Skip to content

ferron

Reverse Proxies & Load Balancers

A fast, memory-safe web server written in Rust.

Track releases GitHub Website
Rust Latest 3.0.0-beta.1 · 29d ago Security brief →

Features

  • High‑performance, memory‑safe web server built with Rust
  • Automatic TLS via Let's Encrypt integration
  • Simple, intuitive KDL configuration with secure defaults
  • Extensible modular architecture
  • Advanced reverse proxy with load balancing and health checks

Recent releases

View all 14 releases →
3.0.0-beta.1 New feature
Notable features
  • CLI utility for hashing passwords
  • CLI utility for pre‑compressing static files
  • CLI utility for translating Ferron 2 configurations into Ferron 3 ones
Full changelog

Added

  • CLI utility for hashing passwords.
  • CLI utility for pre-compressing static files.
  • CLI utility for translating Ferron 2 configurations into Ferron 3 ones.
  • CLI utility for zero-configuration serving.

Changed

  • Non-existent webroots now lead to 404 Not Found errors instead of 500 Internal Server Error errors.

Fixed

  • Partial hostname resolution match in HTTP server could lead to incorrect routing.
  • Redirects configured with status directive didn't have some placeholder locations (such as $1) replaced when using a regex match.
  • Redirects configured with status directive didn't lead to any destination.
  • Reverse proxy was sometimes routed to wrong backend server.
  • Some default cache paths were unwritable in some cases.
  • Unknown directives in global blocks for status directive (even though they're known in host blocks) caused the web server to fail to start.
  • When using OTLP, access logs were emitted with "access_log" body, not actual access logs.
View release on GitHub
2.7.0 Security relevant
Security fixes
  • Path traversal when URL sanitizer disabled and path canonicalization failed
  • Proxy header leak in CGI/FastCGI/SCGI (httpoxy)
Notable features
  • DNSimple DNS provider support
  • IP-based TLS certificate support
  • JSON-format access logs
View release on GitHub
2.6.0 New feature
Breaking changes
  • Rego-based subconditions deprecated and will be removed in future release
Notable features
  • Dynamic SRV-based backend discovery
  • File size-based log rotation
  • Reusable KDL configuration snippets
View release on GitHub
2.5.4 Bugfix

- Fixed high CPU usage after configuration reloads caused by the OCSP stapler.

View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

About

Stars
2,027
Forks
89
Languages
Rust Shell PowerShell
View on GitHub Homepage Documentation

Install & Platforms

Install via
binary docker
Platforms
linux windows macos

Community & Support

Community

Similar tools

Static Web Server
caddy
zoraxy
microbin
bichon

Beta — feedback welcome: [email protected]