-sections (General / Rate limiting &
connection caps / Compression / Brotli) instead of one long
flat list. A consistent page header + bottom action bar
(Back / Save) is applied to every configuration screen, with
colour-coded primary/secondary buttons.
WHM main menu — redesign — reorganised tiles, lighter
typography, clearer grouping between service status, cache
management and module configuration. The Disabled WSA Module
danger frame was cleaned up (the red frame alone is enough
warning — no more stacked pills).
Additional-module builder (new) — all compile-on-demand
Nginx modules (Brotli today, HTTP/3 and others planned) are
driven by a single module_builder class. The CLI and the WHM
UI now share the same detection, build and state-tracking code
instead of duplicating it.
Cache key — $MOBILE prefix removed by default — desktop
and mobile visitors now share a single cache slot out of the
box. Operators who still want the historic split-by-User-Agent
behaviour can opt back in with the new mobile_cache_split
flag.
Nginx tuning defaults refreshed — default worker_*,
keepalive_* and cache-size values reviewed and corrected
against real-world cPanel deployments.
Installer — Brotli as an optional step — install.sh now
offers Brotli as a clearly-optional extra, with the default
answer pre-selected so existing one-liner deployments keep
behaving.
Distro support — CentOS 7 dropped for Brotli — CentOS 7
reached EOL in June 2024 and needed a separate build path
(EPEL + cmake3). That branch has been removed in 1.4.0 to
reduce the maintenance surface. The plugin itself still runs
on CentOS 7; only the Brotli build is no longer offered there.

Hotfixes rolled into 1.4.0

Fixed the Rebuild Brotli module button silently doing nothing
(nested <form> elements were flattened by the browser).
Fixed the danger-zone button contrast on the home screen.
Fixed --nginx-install=brotli failing on some AlmaLinux / RHEL
rebuilds because eval was re-parsing an already-tokenised
./configure argument list.
Fixed a silent bug where the three cache-max-size options
(dyn_*, cssjs_*, static_*) were being dropped on save
because the stored keys didn't match the template defaults —
saved values never reached Nginx and the defaults were used
regardless.
Log hygiene: fewer spurious WARNING entries on clean runs;
module status changes are now a single summary line instead of
a wall of per-step INFO lines.

Under the hood

Consolidated the legacy Brotli plumbing (several globals in
bootstrap.php + scattered install / detect helpers) into the
new module_builder class.
Module manager now distinguishes installed from active so
operators can temporarily disable a compiled-in module without
uninstalling it.
Rebuild of Nginx is triggered automatically after any module
write op — no more "install succeeded but the site still
doesn't serve Brotli" surprises.
Shared design tokens (CSS custom properties) across all
configuration pages so future redesigns are one file deep.

Removed

CentOS 7 Brotli build path (yum + cmake3 via EPEL).
Legacy Brotli-specific globals and scattered install helpers,
replaced by module_builder.
Stacked "⚠ Danger zone" badge on the home screen.

v1.3.24 — 2026-04-18

Bug Fixes and Other Changes

PHP warning fixes in template compilation path.
Additional Smarty 5 deprecation fixes.

v1.3.22 — 2026-04-16

Minor Features and Improvements

Added single-page cache purge action (per-URL purge instead of forcing a full site purge).
Fixed deprecated Smarty 5 usages surfaced after the 1.3.14 migration.

Bug Fixes and Other Changes

PHP warning fixes in template rendering.

v1.3.21 — 2026-04-15

Bug Fixes and Other Changes

PHP warning / notice cleanup across the plugin.

v1.3.14 — 2026-04-14

Major Features and Improvements

Migrated the Smarty template engine to Smarty 5.x (namespaced \Smarty\Smarty). Plugins registered via registerPlugin (is_int, is_string, …) for continued use as template modifiers.

