Merge pull request #4605 from NginxProxyManager/develop

v2.12.4
Merge branch 'master' into develop
2025-10-04 20:00:12 +00:00 · 2025-07-01 11:12:08 +10:00 · 2025-07-01 07:33:33 +10:00 · 2025-07-01 07:32:39 +10:00 · 2025-06-30 15:31:09 +10:00 · 2025-06-30 15:19:05 +10:00
46 changed files with 1400 additions and 1198 deletions
--- a/.version
+++ b/.version
@@ -1 +1 @@
-2.12.3
+2.12.4
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
 <p align="center">
 	<img src="https://nginxproxymanager.com/github.png">
 	<br><br>
-	<img src="https://img.shields.io/badge/version-2.12.3-green.svg?style=for-the-badge">
+	<img src="https://img.shields.io/badge/version-2.12.4-green.svg?style=for-the-badge">
 	<a href="https://hub.docker.com/repository/docker/jc21/nginx-proxy-manager">
 		<img src="https://img.shields.io/docker/stars/jc21/nginx-proxy-manager.svg?style=for-the-badge">
 	</a>
--- a/backend/index.js
+++ b/backend/index.js
@@ -3,6 +3,8 @@
 const schema = require('./schema');
 const logger = require('./logger').global;

+const IP_RANGES_FETCH_ENABLED = process.env.IP_RANGES_FETCH_ENABLED !== 'false';
+
 async function appStart () {
 	const migrate             = require('./migrate');
 	const setup               = require('./setup');
@@ -13,7 +15,16 @@ async function appStart () {
 	return migrate.latest()
 		.then(setup)
 		.then(schema.getCompiledSchema)
-		.then(internalIpRanges.fetch)
+		.then(() => {
+			if (IP_RANGES_FETCH_ENABLED) {
+				logger.info('IP Ranges fetch is enabled');
+				return internalIpRanges.fetch().catch((err) => {
+					logger.error('IP Ranges fetch failed, continuing anyway:', err.message);
+				});
+			} else {
+				logger.info('IP Ranges fetch is disabled by environment variable');
+			}
+		})
 		.then(() => {
 			internalCertificate.initTimer();
 			internalIpRanges.initTimer();
--- a/backend/internal/certificate.js
+++ b/backend/internal/certificate.js
@@ -576,7 +576,6 @@ const internalCertificate = {
 		return internalCertificate.create(access, {
 			provider:     'letsencrypt',
 			domain_names: data.domain_names,
-			ssl_key_type: data.ssl_key_type,
 			meta:         data.meta
 		});
 	},
@@ -839,7 +838,6 @@ const internalCertificate = {

 		const cmd = `${certbotCommand} certonly ` +
 			`--config '${letsencryptConfig}' ` +
-			`--key-type '${certificate.ssl_key_type}' ` +
 			'--work-dir "/tmp/letsencrypt-lib" ' +
 			'--logs-dir "/tmp/letsencrypt-log" ' +
 			`--cert-name "npm-${certificate.id}" ` +
@@ -881,7 +879,6 @@ const internalCertificate = {

 		let mainCmd = certbotCommand + ' certonly ' +
 			`--config '${letsencryptConfig}' ` +
-			`--key-type '${certificate.ssl_key_type}' ` +
 			'--work-dir "/tmp/letsencrypt-lib" ' +
 			'--logs-dir "/tmp/letsencrypt-log" ' +
 			`--cert-name 'npm-${certificate.id}' ` +
@@ -978,7 +975,6 @@ const internalCertificate = {

 		const cmd = certbotCommand + ' renew --force-renewal ' +
 			`--config '${letsencryptConfig}' ` +
-			`--key-type '${certificate.ssl_key_type}' ` +
 			'--work-dir "/tmp/letsencrypt-lib" ' +
 			'--logs-dir "/tmp/letsencrypt-log" ' +
 			`--cert-name 'npm-${certificate.id}' ` +
@@ -1012,7 +1008,6 @@ const internalCertificate = {

 		let mainCmd = certbotCommand + ' renew --force-renewal ' +
 			`--config "${letsencryptConfig}" ` +
-			`--key-type '${certificate.ssl_key_type}' ` +
 			'--work-dir "/tmp/letsencrypt-lib" ' +
 			'--logs-dir "/tmp/letsencrypt-log" ' +
 			`--cert-name 'npm-${certificate.id}' ` +
@@ -1046,7 +1041,6 @@ const internalCertificate = {

 		const mainCmd = certbotCommand + ' revoke ' +
 			`--config '${letsencryptConfig}' ` +
-			`--key-type '${certificate.ssl_key_type}' ` +
 			'--work-dir "/tmp/letsencrypt-lib" ' +
 			'--logs-dir "/tmp/letsencrypt-log" ' +
 			`--cert-path '/etc/letsencrypt/live/npm-${certificate.id}/fullchain.pem' ` +
--- a/backend/internal/host.js
+++ b/backend/internal/host.js
@@ -229,32 +229,8 @@ const internalHost = {
 		}

 		return response;
-	},
-
-	/**
-	 * Internal use only, checks to see if the there is another default server record
-	 *
-	 * @param   {String}   hostname
-	 * @param   {String}   [ignore_type]   'proxy', 'redirection', 'dead'
-	 * @param   {Integer}  [ignore_id]     Must be supplied if type was also supplied
-	 * @returns {Promise}
-	 */
-	checkDefaultServerNotExist: function (hostname) {
-		let promises = proxyHostModel
-			.query()
-			.where('default_server', true)
-			.andWhere('domain_names', 'not like', '%' + hostname + '%');
-
-		
-		return Promise.resolve(promises)
-			.then((promises_results) => {
-				if (promises_results.length > 0){
-					return false;
-				}
-				return true;
-			});
-		
 	}
+
 };

 module.exports = internalHost;
--- a/backend/internal/proxy-host.js
+++ b/backend/internal/proxy-host.js
@@ -44,22 +44,6 @@ const internalProxyHost = {
 						});
 					});
 			})
-			.then(() => {
-				// Get a list of the domain names and check each of them against default records
-				if (data.default_server){
-					if (data.domain_names.length > 1) {
-						throw new error.ValidationError('Default server cant be set for multiple domain!');
-					}
-	
-					return internalHost
-						.checkDefaultServerNotExist(data.domain_names[0])
-						.then((result) => {
-							if (!result){
-								throw new error.ValidationError('One default server already exists');
-							}
-						});
-				}
-			})
 			.then(() => {
 				// At this point the domains should have been checked
 				data.owner_user_id = access.token.getUserId(1);
@@ -157,22 +141,6 @@ const internalProxyHost = {
 						});
 				}
 			})
-			.then(() => {
-				// Get a list of the domain names and check each of them against default records
-				if (data.default_server){
-					if (data.domain_names.length > 1) {
-						throw new error.ValidationError('Default server cant be set for multiple domain!');
-					}
-	
-					return internalHost
-						.checkDefaultServerNotExist(data.domain_names[0])
-						.then((result) => {
-							if (!result){
-								throw new error.ValidationError('One default server already exists');
-							}
-						});
-				}
-			})
 			.then(() => {
 				return internalProxyHost.get(access, {id: data.id});
 			})
@@ -185,7 +153,6 @@ const internalProxyHost = {
 				if (create_certificate) {
 					return internalCertificate.createQuickCertificate(access, {
 						domain_names: data.domain_names || row.domain_names,
-						ssl_key_type: data.ssl_key_type || row.ssl_key_type,
 						meta:         _.assign({}, row.meta, data.meta)
 					})
 						.then((cert) => {
--- a/backend/internal/stream.js
+++ b/backend/internal/stream.js
@@ -369,7 +369,7 @@ const internalStream = {
 					.where('is_deleted', 0)
 					.groupBy('id')
 					.allowGraph('[owner,certificate]')
-					.orderByRaw('CAST(incoming_port AS INTEGER) ASC');
+					.orderBy('incoming_port', 'ASC');

 				if (access_data.permission_visibility !== 'all') {
 					query.andWhere('owner_user_id', access.token.getUserId(1));
--- a/backend/migrations/20241209062244_ssl_key_type.js
+++ b/backend/migrations/20241209062244_ssl_key_type.js
@@ -1,51 +0,0 @@
-const migrate_name = 'identifier_for_migrate';
-const logger       = require('../logger').migrate;
-
-/**
- * Migrate
- *
- * @see http://knexjs.org/#Schema
- *
- * @param {Object} knex
- * @param {Promise} Promise
- * @returns {Promise}
- */
-exports.up = function (knex) {
-
-	logger.info(`[${migrate_name}] Migrating Up...`);
-
-	return knex.schema.alterTable('proxy_host', (table) => {
-		table.enum('ssl_key_type', ['ecdsa', 'rsa']).defaultTo('ecdsa').notNullable();
-	}).then(() => {
-		logger.info(`[${migrate_name}] Column 'ssl_key_type' added to table 'proxy_host'`);
-
-		return knex.schema.alterTable('certificate', (table) => {
-			table.enum('ssl_key_type', ['ecdsa', 'rsa']).defaultTo('ecdsa').notNullable();
-		});
-	}).then(() => {
-		logger.info(`[${migrate_name}] Column 'ssl_key_type' added to table 'proxy_host'`);
-	});
-};
-
-/**
- * Undo Migrate
- *
- * @param {Object} knex
- * @param {Promise} Promise
- * @returns {Promise}
- */
-exports.down = function (knex) {
-	logger.info(`[${migrate_name}] Migrating Down...`);
-
-	return knex.schema.alterTable('proxy_host', (table) => {
-		table.dropColumn('ssl_key_type');
-	}).then(() => {
-		logger.info(`[${migrate_name}] Column 'ssl_key_type' removed from table 'proxy_host'`);
-
-		return knex.schema.alterTable('certificate', (table) => {
-			table.dropColumn('ssl_key_type');
-		});
-	}).then(() => {
-		logger.info(`[${migrate_name}] Column 'ssl_key_type' removed from table 'proxy_host'`);
-	});
-};
--- a/backend/migrations/20241221201400_default_server.js
+++ b/backend/migrations/20241221201400_default_server.js
@@ -1,40 +0,0 @@
-const migrate_name = 'default_server';
-const logger       = require('../logger').migrate;
-
-/**
- * Migrate Up
- *
- * @param {Object} knex
- * @param {Promise} Promise
- * @returns {Promise}
- */
-exports.up = function (knex) {
-	logger.info(`[${migrate_name}] Migrating Up...`);
-
-	// Add default_server column to proxy_host table
-	return knex.schema.table('proxy_host', (table) => {
-		table.boolean('default_server').notNullable().defaultTo(false);
-	})
-		.then(() => {
-			logger.info(`[${migrate_name}] Column 'default_server' added to 'proxy_host' table`);
-		});
-};
-
-/**
- * Migrate Down
- *
- * @param {Object} knex
- * @param {Promise} Promise
- * @returns {Promise}
- */
-exports.down = function (knex) {
-	logger.info(`[${migrate_name}] Migrating Down...`);
-
-	// Remove default_server column from proxy_host table
-	return knex.schema.table('proxy_host', (table) => {
-		table.dropColumn('default_server');
-	})
-		.then(() => {
-			logger.info(`[${migrate_name}] Column 'default_server' removed from 'proxy_host' table`);
-		});
-};
--- a/backend/models/dead_host.js
+++ b/backend/models/dead_host.js
@@ -12,7 +12,11 @@ Model.knex(db);

 const boolFields = [
 	'is_deleted',
+	'ssl_forced',
+	'http2_support',
 	'enabled',
+	'hsts_enabled',
+	'hsts_subdomains',
 ];

 class DeadHost extends Model {
--- a/backend/models/proxy_host.js
+++ b/backend/models/proxy_host.js
@@ -21,7 +21,6 @@ const boolFields = [
 	'enabled',
 	'hsts_enabled',
 	'hsts_subdomains',
-	'default_server',
 ];

 class ProxyHost extends Model {
--- a/backend/models/stream.js
+++ b/backend/models/stream.js
@@ -8,8 +8,8 @@ const now         = require('./now_helper');
 Model.knex(db);

