Yousa
0ff2ab8242
fix: disable ssl_session_tickets by default ( #2641 )
...
fix #2638
In a word, 'ssl_session_tickets' would make Perfect Forward Secrecy useless.
reference:
ingress-nginx:kubernetes/ingress-nginx#6196
mozilla:mozilla/server-side-tls#135
2020-11-09 22:44:26 +08:00
罗泽轩
ebf0563a40
change: disable skywalking by default. ( #2632 )
...
* fix: disable skywalking by default.
Close #2623 .
* trailing sw
* clean test
2020-11-09 08:12:52 +08:00
Alex Zhang
188355494d
feat: hide APISIX version from Server header. ( #2639 )
...
Sometimes expose version is dangerous, which can be utilized by
malicious crackers when there are some security bugs in that version.
2020-11-07 00:04:28 +08:00
Alex Zhang
5191374545
feat: support TLS connection with etcd. ( #2548 )
...
Support the TLS connection when communicating with etcd cluster. We added a configuration item to custom the certificate verification. Whether to setup TLS connection or not depends on the endpoints' scheme, for instance, when endpoints are:
```
etcd:
host:
- "https://127.0.0.1:2379 "
- "https://127.0.0.1:3379 "
```
APISIX will originate TLS connection automatically, and the Server Name Indication extention will be set by the endpoint host (`127.0.0.1` in above case). Note by default APISIX will verify the certificate, close the verification in configuration explicitly if you want to bypass it.
```
etcd:
tls:
verfiy: false
```
2020-11-03 13:53:39 +08:00
shoogoome
fff4d14a0d
feature: support multiple service discovery ( #2556 )
...
support multiple service discovery,then we can switch it in upstream
2020-10-30 20:34:10 +08:00
YuanSheng Wang
f2f5ab9766
feat: support json
encoding escape for access logs ( #2269 )
...
fix #2266 .
2020-10-30 16:07:24 +08:00
罗泽轩
b6eb6f4842
change: rename APIX_WORKER_PROCESSES to APISIX_WORKER_PROCESSES ( #2552 )
...
Close #2517 .
2020-10-30 08:14:04 +08:00
YuanSheng Wang
b23475fcba
feat: upgrade skywalking plugin to support skywalking 8.0 . ( #2389 )
2020-10-29 15:29:52 +08:00
Alex Zhang
d87ce33485
feature: support injecting lua_ssl_trusted_certificate. ( #2519 )
2020-10-28 06:49:20 +08:00
YuanSheng Wang
6a7dfa6775
feat: implement api breaker plugin. ( #2455 )
...
Co-authored-by: liuheng <liuhengloveyou@gmail.com>
2020-10-27 13:40:23 +08:00
Vinci Xu
1a6fb8ec2c
feat(CLI): worker and cpu optimization ( #2153 )
2020-10-22 16:28:26 +08:00
罗泽轩
5b97223592
feat: implemented referer-restriction
plugin ( #2352 )
2020-10-06 18:20:17 +08:00
nic-chen
84ce7ba781
feat: add AK/SK(HMAC) auth plugin. ( #2192 )
2020-09-16 14:27:56 +08:00
罗泽轩
b6354ec33e
feat: allow to limit client body size to protect the service ( #2214 )
2020-09-15 21:58:30 +08:00
seven dickens
312a97c96f
feat: define env in nginx.conf template ( #2174 )
...
Co-authored-by: lixiangyang <lixiangyang@dragonest.com>
2020-09-14 18:12:29 +08:00
nic-chen
c54aec8f6c
feat: support custom access log format ( #2122 )
...
fix #2009
2020-08-26 16:51:44 +08:00
YuanSheng Wang
9070a4fa95
feature: implemented plugin log-rotate
, rotate log by interval time. ( #2097 )
2020-08-26 16:40:36 +08:00
YuanSheng Wang
cf882bda1e
feature: divide config.yaml into two files config-custom.yaml & confi… ( #2023 )
...
* feature: divide config.yaml into two files config-custom.yaml & config-default.yaml .
fix #1923
2020-08-18 20:18:55 +08:00