Housekeeping

Removed the unused PhpUnit tooling and associated scaffolding from the repository.
Removed the legacy "pixies" dependency from both the plugin and the WHMCS companion module.

v1.3.12 — 2026-04-14

Per-User Cache Purge Fix (Critical)

Fixed grep missing -E flag in per-user cache purge command. The domain pattern uses | as OR separator between multiple domains (e.g. domain.com|www.domain.com|mail.domain.com), but basic grep treats | as a literal character. The purge searched for the entire string including the pipe characters instead of matching any of the individual domains. Changed grep -qa to grep -qaE to enable extended regex.
Added grep -a flag for binary-safe matching. Nginx cache files contain a binary header (~336 bytes of null bytes) before the cache key. Without -a, grep may stop reading at null bytes and never reach the domain name stored in the cache key.
Increased cache file header read from head -c 512 to head -c 768 to accommodate the binary header plus longer URL cache keys.

wsad Service — PID File Path

Updated PID file path from /var/run/wsad.pid to /run/wsad.pid across all files to resolve the systemd warning: "PIDFile= references a path below legacy directory /var/run/". Affected files: wsad.service, wsad.pl, wsa.php, module_handling.php, post_update.php, update.sh, uninstall.sh, install/services/wsad.

v1.3.6 — 2026-04-10

Cache Categories Consolidation

Reduced Nginx cache categories from 6 to 3 for simpler configuration and smaller vhost files:
- Dynamic — Unchanged
- JS/CSS — Unchanged
- Images/Fonts — Merged from the former Images, Fonts, Static files and Archives/Media/Documents categories
Files previously cached under Static files (json, xml, rss, atom) and Archives/Media/Documents (zip, mp4, pdf, etc.) are no longer cached.
Automatic migration of all existing user and global configuration files via post_update.php (v1.3.0 block).

Cache Purge Performance

Full cache purge (Purge_All_Cache / Clear_Cache(null)): Replaced find | xargs rm with atomic directory rename + recreate. Purge is now near-instant regardless of file count.
Per-user cache purge (Clear_Cache($users)): Replaced grep -r (full file read) with head -c 512 (header-only read) using parallel workers (xargs -P). Added domain name sanitization to prevent shell injection.

Auto-Update Reliability

Fixed Send_Curl_Request in activation.php: removed stray echo 'error!!!', added CURLOPT_CONNECTTIMEOUT (10s), increased CURLOPT_TIMEOUT to 15s for heartbeats and 120s for update downloads, added CA bundle path fallback for older AlmaLinux/CentOS systems.
Fixed Send_Curl_Version in auto_update.php with same timeout and CA bundle improvements.
Fixed enable_auto_update check defaulting to disabled when the SQLite option was never initialized.
Added checkModule case to cron Run_Job() switch statement (was defined but never executed).
Added archive integrity validation before extraction: file size check, tar tzf test, and post-extraction verification of update.sh.
Fixed start_action_info function missing from update.sh (was defined only in install.sh).
Added update logging to /var/log/wsa/update.log and archive validation in update.sh.

wsad Service — Migration to systemd

New wsad.service systemd unit file with Type=forking, Restart=on-failure, and KillMode=process.
PID file path updated from /var/run/wsad.pid to /run/wsad.pid across all files (wsad.pl, wsad.service, PHP and shell scripts).
Automatic migration from SysV init script to systemd via post_update.php (v1.3.5 block): stops old service, removes init script, installs unit file, enables and starts via systemctl.
Updated install.sh and uninstall.sh to use systemd for fresh installs and clean uninstalls.
Fixed create_command() in services.php: replaced broken comparison ($environement == '7') with file_exists('/bin/systemctl') detection. All services (nginx, httpd, wsad) now correctly use systemctl on AlmaLinux 7/8/9/10.
Fixed start_on_boot() in services.php with same systemd detection logic.
Updated Check_Wsad_Service() in wsa.php to use systemctl is-active and systemctl restart instead of legacy service commands.
Added ghost process cleanup (kill stale wsad.pl + PID file removal) in module Enable and Disable methods.