 const boolFields = [
-	'enabled',
 	'is_deleted',
+	'enabled',
 	'tcp_forwarding',
 	'udp_forwarding',
 ];
--- a/backend/routes/users.js
+++ b/backend/routes/users.js
@@ -181,7 +181,7 @@ router
 				return internalUser.setPassword(res.locals.access, payload);
 			})
 			.then((result) => {
-				res.status(201)
+				res.status(200)
 					.send(result);
 			})
 			.catch(next);
@@ -212,7 +212,7 @@ router
 				return internalUser.setPermissions(res.locals.access, payload);
 			})
 			.then((result) => {
-				res.status(201)
+				res.status(200)
 					.send(result);
 			})
 			.catch(next);
@@ -238,7 +238,7 @@ router
 	.post((req, res, next) => {
 		internalUser.loginAs(res.locals.access, {id: parseInt(req.params.user_id, 10)})
 			.then((result) => {
-				res.status(201)
+				res.status(200)
 					.send(result);
 			})
 			.catch(next);
--- a/backend/schema/components/certificate-object.json
+++ b/backend/schema/components/certificate-object.json
@@ -41,11 +41,6 @@
 		"owner": {
 			"$ref": "./user-object.json"
 		},
-		"ssl_key_type": {
-			"type": "string",
-			"enum": ["ecdsa", "rsa"],
-			"description": "Type of SSL key (either ecdsa or rsa)"
-		},
 		"meta": {
 			"type": "object",
 			"additionalProperties": false,
--- a/backend/schema/components/proxy-host-object.json
+++ b/backend/schema/components/proxy-host-object.json
@@ -22,9 +22,7 @@
 		"enabled",
 		"locations",
 		"hsts_enabled",
-		"hsts_subdomains",
-		"default_server",
-		"certificate"
+		"hsts_subdomains"
 	],
 	"additionalProperties": false,
 	"properties": {
@@ -150,15 +148,6 @@
 					"$ref": "./access-list-object.json"
 				}
 			]
-		},
-		"ssl_key_type": {
-			"type": "string",
-			"enum": ["ecdsa", "rsa"],
-			"description": "Type of SSL key (either ecdsa or rsa)"
-		},
-		"default_server": {
-			"type": "boolean",
-			"description": "Defines if the server is the default for unmatched requests"
 		}
 	}
 }
--- a/backend/schema/components/stream-list.json
+++ b/backend/schema/components/stream-list.json
@@ -1,7 +1,7 @@
 {
 	"type": "array",
-	"description": "Proxy Hosts list",
+	"description": "Streams list",
 	"items": {
-		"$ref": "./proxy-host-object.json"
+		"$ref": "./stream-object.json"
 	}
 }
--- a/backend/schema/paths/nginx/proxy-hosts/hostID/put.json
+++ b/backend/schema/paths/nginx/proxy-hosts/hostID/put.json
@@ -79,12 +79,6 @@
 						},
 						"locations": {
 							"$ref": "../../../../components/proxy-host-object.json#/properties/locations"
-						},
-						"ssl_key_type": {
-							"$ref": "../../../../components/proxy-host-object.json#/properties/ssl_key_type"
-						},
-						"default_server": {
-							"$ref": "../../../../components/proxy-host-object.json#/properties/default_server"
 						}
 					}
 				}
--- a/backend/schema/paths/nginx/proxy-hosts/post.json
+++ b/backend/schema/paths/nginx/proxy-hosts/post.json
@@ -67,12 +67,6 @@
 						},
 						"locations": {
 							"$ref": "../../../components/proxy-host-object.json#/properties/locations"
-						},
-						"ssl_key_type": {
-							"$ref": "../../../components/proxy-host-object.json#/properties/ssl_key_type"
-						},
-						"default_server": {
-							"$ref": "../../../components/proxy-host-object.json#/properties/default_server"
 						}
 					}
 				}
--- a/backend/schema/swagger.json
+++ b/backend/schema/swagger.json
@@ -9,6 +9,15 @@
 			"url": "http://127.0.0.1:81/api"
 		}
 	],
+	"components": {
+		"securitySchemes": {
+			"bearerAuth": {
+				"type": "http",
+				"scheme": "bearer",
+				"bearerFormat": "JWT"
+			}
+		}
+	},
 	"paths": {
 		"/": {
 			"get": {
--- a/backend/templates/_listen.conf
+++ b/backend/templates/_listen.conf
@@ -1,13 +1,13 @@
-listen 80{% if default_server == true %} default_server{% endif %};
+  listen 80;
 {% if ipv6 -%}
-  listen [::]:80{% if default_server == true %} default_server{% endif %};
+  listen [::]:80;
 {% else -%}
  #listen [::]:80;
 {% endif %}
 {% if certificate -%}
-  listen 443 ssl{% if default_server == true %} default_server{% endif %};
+  listen 443 ssl;
 {% if ipv6 -%}
-  listen [::]:443 ssl{% if default_server == true %} default_server{% endif %};
+  listen [::]:443 ssl;
 {% else -%}
  #listen [::]:443;
 {% endif %}
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -492,9 +492,9 @@ boxen@^4.2.0:
    widest-line "^3.1.0"

 brace-expansion@^1.1.7:
-  version "1.1.11"
-  resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.11.tgz#3c7fcbf529d87226f3d2f52b966ff5271eb441dd"
-  integrity sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==
+  version "1.1.12"
+  resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.12.tgz#ab9b454466e5a8cc3a187beaad580412a9c5b843"
+  integrity sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==
  dependencies:
    balanced-match "^1.0.0"
    concat-map "0.0.1"
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -53,11 +53,9 @@ COPY --from=testca /home/step/certs/root_ca.crt /etc/ssl/certs/NginxProxyManager
 # Remove frontend service not required for prod, dev nginx config as well
 RUN rm -rf /etc/s6-overlay/s6-rc.d/user/contents.d/frontend /etc/nginx/conf.d/dev.conf \
 	&& chmod 644 /etc/logrotate.d/nginx-proxy-manager
-COPY docker/start-container /usr/local/bin/start-container
-RUN chmod +x /usr/local/bin/start-container

 VOLUME [ "/data" ]
-ENTRYPOINT [ "start-container" ]
+ENTRYPOINT [ "/init" ]

 LABEL org.label-schema.schema-version="1.0" \
 	org.label-schema.license="MIT" \
--- a/docker/dev/Dockerfile
+++ b/docker/dev/Dockerfile
@@ -36,8 +36,5 @@ RUN rm -f /etc/nginx/conf.d/production.conf \
 COPY --from=pebbleca /test/certs/pebble.minica.pem /etc/ssl/certs/pebble.minica.pem
 COPY --from=testca /home/step/certs/root_ca.crt /etc/ssl/certs/NginxProxyManager.crt

-COPY start-container /usr/local/bin/start-container
-RUN chmod +x /usr/local/bin/start-container
-
 EXPOSE 80 81 443
-ENTRYPOINT [ "start-container" ]
+ENTRYPOINT [ "/init" ]
--- a/docker/dev/letsencrypt.ini
+++ b/docker/dev/letsencrypt.ini
@@ -1,5 +1,7 @@
 text = True
 non-interactive = True
 webroot-path = /data/letsencrypt-acme-challenge
+key-type = ecdsa
+elliptic-curve = secp384r1
 preferred-chain = ISRG Root X1
 server =
--- a/docker/docker-compose.ci.mysql.yml
+++ b/docker/docker-compose.ci.mysql.yml
@@ -18,6 +18,7 @@ services:
      MYSQL_DATABASE: 'npm'
      MYSQL_USER: 'npm'
      MYSQL_PASSWORD: 'npmpass'
+      MARIADB_AUTO_UPGRADE: '1'
    volumes:
      - mysql_vol:/var/lib/mysql
    networks:
--- a/docker/rootfs/etc/letsencrypt.ini
+++ b/docker/rootfs/etc/letsencrypt.ini
@@ -1,4 +1,6 @@
 text = True
 non-interactive = True
 webroot-path = /data/letsencrypt-acme-challenge
+key-type = ecdsa
+elliptic-curve = secp384r1
 preferred-chain = ISRG Root X1
--- a/docker/rootfs/etc/nginx/conf.d/include/ssl-ciphers.conf
+++ b/docker/rootfs/etc/nginx/conf.d/include/ssl-ciphers.conf
@@ -1,6 +1,4 @@
 # intermediate configuration. tweak to your needs.
 ssl_protocols TLSv1.2 TLSv1.3;
-ssl_ciphers "ALL:RC4-SHA:AES128-SHA:AES256-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:AES256-GCM-SHA384:AES128-GCM-SHA256:RSA-AES256-CBC-SHA:RC4-MD5:DES-CBC3-SHA:AES256-SHA:RC4-SHA:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
+ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384';
 ssl_prefer_server_ciphers off;
-ssl_ecdh_curve X25519:prime256v1:secp384r1;
-ssl_dhparam /etc/ssl/certs/dhparam.pem;
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh
@@ -23,6 +23,19 @@ chown -R "$PUID:$PGID" /etc/nginx/nginx
 chown -R "$PUID:$PGID" /etc/nginx/nginx.conf
 chown -R "$PUID:$PGID" /etc/nginx/conf.d

