Skip to main content

Caddy Web Server Releases Version 2.10.0 with Enhanced Security and User Privacy Features

News Caddy Web Server Homelab
Table of Contents

The Caddy web server has announced the release of version 2.10.0, introducing several important updates focused on security and flexibility. This release enhances existing features and introduces new ones aimed at improving user experience and privacy.

Key Features #

Encrypted ClientHello (ECH) #

One of the standout features in this release is the support for Encrypted ClientHello (ECH). This technology encrypts the ClientHello message in TLS connections, which includes the domain name. This improvement significantly enhances user privacy during web interactions. For detailed information, refer to the ECH documentation.

Post-Quantum Key Exchange #

Caddy now supports the x25519mlkem768 cryptographic group by default, providing enhanced security against potential future threats from quantum computing.

ACME Profiles #

An experimental feature, ACME profiles, allows more flexible certificate properties compared to traditional CSR methods. Notably, Let’s Encrypt is set to issue 6-day certificates under specific profiles, which Caddy may adopt in the future.

Global DNS Provider #

The new global DNS provider option simplifies configuration by allowing users to specify a default DNS module. This is particularly useful for applications such as ACME DNS challenges and ECH, eliminating the need for repeated configurations across different settings.

Improved Wildcard Handling #

Caddy will now utilize wildcards for subdomains by default, enhancing efficiency and privacy. This change is particularly beneficial due to the new opportunities for subdomain privacy offered by ECH.

Updated libdns APIs #

The release also includes updates to the libdns APIs, aimed at improving stability and ensuring well-defined semantics. DNS provider modules must update their code to remain compatible with these changes.

Conclusion #

Version 2.10.0 of Caddy signifies a substantial step forward in web server technology, focusing on enhanced security and user privacy. For a comprehensive list of changes and enhancements, users can view the full changelog.

For further details on Caddy and its features, visit the official Caddy website.