UI Modernization

cPanel interface: Complete CSS rewrite with design tokens (CSS variables), card-based layout, rounded corners, soft shadows, modern toggle switches, pill-shaped status badges, smooth micro-transitions, refined color palette, custom scrollbar styling, and backdrop blur on popup overlay.
WHM interface: Matching CSS rewrite with same design token system, modernized menu items with hover animations, refined tables with rounded corners, dark-themed console output, gradient resource usage bars, and improved tab navigation.
No HTML template changes required — all styling is CSS-only for zero regression risk.

Housekeeping

Removed unused template advance_cache_static.tpl.
Added advance_cache_imagesfonts.tpl template for the new Images/Fonts cache tab.
Updated English (en.php, whm-en.php) and French (fr.php) language files with new category labels.

Release 1.2.21

Updated ioncube encoding with v15 version.

Release 1.2.19

Bug Fixes and Other Changes

Added the follogin cookie in the default exception list "wssplashchk" which is used by CloudFlare splash screen

Release 1.2.18

Bug Fixes and Other Changes

Fixed overinding of Apache content type header.

Release 1.2.17

Minor Features and Improvements

Added Avif File type in MIME

Release 1.2.16

Bug Fixes and Other Changes

Added priority to the local Nginx repo files instead of the CloudLinux repo (Not retroactive).

Release 1.2.15

Bug Fixes and Other Changes

Fixed deprecated issues where the "listen ... http2" directive is deprecated.

Release 1.2.12

Bug Fixes and Other Changes

Disabled the AlmaLinux Nginx repo and used the official repo provided by Nginx directly.

Release 1.2.11

Minor Features and Improvements

Added WEBP support in gzip compression file types.
Updated proxy cache key to account for the "$http_accept" value sent from the browser.
Added explicit header add_header Cache-Control "private, no-store, max-age=0" always; when cache control is private.

Bug Fixes and Other Changes

Fixed missing variable declarations.

Release 1.2.10

Minor Features and Improvements

IonCube support added for PHP 8.2.

Release 1.2.8

Minor Features and Improvements

Updated the Perl WHM hook to reload Nginx instead of restarting it.
Added more debug comments in the code.
Fixed logging to handle arrays.

Release 1.2.7

Minor Features and Improvements

Added verification to check if a file exists before deleting it.
Added verification to check if an array key exists to prevent errors.
Added a file marker to prevent simultaneous cron jobs from running.
Added a marker to prevent cron jobs from running more than X times.
Added checks for empty arrays during HTTPD parsing.
Changed debug log format from 12-hour (AM/PM) to 24-hour format.

Release 1.2.5

Minor Features and Improvements

Added a trigger to prevent endless recursive loops in the main WSA command handler.

Release 1.2.4

Minor Features and Improvements

Added verification for 1:1 NAT IPs in the initial installation file (wsa-install).
Updated activation, auto-update, module handling, and post-update modules to consider a 1:1 NAT setup.

Release 1.2.3

Minor Features and Improvements

Fixed error in the cPanel GUI with undefined variables.

Release 1.2.2

Major Features and Improvements

Fixed fatal error when clearing the cache from cPanel.

Minor Features and Improvements

Fixed numerous PHP 8.1 variable declaration errors.

Release 1.2.1

Major Features and Improvements

Updated Smarty template engine from 3.1.33 to 4.3.1.

Minor Features and Improvements

Fixed error when assigning undeclared variables during HTTPD parsing.
Fixed undeclared Smarty template array values.

Release 1.1.9

Major Features and Improvements

Changed IonCube encoding to support PHP 7.4 and 8.1.

Minor Features and Improvements

Fixed variable declaration order in function calls.

Release 1.1.7

Behavioral Changes

Added the "x-cache-enabled" header to remove WordPress server cache checks.

Release 1.1.6

Minor Features and Improvements

Fixed variable declaration errors in the license validation server.

Release 1.1.5

Bug Fixes and Other Changes

Reverted limits introduced in 1.1.3 for worker_connections and worker_rlimit_nofile to 65535.

Release 1.1.4

Bug Fixes and Other Changes

Fixed an error where the module couldn’t find the proper home folder.