-# Prevents errors when installing python certbot plugins when non-root
-chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin
-find /opt/certbot/lib/python*/site-packages -not -user "$PUID" -execdir chown "$PUID:$PGID" {} \+
+# Certbot directories - optimized approach
+CERT_INIT_FLAG="/opt/certbot/.ownership_initialized"
+
+if [ ! -f "$CERT_INIT_FLAG" ]; then
+    # Prevents errors when installing python certbot plugins when non-root
+    chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin
+
+    # Handle all site-packages directories efficiently
+    find /opt/certbot/lib -type d -name "site-packages" | while read -r SITE_PACKAGES_DIR; do
+        chown -R "$PUID:$PGID" "$SITE_PACKAGES_DIR"
+    done
+
+    # Create a flag file to skip this step on subsequent runs
+    touch "$CERT_INIT_FLAG"
+    chown "$PUID:$PGID" "$CERT_INIT_FLAG"
+fi
--- a/docker/start-container
+++ b/docker/start-container
@@ -1,13 +0,0 @@
-#!/usr/bin/env bash
-
-FILE="/etc/ssl/certs/dhparam.pem"
-
-if [ ! -f "$FILE" ]; then
-    echo "the $FILE does not exist, creating..."
-    openssl dhparam -out "$FILE" 2048
-else
-    echo "the $FILE already exists, skipping..."
-fi
-
-echo "run default script"
-exec /init
--- a/docs/src/advanced-config/index.md
+++ b/docs/src/advanced-config/index.md
@@ -161,6 +161,14 @@ The easy fix is to add a Docker environment variable to the Nginx Proxy Manager
      DISABLE_IPV6: 'true'
 ```

+## Disabling IP Ranges Fetch
+
+By default, NPM fetches IP ranges from CloudFront and Cloudflare during application startup. In environments with limited internet access or to speed up container startup, this fetch can be disabled:
+
+```yml
+    environment:
+      IP_RANGES_FETCH_ENABLED: 'false'
+```

 ## Custom Nginx Configurations

--- a/docs/src/setup/index.md
+++ b/docs/src/setup/index.md
@@ -21,7 +21,7 @@ services:
      # Add any other Stream port you want to expose
      # - '21:21' # FTP

-    environment:
+    #environment:
      # Uncomment this if you want to change the location of
      # the SQLite DB file within the container
      # DB_SQLITE_FILE: "/data/database.sqlite"
--- a/docs/yarn.lock
+++ b/docs/yarn.lock
@@ -1065,9 +1065,9 @@ vfile@^6.0.0:
    vfile-message "^4.0.0"

 vite@^5.4.8:
-  version "5.4.14"
-  resolved "https://registry.yarnpkg.com/vite/-/vite-5.4.14.tgz#ff8255edb02134df180dcfca1916c37a6abe8408"
-  integrity sha512-EK5cY7Q1D8JNhSaPKVK4pwBFvaTmZxEnoKXLG/U9gmdDcihQGNzFlgIvaxezFR4glP1LsuiedwMBqCXH3wZccA==
+  version "5.4.19"
+  resolved "https://registry.yarnpkg.com/vite/-/vite-5.4.19.tgz#20efd060410044b3ed555049418a5e7d1998f959"
+  integrity sha512-qO3aKv3HoQC8QKiNSTuUM1l9o/XX3+c+VTgLHbJWHZGeTPVAg2XwazI9UWzoxjIJCGCV2zU60uqMzjeLZuULqA==
  dependencies:
    esbuild "^0.21.3"
    postcss "^8.4.43"
--- a/frontend/js/app/controller.js
+++ b/frontend/js/app/controller.js
@@ -4,444 +4,438 @@ const Tokens   = require('./tokens');

 module.exports = {

-    /**
-     * @param {String} route
-     * @param {Object} [options]
-     * @returns {Boolean}
-     */
-    navigate: function (route, options) {
-        options = options || {};
-        Backbone.history.navigate(route.toString(), options);
-        return true;
-    },
+	/**
+	 * @param {String} route
+	 * @param {Object} [options]
+	 * @returns {Boolean}
+	 */
+	navigate: function (route, options) {
+		options = options || {};
+		Backbone.history.navigate(route.toString(), options);
+		return true;
+	},

-    /**
-     * Login
-     */
-    showLogin: function () {
-        window.location = '/login';
-    },
+	/**
+	 * Login
+	 */
+	showLogin: function () {
+		window.location = '/login';
+	},

-    /**
-     * Users
-     */
-    showUsers: function () {
-        let controller = this;
-        if (Cache.User.isAdmin()) {
-            require(['./main', './users/main'], (App, View) => {
-                controller.navigate('/users');
-                App.UI.showAppContent(new View());
-            });
-        } else {
-            this.showDashboard();
-        }
-    },
+	/**
+	 * Users
+	 */
+	showUsers: function () {
+		const controller = this;
+		if (Cache.User.isAdmin()) {
+			require(['./main', './users/main'], (App, View) => {
+				controller.navigate('/users');
+				App.UI.showAppContent(new View());
+			});
+		} else {
+			this.showDashboard();
+		}
+	},

-    /**
-     * User Form
-     *
-     * @param [model]
-     */
-    showUserForm: function (model) {
-        if (Cache.User.isAdmin()) {
-            require(['./main', './user/form'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
+	/**
+	 * User Form
+	 *
+	 * @param [model]
+	 */
+	showUserForm: function (model) {
+		if (Cache.User.isAdmin()) {
+			require(['./main', './user/form'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-    /**
-     * User Permissions Form
-     *
-     * @param model
-     */
-    showUserPermissions: function (model) {
-        if (Cache.User.isAdmin()) {
-            require(['./main', './user/permissions'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
+	/**
+	 * User Permissions Form
+	 *
+	 * @param model
+	 */
+	showUserPermissions: function (model) {
+		if (Cache.User.isAdmin()) {
+			require(['./main', './user/permissions'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-    /**
-     * User Password Form
-     *
-     * @param model
-     */
-    showUserPasswordForm: function (model) {
-        if (Cache.User.isAdmin() || model.get('id') === Cache.User.get('id')) {
-            require(['./main', './user/password'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
+	/**
+	 * User Password Form
+	 *
+	 * @param model
+	 */
+	showUserPasswordForm: function (model) {
+		if (Cache.User.isAdmin() || model.get('id') === Cache.User.get('id')) {
+			require(['./main', './user/password'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-    /**
-     * User Delete Confirm
-     *
-     * @param model
-     */
-    showUserDeleteConfirm: function (model) {
-        if (Cache.User.isAdmin() && model.get('id') !== Cache.User.get('id')) {
-            require(['./main', './user/delete'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
+	/**
+	 * User Delete Confirm
+	 *
+	 * @param model
+	 */
+	showUserDeleteConfirm: function (model) {
+		if (Cache.User.isAdmin() && model.get('id') !== Cache.User.get('id')) {
+			require(['./main', './user/delete'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-    /**
-     * Dashboard
-     */
-    showDashboard: function () {
-        let controller = this;
+	/**
+	 * Dashboard
+	 */
+	showDashboard: function () {
+		const controller = this;
+		require(['./main', './dashboard/main'], (App, View) => {
+			controller.navigate('/');
+			App.UI.showAppContent(new View());
+		});
+	},

-        require(['./main', './dashboard/main'], (App, View) => {
-            controller.navigate('/');
-            App.UI.showAppContent(new View());
-        });
-    },
+	/**
+	 * Nginx Proxy Hosts
+	 */
+	showNginxProxy: function () {
+		if (Cache.User.isAdmin() || Cache.User.canView('proxy_hosts')) {
+			const controller = this;

-    /**
-     * Nginx Proxy Hosts
-     */
-    showNginxProxy: function () {
-        if (Cache.User.isAdmin() || Cache.User.canView('proxy_hosts')) {
-            let controller = this;
+			require(['./main', './nginx/proxy/main'], (App, View) => {
+				controller.navigate('/nginx/proxy');
+				App.UI.showAppContent(new View());
+			});
+		}
+	},

-            require(['./main', './nginx/proxy/main'], (App, View) => {
-                controller.navigate('/nginx/proxy');
-                App.UI.showAppContent(new View());
-            });
-        }
-    },
+	/**
+	 * Nginx Proxy Host Form
+	 *
+	 * @param [model]
+	 */
+	showNginxProxyForm: function (model) {
+		if (Cache.User.isAdmin() || Cache.User.canManage('proxy_hosts')) {
+			require(['./main', './nginx/proxy/form'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-    /**
-     * Nginx Proxy Host Form
-     *
-     * @param [model]
-     */
-    showNginxProxyForm: function (model) {
-        if (Cache.User.isAdmin() || Cache.User.canManage('proxy_hosts')) {
-            require(['./main', './nginx/proxy/form'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
+	/**
+	 * Proxy Host Delete Confirm
+	 *
+	 * @param model
+	 */
+	showNginxProxyDeleteConfirm: function (model) {
+		if (Cache.User.isAdmin() || Cache.User.canManage('proxy_hosts')) {
+			require(['./main', './nginx/proxy/delete'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-    /**
-     * Proxy Host Delete Confirm
-     *
-     * @param model
-     */
-    showNginxProxyDeleteConfirm: function (model) {
-        if (Cache.User.isAdmin() || Cache.User.canManage('proxy_hosts')) {
-            require(['./main', './nginx/proxy/delete'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
+	/**
+	 * Nginx Redirection Hosts
+	 */
+	showNginxRedirection: function () {
+		if (Cache.User.isAdmin() || Cache.User.canView('redirection_hosts')) {
+			const controller = this;
+			require(['./main', './nginx/redirection/main'], (App, View) => {
+				controller.navigate('/nginx/redirection');
+				App.UI.showAppContent(new View());
+			});
+		}
+	},

-    /**
-     * Nginx Redirection Hosts
-     */
-    showNginxRedirection: function () {
-        if (Cache.User.isAdmin() || Cache.User.canView('redirection_hosts')) {
-            let controller = this;
+	/**
+	 * Nginx Redirection Host Form
+	 *
+	 * @param [model]
+	 */
+	showNginxRedirectionForm: function (model) {
+		if (Cache.User.isAdmin() || Cache.User.canManage('redirection_hosts')) {
+			require(['./main', './nginx/redirection/form'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-            require(['./main', './nginx/redirection/main'], (App, View) => {
-                controller.navigate('/nginx/redirection');
-                App.UI.showAppContent(new View());
-            });
-        }
-    },
+	/**
+	 * Proxy Redirection Delete Confirm
+	 *
+	 * @param model
+	 */
+	showNginxRedirectionDeleteConfirm: function (model) {
+		if (Cache.User.isAdmin() || Cache.User.canManage('redirection_hosts')) {
+			require(['./main', './nginx/redirection/delete'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-    /**
-     * Nginx Redirection Host Form
-     *
-     * @param [model]
-     */
-    showNginxRedirectionForm: function (model) {
-        if (Cache.User.isAdmin() || Cache.User.canManage('redirection_hosts')) {
-            require(['./main', './nginx/redirection/form'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
+	/**
+	 * Nginx Stream Hosts
+	 */
+	showNginxStream: function () {
+		if (Cache.User.isAdmin() || Cache.User.canView('streams')) {
+			const controller = this;
+			require(['./main', './nginx/stream/main'], (App, View) => {
+				controller.navigate('/nginx/stream');
+				App.UI.showAppContent(new View());
+			});
+		}
+	},

-    /**
-     * Proxy Redirection Delete Confirm
-     *
-     * @param model
-     */
-    showNginxRedirectionDeleteConfirm: function (model) {
-        if (Cache.User.isAdmin() || Cache.User.canManage('redirection_hosts')) {
-            require(['./main', './nginx/redirection/delete'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
+	/**
+	 * Stream Form
+	 *
+	 * @param [model]
+	 */
+	showNginxStreamForm: function (model) {
+		if (Cache.User.isAdmin() || Cache.User.canManage('streams')) {
+			require(['./main', './nginx/stream/form'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-    /**
-     * Nginx Stream Hosts
-     */
-    showNginxStream: function () {
-        if (Cache.User.isAdmin() || Cache.User.canView('streams')) {
-            let controller = this;
+	/**
+	 * Stream Delete Confirm
+	 *
+	 * @param model
+	 */
+	showNginxStreamDeleteConfirm: function (model) {
+		if (Cache.User.isAdmin() || Cache.User.canManage('streams')) {
+			require(['./main', './nginx/stream/delete'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-            require(['./main', './nginx/stream/main'], (App, View) => {
-                controller.navigate('/nginx/stream');
-                App.UI.showAppContent(new View());
-            });
-        }
-    },
+	/**
+	 * Nginx Dead Hosts
+	 */
+	showNginxDead: function () {
+		if (Cache.User.isAdmin() || Cache.User.canView('dead_hosts')) {
+			const controller = this;
+			require(['./main', './nginx/dead/main'], (App, View) => {
+				controller.navigate('/nginx/404');
+				App.UI.showAppContent(new View());
+			});
+		}
+	},

-    /**
-     * Stream Form
-     *
-     * @param [model]
-     */
-    showNginxStreamForm: function (model) {
