feat: v2.5.0 - Complete Technology & Security Update

Features:
- PHP 8.4 support (from 8.3)
- WordPress 7.0 (auto-update via WP-CLI)
- Modern TLS 1.3 cipher suites (2026 best practices)
- Fail2Ban security integration (5 jails: SSH, Nginx, WordPress, recidive)
- Auto-update cron job for WordPress (weekly Minor updates)
- Debian 14 Forky support (testing)
- Ubuntu 25.04 support
- Python 3.12 in GitHub Actions

Security:
- Fail2Ban with SSH brute force protection (24h ban)
- WordPress wp-login.php protection (2h ban)
- Nginx bot scanner protection
- Recidive jail for repeat offenders (1 week ban)
- Modern TLS ciphers (AEAD only)
- HSTS 2 years for preload

Documentation:
- docs/autoupdate.md - WordPress auto-update guide
- docs/fail2ban.md - Fail2Ban configuration guide
- docs/troubleshooting.md - Updated with php_version variable

Breaking changes:
- PHP 8.4 is now the default (requires Ubuntu 20.04+ or Debian 11+)
This commit is contained in:
Sebastian Palencsar
2026-05-04 19:37:27 +02:00
parent 2045307d1d
commit dffd8e3b76
41 changed files with 754 additions and 74 deletions

4
.github/workflows/ci-cd.yml vendored Normal file → Executable file
View File

@@ -19,7 +19,7 @@ jobs:
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.11'
python-version: '3.12'
- name: Install dependencies
run: |
@@ -48,7 +48,7 @@ jobs:
needs: lint
strategy:
matrix:
ubuntu_version: ['20.04', '22.04', '24.04']
ubuntu_version: ['20.04', '22.04', '24.04', '25.04']
steps:
- name: Checkout code