Release 1.1.3

Behavioral Changes

Reduced default worker_connections from 65535 to 256 to avoid overwhelming Apache with I/O.
Reduced default worker_rlimit_nofile from 65535 to 256 for similar reasons.
Reintroduced the cache status header in the default configuration.
Changed default browser cache duration for static elements to 8 weeks.

Release 1.1.2

Major Features and Improvements

Added the ability to specify a different home folder.

Release 1.1.1

Bug Fixes and Other Changes

Fixed duplicate ExecStart in the Nginx service.

Release 1.1.0

Major Features and Improvements

Four new options added to the Nginx configuration page: XSS protection, disable X-Powered-By header, hide cache status, and content type protection.
Introduced a new tab in the advanced Nginx settings.
Added plugin support for the cPanel Jupiter theme.

Bug Fixes and Other Changes

Added Apache status to the WHM interface.
Removed custom Apache monitoring from the cPanel check service.
Added Apache monitoring to the WSA module.
Temporarily removed cache status and X-Powered-By headers until options are configurable.

Release 1.0.20

Bug Fixes and Other Changes

Fixed how to retrieve the server IP when enabling the module and added support for IPs from the cPanel IP Aliases module.

Release 1.0.19

Bug Fixes and Other Changes

Added Apache RemoteProxyIP to prevent false detections from Imunify360.

Release 1.0.18

Behavioral Changes

Removed the default Nginx path build after some cPanel upgrades.
Added a check in the WSA enable function to ensure Nginx has the proper prefix and configuration path.
Fixed the Nginx service prefix in the post-update function.

Release 1.0.17

Major Features and Improvements

The module is now compatible with AlmaLinux.

Release 1.0.16

Bug Fixes and Other Changes

Fixed SSL certificate hooks.

Release 1.0.15

Bug Fixes and Other Changes

Added CentOS 8 compatibility.

Behavioral Changes

Changed rate-limiting error code from 503 to 429 (Too Many Requests).

Release 1.0.14

Major Features and Improvements

Added a dry-run mode for the rate-limiting function.
Added error logging levels to rate-limiting.
Added the ability to count all requests or only dynamic page requests.

Behavioral Changes

Adjusted default values for some rate-limiting features.

Release 1.0.12

Bug Fixes and Other Changes

Updated the Nginx configuration during rebuilds.

Release 1.0.11

Major Features and Improvements

Added the ability to change certain Nginx custom parameters.
Introduced rate-limiting for the global Nginx configuration.

Bug Fixes and Other Changes

Removed settings for individual cache folders from the WHM GUI.

Release 1.0.10

Major Features and Improvements

Added pre- and post-virtual include files for the Nginx configuration.
Fixed an issue where the hostname was not always passed to the backend proxy.

Bug Fixes and Other Changes

Corrected display issues in the Feature Manager.

Behavioral Changes

The module now checks for invalid cipher suites before enabling itself.

Release 1.0.9

Major Features and Improvements

Introduced the ability to have one cache folder per cPanel user.

Bug Fixes and Other Changes

Corrected function declarations and debug variable names.
Fixed installation on servers with multiple IPs.

Behavioral Changes

Removed extra find commands when purging cache.
Added a check to ensure IonCube is activated before installing the WSA module.

Release 1.0.7

Bug Fixes and Other Changes

Fixed duplicate preferred cipher order.

Release 1.0.6

Bug Fixes and Other Changes

Fixed activation issues on servers with multiple MAC addresses.

Release 1.0.5

Behavioral Changes

Changed proxy timeout to 1800 seconds to prevent 504 responses on sites with longer Apache and PHP timeout values.

Release 1.0.4

Bug Fixes and Other Changes

Cleared Nginx cache without removing the directory.

Release 1.0.3

Bug Fixes and Other Changes

Fixed a display issue in iOS Safari where pages would not load due to an upgrade header issue between the Nginx proxy and Apache server.
Improved the efficiency of the "purge all cache" function, reducing resource usage.

Behavioral Changes

Added controller logic to prevent simultaneous rebuilds or purges.

Release 1.0.0

Initial release - February 20, 2020.