-        if (Cache.User.isAdmin() || Cache.User.canManage('streams')) {
-            require(['./main', './nginx/stream/form'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
+	/**
+	 * Dead Host Form
+	 *
+	 * @param [model]
+	 */
+	showNginxDeadForm: function (model) {
+		if (Cache.User.isAdmin() || Cache.User.canManage('dead_hosts')) {
+			require(['./main', './nginx/dead/form'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-    /**
-     * Stream Delete Confirm
-     *
-     * @param model
-     */
-    showNginxStreamDeleteConfirm: function (model) {
-        if (Cache.User.isAdmin() || Cache.User.canManage('streams')) {
-            require(['./main', './nginx/stream/delete'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
+	/**
+	 * Dead Host Delete Confirm
+	 *
+	 * @param model
+	 */
+	showNginxDeadDeleteConfirm: function (model) {
+		if (Cache.User.isAdmin() || Cache.User.canManage('dead_hosts')) {
+			require(['./main', './nginx/dead/delete'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-    /**
-     * Nginx Dead Hosts
-     */
-    showNginxDead: function () {
-        if (Cache.User.isAdmin() || Cache.User.canView('dead_hosts')) {
-            let controller = this;
+	/**
+	 * Help Dialog
+	 *
+	 * @param {String}  title
+	 * @param {String}  content
+	 */
+	showHelp: function (title, content) {
+		require(['./main', './help/main'], function (App, View) {
+			App.UI.showModalDialog(new View({title: title, content: content}));
+		});
+	},

-            require(['./main', './nginx/dead/main'], (App, View) => {
-                controller.navigate('/nginx/404');
-                App.UI.showAppContent(new View());
-            });
-        }
-    },
+	/**
+	 * Nginx Access
+	 */
+	showNginxAccess: function () {
+		if (Cache.User.isAdmin() || Cache.User.canView('access_lists')) {
+			const controller = this;
+			require(['./main', './nginx/access/main'], (App, View) => {
+				controller.navigate('/nginx/access');
+				App.UI.showAppContent(new View());
+			});
+		}
+	},

-    /**
-     * Dead Host Form
-     *
-     * @param [model]
-     */
-    showNginxDeadForm: function (model) {
-        if (Cache.User.isAdmin() || Cache.User.canManage('dead_hosts')) {
-            require(['./main', './nginx/dead/form'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
+	/**
+	 * Nginx Access List Form
+	 *
+	 * @param [model]
+	 */
+	showNginxAccessListForm: function (model) {
+		if (Cache.User.isAdmin() || Cache.User.canManage('access_lists')) {
+			require(['./main', './nginx/access/form'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-    /**
-     * Dead Host Delete Confirm
-     *
-     * @param model
-     */
-    showNginxDeadDeleteConfirm: function (model) {
-        if (Cache.User.isAdmin() || Cache.User.canManage('dead_hosts')) {
-            require(['./main', './nginx/dead/delete'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
+	/**
+	 * Access List Delete Confirm
+	 *
+	 * @param model
+	 */
+	showNginxAccessListDeleteConfirm: function (model) {
+		if (Cache.User.isAdmin() || Cache.User.canManage('access_lists')) {
+			require(['./main', './nginx/access/delete'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-    /**
-     * Help Dialog
-     *
-     * @param {String}  title
-     * @param {String}  content
-     */
-    showHelp: function (title, content) {
-        require(['./main', './help/main'], function (App, View) {
-            App.UI.showModalDialog(new View({title: title, content: content}));
-        });
-    },
+	/**
+	 * Nginx Certificates
+	 */
+	showNginxCertificates: function () {
+		if (Cache.User.isAdmin() || Cache.User.canView('certificates')) {
+			const controller = this;
+			require(['./main', './nginx/certificates/main'], (App, View) => {
+				controller.navigate('/nginx/certificates');
+				App.UI.showAppContent(new View());
+			});
+		}
+	},

-    /**
-     * Nginx Access
-     */
-    showNginxAccess: function () {
-        if (Cache.User.isAdmin() || Cache.User.canView('access_lists')) {
-            let controller = this;
+	/**
+	 * Nginx Certificate Form
+	 *
+	 * @param [model]
+	 */
+	showNginxCertificateForm: function (model) {
+		if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) {
+			require(['./main', './nginx/certificates/form'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-            require(['./main', './nginx/access/main'], (App, View) => {
-                controller.navigate('/nginx/access');
-                App.UI.showAppContent(new View());
-            });
-        }
-    },
+	/**
+	 * Certificate Renew
+	 *
+	 * @param model
+	 */
+	showNginxCertificateRenew: function (model) {
+		if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) {
+			require(['./main', './nginx/certificates/renew'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-    /**
-     * Nginx Access List Form
-     *
-     * @param [model]
-     */
-    showNginxAccessListForm: function (model) {
-        if (Cache.User.isAdmin() || Cache.User.canManage('access_lists')) {
-            require(['./main', './nginx/access/form'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
+	/**
+	 * Certificate Delete Confirm
+	 *
+	 * @param model
+	 */
+	showNginxCertificateDeleteConfirm: function (model) {
+		if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) {
+			require(['./main', './nginx/certificates/delete'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-    /**
-     * Access List Delete Confirm
-     *
-     * @param model
-     */
-    showNginxAccessListDeleteConfirm: function (model) {
-        if (Cache.User.isAdmin() || Cache.User.canManage('access_lists')) {
-            require(['./main', './nginx/access/delete'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
+	/**
+	 * Certificate Test Reachability
+	 *
+	 * @param model
+	 */
+	showNginxCertificateTestReachability: function (model) {
+	  if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) {
+		require(['./main', './nginx/certificates/test'], function (App, View) {
+		  App.UI.showModalDialog(new View({model: model}));
+		});
+	  }
+	},

-    /**
-     * Nginx Certificates
-     */
-    showNginxCertificates: function () {
-        if (Cache.User.isAdmin() || Cache.User.canView('certificates')) {
-            let controller = this;
+	/**
+	 * Audit Log
+	 */
+	showAuditLog: function () {
+		const controller = this;
+		if (Cache.User.isAdmin()) {
+			require(['./main', './audit-log/main'], (App, View) => {
+				controller.navigate('/audit-log');
+				App.UI.showAppContent(new View());
+			});
+		} else {
+			this.showDashboard();
+		}
+	},

-            require(['./main', './nginx/certificates/main'], (App, View) => {
-                controller.navigate('/nginx/certificates');
-                App.UI.showAppContent(new View());
-            });
-        }
-    },
+	/**
+	 * Audit Log Metadata
+	 *
+	 * @param model
+	 */
+	showAuditMeta: function (model) {
+		if (Cache.User.isAdmin()) {
+			require(['./main', './audit-log/meta'], function (App, View) {
+				App.UI.showModalDialog(new View({model: model}));
+			});
+		}
+	},

-    /**
-     * Nginx Certificate Form
-     *
-     * @param [model]
-     */
-    showNginxCertificateForm: function (model) {
-        if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) {
-            require(['./main', './nginx/certificates/form'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
+	/**
+	 * Settings
+	 */
+	showSettings: function () {
+		const controller = this;
+		if (Cache.User.isAdmin()) {
+			require(['./main', './settings/main'], (App, View) => {
+				controller.navigate('/settings');
+				App.UI.showAppContent(new View());
+			});
+		} else {
+			this.showDashboard();
+		}
+	},

-    /**
-     * Certificate Renew
-     *
-     * @param model
-     */
-    showNginxCertificateRenew: function (model) {
-        if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) {
-            require(['./main', './nginx/certificates/renew'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
+	/**
+	 * Settings Item Form
+	 *
+	 * @param model
+	 */
+	showSettingForm: function (model) {
+		if (Cache.User.isAdmin()) {
+			if (model.get('id') === 'default-site') {
+				require(['./main', './settings/default-site/main'], function (App, View) {
+					App.UI.showModalDialog(new View({model: model}));
+				});
+			}
+		}
+	},

-    /**
-     * Certificate Delete Confirm
-     *
-     * @param model
-     */
-    showNginxCertificateDeleteConfirm: function (model) {
-        if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) {
-            require(['./main', './nginx/certificates/delete'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
-
-    /**
-     * Certificate Test Reachability
-     *
-     * @param model
-     */
-    showNginxCertificateTestReachability: function (model) {
-      if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) {
-        require(['./main', './nginx/certificates/test'], function (App, View) {
-          App.UI.showModalDialog(new View({model: model}));
-        });
-      }
-    },
-
-    /**
-     * Audit Log
-     */
-    showAuditLog: function () {
-        let controller = this;
-        if (Cache.User.isAdmin()) {
-            require(['./main', './audit-log/main'], (App, View) => {
-                controller.navigate('/audit-log');
-                App.UI.showAppContent(new View());
-            });
-        } else {
-            this.showDashboard();
-        }
-    },
-
-    /**
-     * Audit Log Metadata
-     *
-     * @param model
-     */
-    showAuditMeta: function (model) {
-        if (Cache.User.isAdmin()) {
-            require(['./main', './audit-log/meta'], function (App, View) {
-                App.UI.showModalDialog(new View({model: model}));
-            });
-        }
-    },
-
-    /**
-     * Settings
-     */
-    showSettings: function () {
-        let controller = this;
-        if (Cache.User.isAdmin()) {
-            require(['./main', './settings/main'], (App, View) => {
-                controller.navigate('/settings');
-                App.UI.showAppContent(new View());
-            });
-        } else {
-            this.showDashboard();
-        }
-    },
-
-    /**
-     * Settings Item Form
-     *
-     * @param model
-     */
-    showSettingForm: function (model) {
-        if (Cache.User.isAdmin()) {
-            if (model.get('id') === 'default-site') {
-                require(['./main', './settings/default-site/main'], function (App, View) {
-                    App.UI.showModalDialog(new View({model: model}));
-                });
-            }
-        }
-    },
-
-    /**
-     * Logout
-     */
-    logout: function () {
-        Tokens.dropTopToken();
-        this.showLogin();
-    }
+	/**
+	 * Logout
+	 */
+	logout: function () {
+		Tokens.dropTopToken();
+		this.showLogin();
+	}
 };
--- a/frontend/js/app/dashboard/main.js
+++ b/frontend/js/app/dashboard/main.js
@@ -6,85 +6,85 @@ const Helpers    = require('../../lib/helpers');
 const template   = require('./main.ejs');

 module.exports = Mn.View.extend({
-    template: template,
-    id:       'dashboard',
-    columns:  0,
+	template: template,
+	id:       'dashboard',
+	columns:  0,

-    stats: {},
+	stats: {},

-    ui: {
-        links: 'a'
-    },
+	ui: {
+		links: 'a'
+	},

-    events: {
-        'click @ui.links': function (e) {
-            e.preventDefault();
-            Controller.navigate($(e.currentTarget).attr('href'), true);
-        }
-    },
+	events: {
+		'click @ui.links': function (e) {
+			e.preventDefault();
+			Controller.navigate($(e.currentTarget).attr('href'), true);
+		}
+	},

-    templateContext: function () {
-        let view = this;
+	templateContext: function () {
+		const view = this;

-        return {
-            getUserName: function () {
-                return Cache.User.get('nickname') || Cache.User.get('name');
-            },
+		return {
+			getUserName: function () {
+				return Cache.User.get('nickname') || Cache.User.get('name');
+			},

-            getHostStat: function (type) {
-                if (view.stats && typeof view.stats.hosts !== 'undefined' && typeof view.stats.hosts[type] !== 'undefined') {
-                    return Helpers.niceNumber(view.stats.hosts[type]);
-                }
+			getHostStat: function (type) {
+				if (view.stats && typeof view.stats.hosts !== 'undefined' && typeof view.stats.hosts[type] !== 'undefined') {
+					return Helpers.niceNumber(view.stats.hosts[type]);
+				}

-                return '-';
