Documentation

Base Software Versions

PHP

PHP R10.2 (2021-04-25)

  • Updated Composer 2 to version 2.0.12 to support new GitHub access token formats

PHP R10.1 (2021-03-09)

  • Bug fix for Shell sessions

PHP R10 (2021-03-07)

  • Updated PHP to 7.3.27 / 7.4.16 / 8.0.3
  • Support for upcoming SSH access functionality

PHP R9.2 (2021-01-07)

  • Removed default no cache headers which could interfere with static caching when also using origin cache control headers
  • Initial beta release of PHP 8 base images

PHP 7.x R9.1 (2021-01-31)

  • Rolled back the iconv library to an earlier version as the latest was causing issues in some circumstances

PHP 7.x R9 (2021-01-28)

  • Allowed switching between Composer 1 and 2 during the bundling process

PHP 7.x R8 (2020-11-25)

  • Updated to PHP 7.3.24 and 7.4.12
  • Added binaries for webp image conversions
  • Added various image optimisation binaries
  • Removed disabled function set_time_limit - the platform will kill anything that locks up completely for 2 mins so it shouldn't be needed

PHP 7.x R7 (2020-08-02)

Updated imagemagick binaries and tweaked resource limits to prevent image conversions being killed due to over-allocating

PHP 7.x R6

Increase number of requests served by each PHP worker before recycling

Bump PHP versions to 7.4.8 / 7.3.20

PHP 7.x R5

Increased default max_input_vars to 10000

PHP 7.x R4

Increased default max upload size to 128MB

PHP 7.x R3

Added postgres support and bumped PHP to version 7.4.1 / 7.3.13.

PHP 7.x R2

Added additional dependencies required for Composer to install external packages using Git.

PHP 7.4 R1

Initial PHP 7.4 release. Contains PHP 7.4.0 along with other updated dependencies.

PHP 7.3 R1

Updated PHP to 7.3.11 which addresses CVE-2019-11043.

We advise that you update all of your projects to this base version immediately.

Nginx

R13.11 (2021-06-22)

Allows the behaviour of trailing slashes to be configured from the Servd dashboard

R13.10 (2021-06-08)

Removed some malware prevention rules which were getting in the way of real traffic.

R13.9 (2021-04-27)

Updated Cloudflare IP ranges for the proxy whitelist and real-end-user IP detection functionality.

R13.8 (2021-03-24)

Added additional rules for handling standalone php files and subfolder index.php files.

R13.7 (2021-03-02)

Increases the nginx max body size to 512MB, allowing PHP to make the call on how large the max body should be up to this limit.

R13.6 (2021-02-23)

Changed a redirect which applied to common Wordpress attack paths from a 301 to a 404.

R13.5 (2021-01-30)

Improved memory usage of nginx when static caching is enabled

R13.4 (2021-01-21)

Fixed a bug which would break URLs which had the word 'php' in the path, as long as it was in the first segment of the path and wasn't at the very start or very end. I kid you not...

R13.3 (2021-01-12)

Tweaks to response header configuration to default the following:

X-Content-Type-Options nosniff

X-XSS-Protection "1; mode=block"

Also prelim work to allow customisation of X-Frame-Options

R13.1 (2021-01-07)

Bugfix to prevent users who are logged into the Craft control panel receiving HTML cached by non-admin users.

R13 (2021-01-06)

Complete rewrite of the nginx configuration to support:

  • Complex static cache invalidation strategies, including wildcard patterns
  • Thundering herd protection during cache expiry
  • Configurable CORS headers
  • Arbitrary path level redirects
  • Ability to use server-side cache control headers to determine static cache validity
  • Functionality to maintain a full static copy of a website, stored in S3 which can act as a failover if the Servd platform encounters any issues

Plugin and dashboard updates will be arriving soon to allow you to configure all of this great new stuff.

R12 (2020-10-15)

Improved nginx configuration for high traffic sites

R11

Added 30d cache headers to web font file types

R10

Updated to Nginx 1.17.8

Switched rate limited HTTP response code from 503 to 429 to make it more obvious what's happening in this circumstance

Disable server token output

R9

Fixed a couple of redirects which remove trailing or duplicate slashes in the URL. They previously always redirected to http:// now they redirect to whatever protocol was used in the original request.

R8

Updated the default log format to something more akin to Nginx's standard output

Prevented requests for favicon.ico being forwarded to Craft. Browsers love them, nobody uses them, resulting in lots of 404s and wasted CPU

R7

Added support for IP blacklist and whitelist, and rate limiting

R6

A few bug fixes related to the new caching mechanism

R5

Updated static caching to use a global cache pool rather than having individual caches per app instance.

R4

Increased default max upload size to 128MB

R3

Added support for domain level redirects

R2

Improved reliability and performance of assets served from Craft's cpresources directory

R1

Released!