Release 0.8.8

Major Features and Improvements

Enhanced module activation and deactivation processes.
Changed the module license check protocol.

Release 0.6.51

Bug Fixes and Other Changes

Added title translations for Website Accelerator in cPanel.

Release 0.6.43

Bug Fixes and Other Changes

Fixed service cleanup issues where processes were being multiplied.

Release 0.6.35

Major Features and Improvements

Added options to switch module branches (dev, stable, current, and edge).

Bug Fixes and Other Changes

Fixed problems with empty URIs and empty cookies in the advanced settings section.

Release 0.6.34

Major Features and Improvements

Cache size can now be modified in the module configuration.

Release 0.6.33

Major Features and Improvements

The WHM module statistics are now loaded asynchronously.

Release 0.6.32

Major Features and Improvements

The WHM module main page now displays current cache usage across all categories.

Release 0.6.31

Bug Fixes and Other Changes

Fixed the module logo display in WHM.

Release 0.6.29

Major Features and Improvements

Added the ability for scripts to activate cache purges.

Bug Fixes and Other Changes

Updated the cPanel module name.

Release 0.6.28

Bug Fixes and Other Changes

Optimized the clear cache process to run in the background.

Release 0.6.27

Bug Fixes and Other Changes

Added documentation links.
Fixed cookie URL encoding issues.
Updated the module logo in the WHM module header.

Release 0.6.25

Bug Fixes and Other Changes

Reloaded version information after module updates.
Fixed errors in the cPanel advanced template.

Release 0.6.24

Bug Fixes and Other Changes

Removed alias from the advanced menu.
Changed default settings for easy caching options.

Release 0.6.23

Behavioral Changes

Cache purges for groups and individual users are now executed in the background with a "nice" rating of 14.

Release 0.6.22

Bug Fixes and Other Changes

Fixed missing vHost aliases for domains with SSL.

Release 0.6.20

Behavioral Changes

Added a cron job to check for changes to Apache configuration every 10 minutes.
Nginx vHosts are now built separately for domains and subdomains.

Bug Fixes and Other Changes

Fixed advanced cache display issues to show correct time selection settings.
Allowed browser cache time modification even when caching is disabled.

Release 0.6.13

Bug Fixes and Other Changes

Added a language tab to the cPanel advanced display for hosting types.
Fixed scenarios involving multiple aliases and subdomains.

Release 0.6.12

Behavioral Changes

Removed old username/password authentication.

Bug Fixes and Other Changes

Fixed installation script to include WHM images during installation.
Corrected display of French descriptions in "More Info" settings.

Release 0.6.0

Major Features and Improvements

Cache purges now execute asynchronously.
Redesigned the cPanel GUI for a cleaner look.

Behavioral Changes

Added license management to the module GUI.
Updated authentication to be IP-based rather than using user credentials.
Enhanced detection of the operating system environment.

Bug Fixes and Other Changes

Fixed license error messages in the WHM GUI update section.
Resolved issues with .htaccess blocking in WordPress multisite setups.
Added tracking for account and MAC addresses.
Enhanced WHM module header information for trial, developer, and expired licenses.

Release 0.5.5

Behavioral Changes

Advanced settings in the cPanel GUI now support breakdown by subdomains and addon domains.

Bug Fixes and Other Changes

Fixed issues with empty cookies and URIs causing cache bypass.

Release 0.5.3

Major Features and Improvements

Unified development branches.
Removed duplicate functions and streamlined module handling.
Migrated credentials to a license file.

Bug Fixes and Other Changes

Updated tests and fixed unrecognized fields in advanced settings.
Enhanced the cPanel chkServd hooking script.

Release 0.4.3

Major Features and Improvements

Integrated Smarty templates into the cPanel area.

Bug Fixes and Other Changes

Corrected variable names in Nginx restart configurations.

Release 0.4.1

Bug Fixes and Other Changes

Ensured proper disablement of the cPanel chkServd service when the module is disabled.
Fixed Nginx and Apache restart issues in the enable module function.