-            },
+				return '-';
+			},

-            canShow: function (perm) {
-                return Cache.User.isAdmin() || Cache.User.canView(perm);
-            },
+			canShow: function (perm) {
+				return Cache.User.isAdmin() || Cache.User.canView(perm);
+			},

-            columns: view.columns
-        };
-    },
+			columns: view.columns
+		};
+	},

-    onRender: function () {
-        let view = this;
+	onRender: function () {
+		const view = this;
+		if (typeof view.stats.hosts === 'undefined') {
+			Api.Reports.getHostStats()
+				.then(response => {
+					if (!view.isDestroyed()) {
+						view.stats.hosts = response;
+						view.render();
+					}
+				})
+				.catch(err => {
+					console.log(err);
+				});
+		}
+	},

-        Api.Reports.getHostStats()
-                .then(response => {
-                    if (!view.isDestroyed()) {
-                        view.stats.hosts = response;
-                        view.render();
-                    }
-                })
-                .catch(err => {
-                    console.log(err);
-                });
-    },
+	/**
+	 * @param {Object}  [model]
+	 */
+	preRender: function (model) {
+		this.columns = 0;

-    /**
-     * @param {Object}  [model]
-     */
-    preRender: function (model) {
-        this.columns = 0;
+		// calculate the available columns based on permissions for the objects
+		// and store as a variable
+		const perms = ['proxy_hosts', 'redirection_hosts', 'streams', 'dead_hosts'];

-        // calculate the available columns based on permissions for the objects
-        // and store as a variable
-        //let view = this;
-        let perms = ['proxy_hosts', 'redirection_hosts', 'streams', 'dead_hosts'];
+		perms.map(perm => {
+			this.columns += Cache.User.isAdmin() || Cache.User.canView(perm) ? 1 : 0;
+		});

-        perms.map(perm => {
-            this.columns += Cache.User.isAdmin() || Cache.User.canView(perm) ? 1 : 0;
-        });
+		// Prevent double rendering on initial calls
+		if (typeof model !== 'undefined') {
+			this.render();
+		}
+	},

-        // Prevent double rendering on initial calls
-        if (typeof model !== 'undefined') {
-            this.render();
-        }
-    },
-
-    initialize: function () {
-        this.preRender();
-        this.listenTo(Cache.User, 'change', this.preRender);
-    }
+	initialize: function () {
+		this.preRender();
+		this.listenTo(Cache.User, 'change', this.preRender);
+	}
 });
--- a/frontend/js/app/nginx/proxy/form.ejs
+++ b/frontend/js/app/nginx/proxy/form.ejs
@@ -72,7 +72,7 @@
                                </label>
                            </div>
                        </div>
-                        <div class="col-sm-6 col-md-6">
+                        <div class="col-sm-12 col-md-12">
                            <div class="form-group">
                                <label class="custom-switch">
                                    <input type="checkbox" class="custom-switch-input" name="allow_websocket_upgrade" value="1"<%- allow_websocket_upgrade ? ' checked' : '' %>>
@@ -81,15 +81,6 @@
                                </label>
                            </div>
                        </div>
-                        <div class="col-sm-6 col-md-6">
-                            <div class="form-group">
-                                <label class="custom-switch">
-                                    <input type="checkbox" class="custom-switch-input" name="default_server" value="1"<%- default_server ? ' checked' : '' %>>
-                                    <span class="custom-switch-indicator"></span>
-                                    <span class="custom-switch-description"><%- i18n('proxy-hosts', 'default-server') %></span>
-                                </label>
-                            </div>
-                        </div>

                        <div class="col-sm-12 col-md-12">
                            <div class="form-group">
@@ -114,15 +105,6 @@
                                </select>
                            </div>
                        </div>
-                        <div class="col-sm-12 col-md-12 letsencrypt">
-                            <div class="form-group">
-                                <label class="form-label"><%- i18n('all-hosts', 'ssl-key-type') %></label>
-                                <select name="ssl_key_type" class="form-control custom-select">
-                                    <option value="ecdsa" data-data="{&quot;id&quot;:&quot;ecdsa&quot;}" <%- ssl_key_type == 'ecdsa' ? 'selected' : '' %>>ECDSA</option>
-                                    <option value="rsa" data-data="{&quot;id&quot;:&quot;rsa&quot;}" <%- ssl_key_type == 'rsa' ? 'selected' : '' %>>RSA</option>
-                                </select>
-                            </div>
-                        </div>
                        <div class="col-sm-6 col-md-6">
                            <div class="form-group">
                                <label class="custom-switch">
--- a/frontend/js/app/nginx/proxy/form.js
+++ b/frontend/js/app/nginx/proxy/form.js
@@ -167,7 +167,6 @@ module.exports = Mn.View.extend({
            data.hsts_enabled            = !!data.hsts_enabled;
            data.hsts_subdomains         = !!data.hsts_subdomains;
            data.ssl_forced              = !!data.ssl_forced;
-            data.default_server          = !!data.default_server;
            
            if (typeof data.meta === 'undefined') data.meta = {};
            data.meta.letsencrypt_agree = data.meta.letsencrypt_agree == 1;
--- a/frontend/js/i18n/messages.json
+++ b/frontend/js/i18n/messages.json
@@ -60,7 +60,7 @@
    },
    "footer": {
      "fork-me": "Fork me on Github",
-      "copy": "&copy; 2024 <a href=\"{url}\" target=\"_blank\">jc21.com</a>.",
+      "copy": "&copy; 2025 <a href=\"{url}\" target=\"_blank\">jc21.com</a>.",
      "theme": "Theme by <a href=\"{url}\" target=\"_blank\">Tabler</a>"
    },
    "dashboard": {
@@ -77,7 +77,6 @@
      "block-exploits": "Block Common Exploits",
      "caching-enabled": "Cache Assets",
      "ssl-certificate": "SSL Certificate",
-      "ssl-key-type": "SSL Key Type",
      "none": "None",
      "new-cert": "Request a new SSL Certificate",
      "with-le": "with Let's Encrypt",
@@ -132,7 +131,6 @@
      "help-content": "A Proxy Host is the incoming endpoint for a web service that you want to forward.\nIt provides optional SSL termination for your service that might not have SSL support built in.\nProxy Hosts are the most common use for the Nginx Proxy Manager.",
      "access-list": "Access List",
      "allow-websocket-upgrade": "Websockets Support",
-      "default-server": "Default Server",
      "ignore-invalid-upstream-ssl": "Ignore Invalid SSL",
      "custom-forward-host-help": "Add a path for sub-folder forwarding.\nExample: 203.0.113.25/path/",
      "search": "Search Host…"
--- a/frontend/js/models/dead-host.js
+++ b/frontend/js/models/dead-host.js
@@ -10,8 +10,6 @@ const model = Backbone.Model.extend({
            modified_on:     null,
            domain_names:    [],
            certificate_id:  0,
-            ssl_key_type:    'ecdsa',
-            default_server:  false,
            ssl_forced:      false,
            http2_support:   false,
            hsts_enabled:    false,
--- a/frontend/js/models/proxy-host.js
+++ b/frontend/js/models/proxy-host.js
@@ -14,8 +14,6 @@ const model = Backbone.Model.extend({
            forward_port:            null,
            access_list_id:          0,
            certificate_id:          0,
-            ssl_key_type:            'ecdsa',
-            default_server:          false,
            ssl_forced:              false,
            hsts_enabled:            false,
            hsts_subdomains:         false,
--- a/frontend/js/models/redirection-host.js
+++ b/frontend/js/models/redirection-host.js
@@ -14,8 +14,6 @@ const model = Backbone.Model.extend({
            forward_domain_name: '',
            preserve_path:       true,
            certificate_id:      0,
-            ssl_key_type:        'ecdsa',
-            default_server:      false,
            ssl_forced:          false,
            hsts_enabled:        false,
            hsts_subdomains:     false,
--- a/frontend/scss/tabler-extra.scss
+++ b/frontend/scss/tabler-extra.scss
@@ -167,4 +167,5 @@ $pink: #f66d9b;

 textarea.form-control.text-monospace {
    font-size: 12px;
+    font-family: monospace;
 }
--- a/frontend/yarn.lock
+++ b/frontend/yarn.lock
@@ -907,6 +907,13 @@ atob@^2.1.2:
  resolved "https://registry.yarnpkg.com/atob/-/atob-2.1.2.tgz#6d9517eb9e030d2436666651e86bd9f6f13533c9"
  integrity sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg==

+available-typed-arrays@^1.0.7:
+  version "1.0.7"
+  resolved "https://registry.yarnpkg.com/available-typed-arrays/-/available-typed-arrays-1.0.7.tgz#a5cc375d6a03c2efc87a553f3e0b1522def14846"
+  integrity sha512-wvUjBtSGN7+7SjNpq/9M2Tg350UZD3q62IFZLbRAR1bSMlCo1ZaeW+BJ+D090e4hIIZLBcTDWe4Mh4jvUDajzQ==
+  dependencies:
+    possible-typed-array-names "^1.0.0"
+
 babel-code-frame@^6.26.0:
  version "6.26.0"
  resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.26.0.tgz#63fd43f7dc1e3bb7ce35947db8fe369a3f58c74b"
@@ -1790,6 +1797,32 @@ cacheable-request@^6.0.0:
    normalize-url "^4.1.0"
    responselike "^1.0.2"

+call-bind-apply-helpers@^1.0.0, call-bind-apply-helpers@^1.0.1, call-bind-apply-helpers@^1.0.2:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz#4b5428c222be985d79c3d82657479dbe0b59b2d6"
+  integrity sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==
+  dependencies:
+    es-errors "^1.3.0"
+    function-bind "^1.1.2"
+
+call-bind@^1.0.8:
+  version "1.0.8"
+  resolved "https://registry.yarnpkg.com/call-bind/-/call-bind-1.0.8.tgz#0736a9660f537e3388826f440d5ec45f744eaa4c"
+  integrity sha512-oKlSFMcMwpUg2ednkhQ454wfWiU/ul3CkJe/PEHcTKuiX6RpbehUiFMXu13HalGZxfUwCQzZG747YXBn1im9ww==
+  dependencies:
+    call-bind-apply-helpers "^1.0.0"
+    es-define-property "^1.0.0"
+    get-intrinsic "^1.2.4"
+    set-function-length "^1.2.2"
+
+call-bound@^1.0.3, call-bound@^1.0.4:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/call-bound/-/call-bound-1.0.4.tgz#238de935d2a2a692928c538c7ccfa91067fd062a"
+  integrity sha512-+ys997U96po4Kx/ABpBCqhA9EuxJaQWDQg7295H4hBphv3IZg0boBKuwYpt4YXp6MZ5AmZQnU/tyMTlRpaSejg==
+  dependencies:
+    call-bind-apply-helpers "^1.0.2"
+    get-intrinsic "^1.3.0"
+
 callsites@^3.0.0:
  version "3.1.0"
  resolved "https://registry.yarnpkg.com/callsites/-/callsites-3.1.0.tgz#b3630abd8943432f54b3f0519238e33cd7df2f73"
@@ -2232,7 +2265,7 @@ create-ecdh@^4.0.0:
    bn.js "^4.1.0"
    elliptic "^6.5.3"

-create-hash@^1.1.0, create-hash@^1.1.2, create-hash@^1.2.0:
+create-hash@^1.1.0, create-hash@^1.2.0:
  version "1.2.0"
  resolved "https://registry.yarnpkg.com/create-hash/-/create-hash-1.2.0.tgz#889078af11a63756bcfb59bd221996be3a9ef196"
  integrity sha512-z00bCGNHDG8mHAkP7CtT1qVu+bFQUPjYq/4Iv3C3kWjTFV10zIjfSoeqXo9Asws8gwSHDGj/hl2u4OGIjapeCg==
@@ -2243,7 +2276,17 @@ create-hash@^1.1.0, create-hash@^1.1.2, create-hash@^1.2.0:
    ripemd160 "^2.0.1"
    sha.js "^2.4.0"

-create-hmac@^1.1.0, create-hmac@^1.1.4, create-hmac@^1.1.7:
+create-hash@~1.1.3:
+  version "1.1.3"
+  resolved "https://registry.yarnpkg.com/create-hash/-/create-hash-1.1.3.tgz#606042ac8b9262750f483caddab0f5819172d8fd"
+  integrity sha512-snRpch/kwQhcdlnZKYanNF1m0RDlrCdSKQaH87w1FCFPVPNCQ/Il9QJKAX2jVBZddRdaHBMC+zXa9Gw9tmkNUA==
+  dependencies:
+    cipher-base "^1.0.1"
+    inherits "^2.0.1"
+    ripemd160 "^2.0.0"
+    sha.js "^2.4.0"
+
+create-hmac@^1.1.0, create-hmac@^1.1.7:
  version "1.1.7"
  resolved "https://registry.yarnpkg.com/create-hmac/-/create-hmac-1.1.7.tgz#69170c78b3ab957147b2b8b04572e47ead2243ff"
  integrity sha512-MJG9liiZ+ogc4TzUwuvbER1JRdgvUFSB5+VR/g5h82fGaIRWMWddtKBHi7/sVhfjQZ6SehlyhvQYrcYkaUIpLg==
@@ -2414,6 +2457,15 @@ defer-to-connect@^1.0.1:
  resolved "https://registry.yarnpkg.com/defer-to-connect/-/defer-to-connect-1.1.3.tgz#331ae050c08dcf789f8c83a7b81f0ed94f4ac591"
  integrity sha512-0ISdNousHvZT2EiFlZeZAHBUvSxmKswVCEf8hW7KWgG4a8MVEu/3Vb6uWYozkjylyCxe0JBIiRB1jV45S70WVQ==

+define-data-property@^1.1.4:
+  version "1.1.4"
+  resolved "https://registry.yarnpkg.com/define-data-property/-/define-data-property-1.1.4.tgz#894dc141bb7d3060ae4366f6a0107e68fbe48c5e"
+  integrity sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==
+  dependencies:
+    es-define-property "^1.0.0"
+    es-errors "^1.3.0"
+    gopd "^1.0.1"
+
 define-properties@^1.1.2, define-properties@^1.1.3:
  version "1.1.3"
  resolved "https://registry.yarnpkg.com/define-properties/-/define-properties-1.1.3.tgz#cf88da6cbee26fe6db7094f61d870cbd84cee9f1"
@@ -2579,6 +2631,15 @@ dot-prop@^5.2.0:
  dependencies:
    is-obj "^2.0.0"

+dunder-proto@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/dunder-proto/-/dunder-proto-1.0.1.tgz#d7ae667e1dc83482f8b70fd0f6eefc50da30f58a"
+  integrity sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==
+  dependencies:
+    call-bind-apply-helpers "^1.0.1"
+    es-errors "^1.3.0"
+    gopd "^1.2.0"
+
 duplexer3@^0.1.4:
  version "0.1.4"
  resolved "https://registry.yarnpkg.com/duplexer3/-/duplexer3-0.1.4.tgz#ee01dd1cac0ed3cbc7fdbea37dc0a8f1ce002ce2"
@@ -2648,9 +2709,9 @@ electron-to-chromium@^1.3.47:
  integrity sha512-67V62Z4CFOiAtox+o+tosGfVk0QX4DJgH609tjT8QymbJZVAI/jWnAthnr8c5hnRNziIRwkc9EMQYejiVz3/9Q==

 elliptic@^6.5.3, elliptic@^6.5.4:
-  version "6.6.0"
-  resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.6.0.tgz#5919ec723286c1edf28685aa89261d4761afa210"
-  integrity sha512-dpwoQcLc/2WLQvJvLRHKZ+f9FgOdjnq11rurqwekGQygGPsYSK29OMMD2WalatiqQ+XGFDglTNixpPfI+lpaAA==
+  version "6.6.1"
+  resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.6.1.tgz#3b8ffb02670bf69e382c7f65bf524c97c5405c06"
+  integrity sha512-RaddvvMatK2LJHqFJ+YA4WysVN5Ita9E35botqIYspQ4TkRAlCicdzKOjlyv/1Za5RyTNn7di//eEV0uTAfe3g==
  dependencies:
    bn.js "^4.11.9"
    brorand "^1.1.0"
@@ -2762,6 +2823,23 @@ es-abstract@^1.17.0-next.1, es-abstract@^1.17.5:
    string.prototype.trimend "^1.0.1"
    string.prototype.trimstart "^1.0.1"

+es-define-property@^1.0.0, es-define-property@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/es-define-property/-/es-define-property-1.0.1.tgz#983eb2f9a6724e9303f61addf011c72e09e0b0fa"
+  integrity sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==
+
+es-errors@^1.3.0:
+  version "1.3.0"
+  resolved "https://registry.yarnpkg.com/es-errors/-/es-errors-1.3.0.tgz#05f75a25dab98e4fb1dcd5e1472c0546d5057c8f"
+  integrity sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==
+
+es-object-atoms@^1.0.0, es-object-atoms@^1.1.1:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/es-object-atoms/-/es-object-atoms-1.1.1.tgz#1c4f2c4837327597ce69d2ca190a7fdd172338c1"
+  integrity sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==
+  dependencies:
+    es-errors "^1.3.0"
+
 es-to-primitive@^1.2.1:
  version "1.2.1"
  resolved "https://registry.yarnpkg.com/es-to-primitive/-/es-to-primitive-1.2.1.tgz#e55cd4c9cdc188bcefb03b366c736323fc5c898a"
@@ -3131,6 +3209,13 @@ flush-write-stream@^1.0.0:
    inherits "^2.0.3"
    readable-stream "^2.3.6"

+for-each@^0.3.5:
+  version "0.3.5"
+  resolved "https://registry.yarnpkg.com/for-each/-/for-each-0.3.5.tgz#d650688027826920feeb0af747ee7b9421a41d47"
+  integrity sha512-dKx12eRCVIzqCxFGplyFKJMPvLEWgmNtUrpTiJIR5u97zEhRG8ySrtboPHZXx7daLxQVrl643cTzbab2tkQjxg==
+  dependencies:
+    is-callable "^1.2.7"
+
 for-in@^1.0.2:
  version "1.0.2"
  resolved "https://registry.yarnpkg.com/for-in/-/for-in-1.0.2.tgz#81068d295a8142ec0ac726c6e2200c30fb6d5e80"
@@ -3191,6 +3276,11 @@ function-bind@^1.1.1:
  resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.1.tgz#a56899d3ea3c9bab874bb9773b7c5ede92f4895d"
  integrity sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==

+function-bind@^1.1.2:
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.2.tgz#2c02d864d97f3ea6c8830c464cbd11ab6eab7a1c"
+  integrity sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==
+
 functional-red-black-tree@^1.0.1:
  version "1.0.1"
  resolved "https://registry.yarnpkg.com/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz#1b0ab3bd553b2a0d6399d29c0e3ea0b252078327"
@@ -3227,6 +3317,30 @@ get-caller-file@^2.0.1, get-caller-file@^2.0.5:
  resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e"
  integrity sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==

+get-intrinsic@^1.2.4, get-intrinsic@^1.3.0:
+  version "1.3.0"
+  resolved "https://registry.yarnpkg.com/get-intrinsic/-/get-intrinsic-1.3.0.tgz#743f0e3b6964a93a5491ed1bffaae054d7f98d01"
+  integrity sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==
+  dependencies:
+    call-bind-apply-helpers "^1.0.2"
+    es-define-property "^1.0.1"
+    es-errors "^1.3.0"
+    es-object-atoms "^1.1.1"
+    function-bind "^1.1.2"
+    get-proto "^1.0.1"
+    gopd "^1.2.0"
+    has-symbols "^1.1.0"
+    hasown "^2.0.2"
+    math-intrinsics "^1.1.0"
+
+get-proto@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/get-proto/-/get-proto-1.0.1.tgz#150b3f2743869ef3e851ec0c49d15b1d14d00ee1"
+  integrity sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==
+  dependencies:
+    dunder-proto "^1.0.1"
+    es-object-atoms "^1.0.0"
+
 get-stdin@^4.0.1:
  version "4.0.1"
  resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-4.0.1.tgz#b968c6b0a04384324902e8bf1a5df32579a450fe"
@@ -3393,6 +3507,11 @@ globule@^1.0.0:
    lodash "~4.17.10"
    minimatch "~3.0.2"

+gopd@^1.0.1, gopd@^1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/gopd/-/gopd-1.2.0.tgz#89f56b8217bdbc8802bd299df6d7f1081d7e51a1"
+  integrity sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==
+
 got@^9.6.0:
  version "9.6.0"
  resolved "https://registry.yarnpkg.com/got/-/got-9.6.0.tgz#edf45e7d67f99545705de1f7bbeeeb121765ed85"
@@ -3442,11 +3561,30 @@ has-flag@^4.0.0:
  resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-4.0.0.tgz#944771fd9c81c81265c4d6941860da06bb59479b"
  integrity sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==

+has-property-descriptors@^1.0.2:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz#963ed7d071dc7bf5f084c5bfbe0d1b6222586854"
+  integrity sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==
+  dependencies:
+    es-define-property "^1.0.0"
+
 has-symbols@^1.0.0, has-symbols@^1.0.1:
  version "1.0.1"
  resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.0.1.tgz#9f5214758a44196c406d9bd76cebf81ec2dd31e8"
  integrity sha512-PLcsoqu++dmEIZB+6totNFKq/7Do+Z0u4oT0zKOJNl3lYK6vGwwu2hjHs+68OEZbTjiUE9bgOABXbP/GvrS0Kg==

+has-symbols@^1.0.3, has-symbols@^1.1.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.1.0.tgz#fc9c6a783a084951d0b971fe1018de813707a338"
+  integrity sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==
+
+has-tostringtag@^1.0.2:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/has-tostringtag/-/has-tostringtag-1.0.2.tgz#2cdc42d40bef2e5b4eeab7c01a73c54ce7ab5abc"
+  integrity sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==
+  dependencies:
+    has-symbols "^1.0.3"
+
 has-unicode@^2.0.1:
  version "2.0.1"
  resolved "https://registry.yarnpkg.com/has-unicode/-/has-unicode-2.0.1.tgz#e0e6fe6a28cf51138855e086d1691e771de2a8b9"
@@ -3495,6 +3633,13 @@ has@^1.0.3:
  dependencies:
    function-bind "^1.1.1"

+hash-base@^2.0.0:
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/hash-base/-/hash-base-2.0.2.tgz#66ea1d856db4e8a5470cadf6fce23ae5244ef2e1"
+  integrity sha512-0TROgQ1/SxE6KmxWSvXHvRj90/Xo1JvZShofnYF+f6ZsGtR4eES7WfrQzPalmyagfKZCXpVnitiRebZulWsbiw==
+  dependencies:
+    inherits "^2.0.1"
+
 hash-base@^3.0.0:
  version "3.1.0"
  resolved "https://registry.yarnpkg.com/hash-base/-/hash-base-3.1.0.tgz#55c381d9e06e1d2997a883b4a3fddfe7f0d3af33"
@@ -3512,6 +3657,13 @@ hash.js@^1.0.0, hash.js@^1.0.3:
    inherits "^2.0.3"
    minimalistic-assert "^1.0.1"

+hasown@^2.0.2:
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/hasown/-/hasown-2.0.2.tgz#003eaf91be7adc372e84ec59dc37252cedb80003"
+  integrity sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==
+  dependencies:
+    function-bind "^1.1.2"
+
 he@1.2.x, he@^1.2.0:
  version "1.2.0"
  resolved "https://registry.yarnpkg.com/he/-/he-1.2.0.tgz#84ae65fa7eafb165fddb61566ae14baf05664f0f"
@@ -3856,6 +4008,11 @@ is-callable@^1.1.4, is-callable@^1.2.0:
  resolved "https://registry.yarnpkg.com/is-callable/-/is-callable-1.2.0.tgz#83336560b54a38e35e3a2df7afd0454d691468bb"
  integrity sha512-pyVD9AaGLxtg6srb2Ng6ynWJqkHU9bEM087AKck0w8QwDarTfNcpIYoU8x8Hv2Icm8u6kFJM18Dag8lyqGkviw==

+is-callable@^1.2.7:
+  version "1.2.7"
+  resolved "https://registry.yarnpkg.com/is-callable/-/is-callable-1.2.7.tgz#3bc2a85ea742d9e36205dcacdd72ca1fdc51b055"
+  integrity sha512-1BC0BVFhS/p0qtw6enp8e+8OD0UrK0oFLztSjNzhcKA3WDuJxxAPXzPuPtKkjEY9UUoEWlX/8fgKeu2S8i9JTA==
+
 is-ci@^2.0.0:
  version "2.0.0"
  resolved "https://registry.yarnpkg.com/is-ci/-/is-ci-2.0.0.tgz#6bc6334181810e04b5c22b3d589fdca55026404c"
@@ -4019,6 +4176,13 @@ is-symbol@^1.0.2:
  dependencies:
    has-symbols "^1.0.1"

+is-typed-array@^1.1.14:
+  version "1.1.15"
+  resolved "https://registry.yarnpkg.com/is-typed-array/-/is-typed-array-1.1.15.tgz#4bfb4a45b61cee83a5a46fba778e4e8d59c0ce0b"
+  integrity sha512-p3EcsicXjit7SaskXHs1hA91QxgTw46Fv6EFKKGS5DRFLD8yKnohjF3hxoju94b/OcMZoQukzpPpBE9uLVKzgQ==
+  dependencies:
+    which-typed-array "^1.1.16"
+
 is-typedarray@^1.0.0:
  version "1.0.0"
  resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a"
@@ -4044,6 +4208,11 @@ isarray@1.0.0, isarray@^1.0.0, isarray@~1.0.0:
  resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11"
  integrity sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=

+isarray@^2.0.5:
+  version "2.0.5"
+  resolved "https://registry.yarnpkg.com/isarray/-/isarray-2.0.5.tgz#8af1e4c1221244cc62459faf38940d4e644a5723"
+  integrity sha512-xHjhDr3cNBK0BzdUJSPXZntQUx/mwMS5Rw4A7lPJ90XGAO6ISP/ePDNuo0vhqOZU+UD5JoodwCAAoZQd3FeAKw==
+
 isexe@^2.0.0:
  version "2.0.0"
  resolved "https://registry.yarnpkg.com/isexe/-/isexe-2.0.0.tgz#e8fbf374dc556ff8947a10dcb0572d633f2cfa10"
@@ -4436,6 +4605,11 @@ marionette.templatecache@^1.0.0:
  dependencies:
    backbone.marionette "^4.0.0, 4.0.0-beta.1"

+math-intrinsics@^1.1.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/math-intrinsics/-/math-intrinsics-1.1.0.tgz#a0dd74be81e2aa5c2f27e65ce283605ee4e2b7f9"
+  integrity sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==
+
 md5.js@^1.3.4:
  version "1.3.5"
  resolved "https://registry.yarnpkg.com/md5.js/-/md5.js-1.3.5.tgz#b5d07b8e3216e3e27cd728d72f70d1e6a342005f"
@@ -5289,15 +5463,16 @@ path-type@^4.0.0:
  integrity sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==

 pbkdf2@^3.0.3:
-  version "3.1.1"
-  resolved "https://registry.yarnpkg.com/pbkdf2/-/pbkdf2-3.1.1.tgz#cb8724b0fada984596856d1a6ebafd3584654b94"
-  integrity sha512-4Ejy1OPxi9f2tt1rRV7Go7zmfDQ+ZectEQz3VGUQhgq62HtIRPDyG/JtnwIxs6x3uNMwo2V7q1fMvKjb+Tnpqg==
+  version "3.1.3"
+  resolved "https://registry.yarnpkg.com/pbkdf2/-/pbkdf2-3.1.3.tgz#8be674d591d65658113424592a95d1517318dd4b"
+  integrity sha512-wfRLBZ0feWRhCIkoMB6ete7czJcnNnqRpcoWQBLqatqXXmelSRqfdDK4F3u9T2s2cXas/hQJcryI/4lAL+XTlA==
  dependencies:
-    create-hash "^1.1.2"
-    create-hmac "^1.1.4"
-    ripemd160 "^2.0.1"
-    safe-buffer "^5.0.1"
-    sha.js "^2.4.8"
+    create-hash "~1.1.3"
+    create-hmac "^1.1.7"
+    ripemd160 "=2.0.1"
+    safe-buffer "^5.2.1"
+    sha.js "^2.4.11"
+    to-buffer "^1.2.0"

 picomatch@^2.0.4, picomatch@^2.0.5, picomatch@^2.2.1:
  version "2.2.2"
@@ -5326,6 +5501,11 @@ posix-character-classes@^0.1.0:
  resolved "https://registry.yarnpkg.com/posix-character-classes/-/posix-character-classes-0.1.1.tgz#01eac0fe3b5af71a2a6c02feabb8c1fef7e00eab"
  integrity sha1-AerA/jta9xoqbAL+q7jB/vfgDqs=

+possible-typed-array-names@^1.0.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/possible-typed-array-names/-/possible-typed-array-names-1.1.0.tgz#93e3582bc0e5426586d9d07b79ee40fc841de4ae"
+  integrity sha512-/+5VFTchJDoVj3bhoqi6UeymcD00DAwb1nJwamzPvHEszJ4FpF6SNNbUbOS8yI56qHzdV8eK0qEfOSiodkTdxg==
+
 postcss-modules-extract-imports@^2.0.0:
  version "2.0.0"
  resolved "https://registry.yarnpkg.com/postcss-modules-extract-imports/-/postcss-modules-extract-imports-2.0.0.tgz#818719a1ae1da325f9832446b01136eeb493cd7e"
@@ -5886,6 +6066,14 @@ rimraf@^3.0.2:
  dependencies:
    glob "^7.1.3"

+ripemd160@=2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/ripemd160/-/ripemd160-2.0.1.tgz#0f4584295c53a3628af7e6d79aca21ce57d1c6e7"
+  integrity sha512-J7f4wutN8mdbV08MJnXibYpCOPHR+yzy+iQ/AsjMv2j8cLavQ8VGagDFUwwTAdF8FmRKVeNpbTTEwNHCW1g94w==
+  dependencies:
+    hash-base "^2.0.0"
+    inherits "^2.0.1"
+
 ripemd160@^2.0.0, ripemd160@^2.0.1:
  version "2.0.2"
  resolved "https://registry.yarnpkg.com/ripemd160/-/ripemd160-2.0.2.tgz#a1c1a6f624751577ba5d07914cbc92850585890c"
@@ -6037,6 +6225,18 @@ set-blocking@^2.0.0:
  resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7"
  integrity sha1-BF+XgtARrppoA93TgrJDkrPYkPc=

+set-function-length@^1.2.2:
+  version "1.2.2"
+  resolved "https://registry.yarnpkg.com/set-function-length/-/set-function-length-1.2.2.tgz#aac72314198eaed975cf77b2c3b6b880695e5449"
+  integrity sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==
+  dependencies:
+    define-data-property "^1.1.4"
+    es-errors "^1.3.0"
+    function-bind "^1.1.2"
+    get-intrinsic "^1.2.4"
+    gopd "^1.0.1"
+    has-property-descriptors "^1.0.2"
+
 set-value@^2.0.0, set-value@^2.0.1:
  version "2.0.1"
  resolved "https://registry.yarnpkg.com/set-value/-/set-value-2.0.1.tgz#a18d40530e6f07de4228c7defe4227af8cad005b"
@@ -6052,7 +6252,7 @@ setimmediate@^1.0.4:
  resolved "https://registry.yarnpkg.com/setimmediate/-/setimmediate-1.0.5.tgz#290cbb232e306942d7d7ea9b83732ab7856f8285"
  integrity sha1-KQy7Iy4waULX1+qbg3Mqt4VvgoU=

-sha.js@^2.4.0, sha.js@^2.4.8:
+sha.js@^2.4.0, sha.js@^2.4.11, sha.js@^2.4.8:
  version "2.4.11"
  resolved "https://registry.yarnpkg.com/sha.js/-/sha.js-2.4.11.tgz#37a5cf0b81ecbc6943de109ba2960d1b26584ae7"
  integrity sha512-QMEp5B7cftE7APOjk5Y6xgrbWu+WkLVQwk8JNjZ8nKRciZaByEW6MubieAiToS7+dwvrjGhH8jRXz3MVd0AYqQ==
@@ -6592,6 +6792,15 @@ to-arraybuffer@^1.0.0:
  resolved "https://registry.yarnpkg.com/to-arraybuffer/-/to-arraybuffer-1.0.1.tgz#7d229b1fcc637e466ca081180836a7aabff83f43"
  integrity sha1-fSKbH8xjfkZsoIEYCDanqr/4P0M=

+to-buffer@^1.2.0:
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/to-buffer/-/to-buffer-1.2.1.tgz#2ce650cdb262e9112a18e65dc29dcb513c8155e0"
+  integrity sha512-tB82LpAIWjhLYbqjx3X4zEeHN6M8CiuOEy2JY8SEQVdYRe3CCHOFaqrBW1doLDrfpWhplcW7BL+bO3/6S3pcDQ==
+  dependencies:
+    isarray "^2.0.5"
+    safe-buffer "^5.2.1"
+    typed-array-buffer "^1.0.3"
+
 to-fast-properties@^1.0.3:
  version "1.0.3"
  resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-1.0.3.tgz#b83571fa4d8c25b82e231b06e3a3055de4ca1a47"
@@ -6698,6 +6907,15 @@ type-fest@^0.8.1:
  resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.8.1.tgz#09e249ebde851d3b1e48d27c105444667f17b83d"
  integrity sha512-4dbzIzqvjtgiM5rw1k5rEHtBANKmdudhGyBEajN01fEyhaAIhsoKNy6y7+IN93IfpFtwY9iqi7kD+xwKhQsNJA==

+typed-array-buffer@^1.0.3:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/typed-array-buffer/-/typed-array-buffer-1.0.3.tgz#a72395450a4869ec033fd549371b47af3a2ee536"
+  integrity sha512-nAYYwfY3qnzX30IkA6AQZjVbtK6duGontcQm1WSG1MD94YLqK0515GNApXkoxKOWMusVssAHWLh9SeaoefYFGw==
+  dependencies:
+    call-bound "^1.0.3"
+    es-errors "^1.3.0"
+    is-typed-array "^1.1.14"
+
 typedarray-to-buffer@^3.1.5:
  version "3.1.5"
  resolved "https://registry.yarnpkg.com/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz#a97ee7a9ff42691b9f783ff1bc5112fe3fca9080"
@@ -7024,6 +7242,19 @@ which-module@^2.0.0:
  resolved "https://registry.yarnpkg.com/which-module/-/which-module-2.0.0.tgz#d9ef07dce77b9902b8a3a8fa4b31c3e3f7e6e87a"
  integrity sha1-2e8H3Od7mQK4o6j6SzHD4/fm6Ho=

+which-typed-array@^1.1.16:
+  version "1.1.19"
+  resolved "https://registry.yarnpkg.com/which-typed-array/-/which-typed-array-1.1.19.tgz#df03842e870b6b88e117524a4b364b6fc689f956"
+  integrity sha512-rEvr90Bck4WZt9HHFC4DJMsjvu7x+r6bImz0/BrbWb7A2djJ8hnZMrWnHo9F8ssv0OMErasDhftrfROTyqSDrw==
+  dependencies:
+    available-typed-arrays "^1.0.7"
+    call-bind "^1.0.8"
+    call-bound "^1.0.4"
+    for-each "^0.3.5"
+    get-proto "^1.0.1"
+    gopd "^1.2.0"
+    has-tostringtag "^1.0.2"
+
 which@^1.2.14, which@^1.2.9, which@^1.3.1:
  version "1.3.1"
  resolved "https://registry.yarnpkg.com/which/-/which-1.3.1.tgz#a45043d54f5805316da8d62f9f50918d3da70b0a"
--- a/global/certbot-dns-plugins.json
+++ b/global/certbot-dns-plugins.json
@@ -10,9 +10,9 @@
 	"active24": {
 		"name": "Active24",
 		"package_name": "certbot-dns-active24",
-		"version": "~=1.5.1",
+		"version": "~=2.0.0",
 		"dependencies": "",
-		"credentials": "dns_active24_token=\"TOKEN\"",
+		"credentials": "dns_active24_api_key = <identifier>\ndns_active24_secret = <secret>",
 		"full_plugin_name": "dns-active24"
 	},
 	"aliyun": {
@@ -31,6 +31,14 @@
 		"credentials": "# This plugin supported API authentication using either Service Principals or utilizing a Managed Identity assigned to the virtual machine.\n# Regardless which authentication method used, the identity will need the “DNS Zone Contributor” role assigned to it.\n# As multiple Azure DNS Zones in multiple resource groups can exist, the config file needs a mapping of zone to resource group ID. Multiple zones -> ID mappings can be listed by using the key dns_azure_zoneX where X is a unique number. At least 1 zone mapping is required.\n\n# Using a service principal (option 1)\ndns_azure_sp_client_id = 912ce44a-0156-4669-ae22-c16a17d34ca5\ndns_azure_sp_client_secret = E-xqXU83Y-jzTI6xe9fs2YC~mck3ZzUih9\ndns_azure_tenant_id = ed1090f3-ab18-4b12-816c-599af8a88cf7\n\n# Using used assigned MSI (option 2)\n# dns_azure_msi_client_id = 912ce44a-0156-4669-ae22-c16a17d34ca5\n\n# Using system assigned MSI (option 3)\n# dns_azure_msi_system_assigned = true\n\n# Zones (at least one always required)\ndns_azure_zone1 = example.com:/subscriptions/c135abce-d87d-48df-936c-15596c6968a5/resourceGroups/dns1\ndns_azure_zone2 = example.org:/subscriptions/99800903-fb14-4992-9aff-12eaf2744622/resourceGroups/dns2",
 		"full_plugin_name": "dns-azure"
 	},
+	"baidu": {
+		"name": "baidu",
+		"package_name": "certbot-dns-baidu",
+		"version": "~=0.1.1",
+		"dependencies": "",
+		"credentials": "dns_baidu_access_key = 12345678\ndns_baidu_secret_key = 1234567890abcdef1234567890abcdef",
+		"full_plugin_name": "dns-baidu"
+	},
 	"beget": {
 		"name":"Beget",
 		"package_name": "certbot-beget-plugin",
@@ -47,12 +55,20 @@
 		"credentials": "# Bunny API token used by Certbot (see https://dash.bunny.net/account/settings)\ndns_bunny_api_key = xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx",
 		"full_plugin_name": "dns-bunny"
 	},
+	"cdmon": {
+                "name": "cdmon",
+                "package_name": "certbot-dns-cdmon",
+                "version": "~=0.4.1",
+                "dependencies": "",
+                "credentials": "dns_cdmon_api_key=your-cdmon-api-token\ndns_cdmon_domain=your_domain_is_optional",
+                "full_plugin_name": "dns-cdmon"
+        },
 	"cloudflare": {
 		"name": "Cloudflare",
 		"package_name": "certbot-dns-cloudflare",
 		"version": "=={{certbot-version}}",
-		"dependencies": "cloudflare==2.19.* acme=={{certbot-version}}",
-		"credentials": "# Cloudflare API token\ndns_cloudflare_api_token=0123456789abcdef0123456789abcdef01234567",
+		"dependencies": "cloudflare==4.0.* acme=={{certbot-version}}",
+		"credentials": "# Cloudflare API credentials used by Certbot\ndns_cloudflare_email = cloudflare@example.com\ndns_cloudflare_api_key = 0123456789abcdef0123456789abcdef01234",
 		"full_plugin_name": "dns-cloudflare"
 	},
 	"cloudns": {
@@ -90,11 +106,19 @@
 	"cpanel": {
 		"name": "cPanel",
 		"package_name": "certbot-dns-cpanel",
-		"version": "~=0.2.2",
+		"version": "~=0.4.0",
 		"dependencies": "",
-		"credentials": "cpanel_url = https://cpanel.example.com:2083\ncpanel_username = user\ncpanel_password = hunter2",
+		"credentials": "cpanel_url = https://cpanel.example.com:2083\ncpanel_username = your_username\ncpanel_password = your_password\ncpanel_token = your_api_token",
 		"full_plugin_name": "cpanel"
 	},
+	"ddnss": {
+		"name": "DDNSS",
+		"package_name": "certbot-dns-ddnss",
+		"version": "~=1.1.0",
+		"dependencies": "",
+		"credentials": "dns_ddnss_token = YOUR_DDNSS_API_TOKEN",
+		"full_plugin_name": "dns-ddnss"
+	},
 	"desec": {
 		"name": "deSEC",
 		"package_name": "certbot-dns-desec",
@@ -164,7 +188,7 @@
 		"package_name": "certbot-dns-domainoffensive",
 		"version": "~=2.0.0",
 		"dependencies": "",
-		"credentials": "dns_do_api_token = YOUR_DO_DE_AUTH_TOKEN",
+		"credentials": "dns_domainoffensive_api_token = YOUR_DO_DE_AUTH_TOKEN",
 		"full_plugin_name": "dns-domainoffensive"
 	},
 	"domeneshop": {
@@ -199,6 +223,14 @@
 		"credentials": "dns_eurodns_applicationId = myuser\ndns_eurodns_apiKey = mysecretpassword\ndns_eurodns_endpoint = https://rest-api.eurodns.com/user-api-gateway/proxy",
 		"full_plugin_name": "dns-eurodns"
 	},
+	"firstdomains": {
+                "name": "First Domains",
+                "package_name": "certbot-dns-firstdomains",
+                "version": ">=1.0",
+                "dependencies": "",
+                "credentials": "dns_firstdomains_username = myremoteuser\ndns_firstdomains_password = verysecureremoteuserpassword",
+                "full_plugin_name": "dns-firstdomains"
+        },
 	"freedns": {
 		"name": "FreeDNS",
 		"package_name": "certbot-dns-freedns",
@@ -209,8 +241,8 @@
 	},
 	"gandi": {
 		"name": "Gandi Live DNS",
-		"package_name": "certbot_plugin_gandi",
-		"version": "~=1.5.0",
+		"package_name": "certbot-dns-gandi",
+		"version": "~=1.6.1",
 		"dependencies": "",
 		"credentials": "# Gandi personal access token\ndns_gandi_token=PERSONAL_ACCESS_TOKEN",
 		"full_plugin_name": "dns-gandi"
@@ -383,6 +415,14 @@
 		"credentials": "dns_netcup_customer_id  = 123456\ndns_netcup_api_key      = 0123456789abcdef0123456789abcdef01234567\ndns_netcup_api_password = abcdef0123456789abcdef01234567abcdef0123",
 		"full_plugin_name": "dns-netcup"
 	},
+	"nicru": {
+		"name": "nic.ru",
+		"package_name": "certbot-dns-nicru",
+		"version": "~=1.0.3",
+		"dependencies": "",
+		"credentials": "dns_nicru_client_id = application-id\ndns_nicru_client_secret = application-token\ndns_nicru_username = 0001110/NIC-D\ndns_nicru_password = password\ndns_nicru_scope = .+:.+/zones/example.com(/.+)?\ndns_nicru_service = DNS_SERVICE_NAME\ndns_nicru_zone = example.com",
+		"full_plugin_name": "dns-nicru"
+	},
 	"njalla": {
 		"name": "Njalla",
 		"package_name": "certbot-dns-njalla",
@@ -471,14 +511,30 @@
 		"credentials": "[default]\naws_access_key_id=AKIAIOSFODNN7EXAMPLE\naws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
 		"full_plugin_name": "dns-route53"
 	},
+	"spaceship": {
+		"name": "Spaceship",
+		"package_name": "certbot-dns-spaceship",
+		"version": "~=1.0.4",
+		"dependencies": "",
+		"credentials": "[spaceship]\napi_key=your_api_key\napi_secret=your_api_secret",
+		"full_plugin_name": "dns-spaceship"
+	},
 	"strato": {
 		"name": "Strato",
 		"package_name": "certbot-dns-strato",
-		"version": "~=0.2.1",
+		"version": "~=0.2.2",
 		"dependencies": "",
 		"credentials": "dns_strato_username = user\ndns_strato_password = pass\n# uncomment if youre using two factor authentication:\n# dns_strato_totp_devicename = 2fa_device\n# dns_strato_totp_secret = 2fa_secret\n#\n# uncomment if domain name contains special characters\n# insert domain display name as seen on your account page here\n# dns_strato_domain_display_name = my-punicode-url.de\n#\n# if youre not using strato.de or another special endpoint you can customise it below\n# you will probably only need to adjust the host, but you can also change the complete endpoint url\n# dns_strato_custom_api_scheme = https\n# dns_strato_custom_api_host = www.strato.de\n# dns_strato_custom_api_port = 443\n# dns_strato_custom_api_path = \"/apps/CustomerService\"",
 		"full_plugin_name": "dns-strato"
 	},
+	        "selectelv2": {
+                "name": "Selectel api v2",
+                "package_name": "certbot-dns-selectel-api-v2",
+                "version": "~=0.3.0",
+                "dependencies": "",
+                "credentials": "dns_selectel_api_v2_account_id = your_account_id\ndns_selectel_api_v2_project_name = your_project\ndns_selectel_api_v2_username = your_username\ndns_selectel_api_v2_password = your_password",
+                "full_plugin_name": "dns-selectel-api-v2"
+        },
 	"timeweb": {
 		"name": "Timeweb Cloud",
 		"package_name": "certbot-dns-timeweb",
--- a/test/cypress/e2e/api/Dashboard.cy.js
+++ b/test/cypress/e2e/api/Dashboard.cy.js
@@ -0,0 +1,25 @@
+/// <reference types="cypress" />
+
+describe('Dashboard endpoints', () => {
+	let token;
+
+	before(() => {
+		cy.getToken().then((tok) => {
+			token = tok;
+		});
+	});
+
+	it('Should be able to get host counts', function() {
+		cy.task('backendApiGet', {
+			token: token,
+			path:  '/api/reports/hosts'
+		}).then((data) => {
+			cy.validateSwaggerSchema('get', 200, '/reports/hosts', data);
+			expect(data).to.have.property('dead');
+			expect(data).to.have.property('proxy');
+			expect(data).to.have.property('redirection');
+			expect(data).to.have.property('stream');
+		});
+	});
+
+});
--- a/test/cypress/e2e/api/Streams.cy.js
+++ b/test/cypress/e2e/api/Streams.cy.js
@@ -210,4 +210,16 @@ describe('Streams', () => {
 		});
 	});

+	it('Should be able to List Streams', function() {
+		cy.task('backendApiGet', {
+			token: token,
+			path:  '/api/nginx/streams?expand=owner,certificate',
+		}).then((data) => {
+			cy.validateSwaggerSchema('get', 200, '/nginx/streams', data);
+			expect(data.length).to.be.greaterThan(0);
+			expect(data[0]).to.have.property('id');
+			expect(data[0]).to.have.property('enabled');
+		});
+	});
+
 });
--- a/test/yarn.lock
+++ b/test/yarn.lock
Author	SHA1	Message	Date
jc21	b84762b5b9	Merge pull request #4605 from NginxProxyManager/develop v2.12.4	2025-07-01 11:12:08 +10:00
jc21	953faeac15	Merge branch 'master' into develop	2025-07-01 07:33:33 +10:00
Jamie Curnow	c58f3f3ec9	Bump version	2025-07-01 07:32:39 +10:00
jc21	0ee4d04d5f	Merge pull request #4491 from addievo/fix-certbot-startup-time Some checks failed Close stale issues and PRs / stale (push) Has been cancelled Details fix: optimize certbot ownership script to reduce container startup time	2025-06-30 15:31:09 +10:00
jc21	94f6756250	Merge pull request #4557 from 1ukastesar/patch-1 fix(modal): make textarea font actually monospace	2025-06-30 15:19:05 +10:00
jc21	27e3f73854	Merge pull request #4353 from mordyovits/patch-1 Update frontend copyright year to 2025	2025-06-30 14:57:07 +10:00
jc21	d98f4b43dc	Merge pull request #4398 from cg-zhou/feature/add-ip-ranges-env-var Added IP_RANGES_FETCH_ENABLED environment variable	2025-06-30 14:54:40 +10:00
jc21	ff3116a626	Merge pull request #4604 from NginxProxyManager/dependabot/npm_and_yarn/backend/brace-expansion-1.1.12 Bump brace-expansion from 1.1.11 to 1.1.12 in /backend	2025-06-30 14:47:58 +10:00
jc21	7047750b04	Merge pull request #4358 from pustekuchen91/update-cpanel-certbot-plugin use latest certbot-dns-cpanel version	2025-06-30 14:43:48 +10:00
cg-zhou	0792fc0768	Remove unnecessary Promise.resolve() calls	2025-06-30 12:31:23 +08:00
dependabot[bot]	9758c12ca3	Bump brace-expansion from 1.1.11 to 1.1.12 in /backend Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion) from 1.1.11 to 1.1.12. - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.12) --- updated-dependencies: - dependency-name: brace-expansion dependency-version: 1.1.12 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2025-06-30 03:55:09 +00:00
jc21	ccd69c8867	Update certbot-dns-plugins.json	2025-06-30 13:52:07 +10:00
jc21	23fd1fec6c	Merge branch 'develop' into update-cpanel-certbot-plugin	2025-06-30 13:51:19 +10:00
jc21	6f04543744	Merge pull request #4368 from wisewtf/patch-1 Fixed error in sqlite installation compose file	2025-06-30 13:49:40 +10:00
jc21	cbb1fe44ca	Merge pull request #4381 from ZeroDeng01/ZeroDeng01-patch-1 Fixed an issue with the 500 error code on the Stream list page	2025-06-30 13:45:05 +10:00
jc21	4c23f22d5b	Merge pull request #4601 from NginxProxyManager/dependabot/npm_and_yarn/test/axios-1.10.0 Bump axios from 1.7.7 to 1.10.0 in /test	2025-06-30 13:13:02 +10:00
jc21	af5d3eccd6	Merge pull request #4602 from NginxProxyManager/dependabot/npm_and_yarn/docs/vite-5.4.19 Bump vite from 5.4.14 to 5.4.19 in /docs	2025-06-30 13:12:51 +10:00
jc21	a87283b030	Merge pull request #4603 from NginxProxyManager/dependabot/npm_and_yarn/frontend/elliptic-6.6.1 Bump elliptic from 6.6.0 to 6.6.1 in /frontend	2025-06-30 13:12:42 +10:00
Jamie Curnow	97dbbdd60f	Fix incorrect swagger for streams list	2025-06-30 13:00:25 +10:00
Jamie Curnow	ec81f2489a	Add cypress test to list streams	2025-06-30 11:10:45 +10:00
dependabot[bot]	d0ec8e89aa	Bump elliptic from 6.6.0 to 6.6.1 in /frontend Bumps [elliptic](https://github.com/indutny/elliptic) from 6.6.0 to 6.6.1. - [Commits](https://github.com/indutny/elliptic/compare/v6.6.0...v6.6.1) --- updated-dependencies: - dependency-name: elliptic dependency-version: 6.6.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2025-06-30 00:56:57 +00:00
dependabot[bot]	9a96fbb5f4	Bump vite from 5.4.14 to 5.4.19 in /docs --- updated-dependencies: - dependency-name: vite dependency-version: 5.4.19 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2025-06-30 00:56:15 +00:00
dependabot[bot]	a573450bb8	Bump axios from 1.7.7 to 1.10.0 in /test Bumps [axios](https://github.com/axios/axios) from 1.7.7 to 1.10.0. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v1.7.7...v1.10.0) --- updated-dependencies: - dependency-name: axios dependency-version: 1.10.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2025-06-30 00:54:38 +00:00
jc21	60a25ffbd5	Merge pull request #4560 from spions/patch-1 Added Selectel v2 DNS provider	2025-06-30 10:49:40 +10:00
jc21	7d2369b380	Merge pull request #4576 from NginxProxyManager/dependabot/npm_and_yarn/test/brace-expansion-1.1.12 Bump brace-expansion from 1.1.11 to 1.1.12 in /test	2025-06-30 10:49:20 +10:00
jc21	64f00e8dba	Merge pull request #4577 from h33n0k/develop Fix Incorrect Api status codes	2025-06-30 10:49:09 +10:00
jc21	c99143f548	Merge pull request #4596 from NginxProxyManager/dependabot/npm_and_yarn/frontend/pbkdf2-3.1.3 Bump pbkdf2 from 3.1.1 to 3.1.3 in /frontend	2025-06-30 10:48:57 +10:00
jc21	cc4ee6919a	Merge pull request #4597 from aitor422/develop All checks were successful Close stale issues and PRs / stale (push) Successful in 1m0s Details added CDMon DNS provider	2025-06-30 08:49:03 +10:00
jc21	8a69c65b40	Merge pull request #4551 from MinhPho/feature/update-strato-dns-plugin Update strato dns plugin from 0.2.1 to 0.2.2	2025-06-30 08:09:39 +10:00
jc21	95ee5ca958	Merge pull request #4553 from gustavfroding/develop Added spaceship DNS provider	2025-06-30 08:09:17 +10:00
jc21	40f22d30c4	Merge pull request #4574 from tom-kst/develop Update 'global/certbot-dns-plugins.json' to apply SSL certs for CloudFlare.	2025-06-30 08:08:18 +10:00
aitor422	30dfa9e3de	added CDMon DNS provider	2025-06-25 13:32:14 +02:00
dependabot[bot]	b873499feb	Bump pbkdf2 from 3.1.1 to 3.1.3 in /frontend Bumps [pbkdf2](https://github.com/crypto-browserify/pbkdf2) from 3.1.1 to 3.1.3. - [Changelog](https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md) - [Commits](https://github.com/crypto-browserify/pbkdf2/compare/v3.1.1...v3.1.3) --- updated-dependencies: - dependency-name: pbkdf2 dependency-version: 3.1.3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2025-06-24 09:20:21 +00:00
h33n0k	ef69be2036	Fix Incorrect Api status codes Update Incorrect status code based off the api schema	2025-06-12 08:58:17 +02:00
dependabot[bot]	7580e65dd4	Bump brace-expansion from 1.1.11 to 1.1.12 in /test Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion) from 1.1.11 to 1.1.12. - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.12) --- updated-dependencies: - dependency-name: brace-expansion dependency-version: 1.1.12 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2025-06-11 21:02:35 +00:00
Tom.KST	f11dc5d7c1	Update certbot-dns-plugins.json	2025-06-11 17:36:21 +08:00
Tom.KST	77061a7bd6	Update certbot-dns-plugins.json I've tried multi times failed, and I found that show be a 'space break' ahead & after the equal mark... So the correct script should be "dns_cloudflare_api_token = 0123456789abcdef0123456789abcdef01234567", instead of "dns_cloudflare_api_token=0123456789abcdef0123456789abcdef01234567"	2025-06-11 17:33:44 +08:00
Oleg	b6afc19135	Added selectel v2 DNS provider	2025-05-28 18:10:21 +03:00
Lukáš Tesař	09ba400d09	fix(modal): make textarea font actually monospace Modal `textarea` element has this class `text-monospace`, but there is actually no CSS definition that sets the monospace font for it (neither in custom SCSS files, nor in included libs). This commit fixes the issue by setting `monospace` `font-family` for the `textarea`, greatly enhancing UX of configuration editing in UI.	2025-05-26 19:40:08 +02:00
gustavfroding	0291cfc270	Added spaceship DNS provider	2025-05-23 13:18:07 +02:00
jelly_moon	34267e0af9	Update strato dns plugin from 0.2.1 to 0.2.2	2025-05-23 04:43:52 +02:00
jc21	f327c1e825	Merge pull request #4406 from chindocaine/fix_domainoffensive_certbot All checks were successful Close stale issues and PRs / stale (push) Successful in 1m28s Details Fix DomainOffensive certbot plugin	2025-05-21 20:56:12 +10:00
jc21	6f539979ec	Merge pull request #4411 from henmohr/develop Update cloudflare dns plugin from 2.19.4 to 4.0.*	2025-05-21 20:52:50 +10:00
jc21	3d8079a137	Merge pull request #4426 from foxtrotcz/develop Updates Active24 plugin to API v2	2025-05-21 20:50:55 +10:00
jc21	6d6d83c0d0	Merge pull request #4435 from amateescu/update-gandi-plugin Update the Gandi plugin.	2025-05-21 20:50:36 +10:00
jc21	100a4888d0	Merge pull request #4481 from godsgood33/patch-1 Update certbot-dns-plugins.json	2025-05-21 20:50:14 +10:00
jc21	34a46bd733	Merge pull request #4534 from chenghaopeng/develop add Baidu as DNS provider	2025-05-21 20:48:11 +10:00
jc21	7f8adc7e50	Merge pull request #4538 from astamminger/add_dns_ddnss_plugin Add DDNSS to the list of supported Providers for DNS-01 Challenges	2025-05-21 20:47:29 +10:00
jc21	98d118cb74	Merge pull request #4540 from hatharry/develop Add First Domains DNS Provider	2025-05-21 20:47:02 +10:00
jc21	4fb93542c3	Merge pull request #4547 from vzagorovskiy/develop Added nic.ru DNS provider	2025-05-21 20:46:39 +10:00
vzagorovskiy	4fe305520a	Added nic.ru dns provider	2025-05-19 13:18:58 +03:00
A. Stamminger	76be31cf76	Update certbot-dns-plugins.json with dns-ddns plugin This commit extends the global plugin list with the configuration for certbot-dns-ddnss (https://pypi.org/project/certbot-dns-ddnss/), a new plugin providing DNS-01 challenges for ddnss.de	2025-05-12 15:54:10 +02:00
鹏鹏	55dadb2004	Merge pull request #1 from chenghaopeng/dns-baidu add Baidu as DNS provider	2025-05-11 12:46:27 +08:00
鹏鹏	d9cdb3dc2c	add Baidu as DNS provider	2025-05-11 12:45:13 +08:00
Aditya	0cab720f23	fix: optimize certbot ownership script to reduce container startup time Replace inefficient find/execdir implementation that was causing 3+ minute startup delays with a more efficient approach that: 1. Uses a flag file to skip redundant operations on container restarts 2. Processes site-packages directories with bulk chown operations instead of individual file checks and changes 3. Maintains the same functionality while dramatically improving performance This change should significantly reduce container startup time while ensuring all necessary file permissions are still properly set.	2025-04-20 20:38:54 +10:00
Ryan P	f5879dff6c	Update certbot-dns-plugins.json Fix for bug #4429 add cpanel_api_token entry to credentials check. Will still need to update the documentation that the user will need to retrieve the api token from their cPanel.	2025-04-10 19:56:06 -04:00
Jamie Curnow	5e66d677f1	Adds test for dashboard endpoints Some checks failed Close stale issues and PRs / stale (push) Has been cancelled Details	2025-03-24 14:34:45 +10:00
Andrei Mateescu	18830f81b0	Update the Gandi plugin.	2025-03-13 23:47:31 +02:00
FoxtrotCZ	341ac65587	Updates Active24 plugin to API v2	2025-03-09 19:54:11 +01:00
henmohr	078baa255a	Update certbot-dns-plugins.json	2025-03-03 16:40:38 -03:00
Michael Heilig	bf9d9bd43b	Fix DomainOffensive certbot plugin In https://github.com/NginxProxyManager/nginx-proxy-manager/pull/4235 the certbot plugin for do.de (Domain Offensive) was updated to use the more official version. One necessary line modification was missed, resulting in an error when creating a new certificate.	2025-02-28 21:00:36 +01:00
cg-zhou	a394b25e61	fix eslint error	2025-02-26 19:45:49 +08:00
cg-zhou	1c47fc2ba4	feat: Add IP_RANGES_FETCH_ENABLED environment variable This change adds a new environment variable to control whether IP ranges are fetched during application startup. When set to 'false', the initial fetch will be skipped, which can: 1. Speed up application startup 2. Avoid connectivity issues in environments with restricted internet access 3. Prevent startup failures when CloudFront or CloudFlare services are unreachable	2025-02-26 19:25:50 +08:00
ZeroDeng	312e2ab80c	[fix]Stream List error code 500 Fix stream list page error code 500。	2025-02-21 14:56:00 +08:00
Wise	d147ccd88d	Fixed error in sqlite installation compose file If people copy and paste the sqlite installation without commenting environment docker compose will throw an error because environment will be null.	2025-02-14 14:44:54 +01:00
Marc	03fd292c61	use latest certbot-dns-cpanel version this allows to use token for authentication	2025-02-09 11:41:30 +01:00
jc21	79d28f03d0	Merge pull request #4346 from Sander0542/feature/security-schemes-component All checks were successful Close stale issues and PRs / stale (push) Successful in 4s Details API Schema Improvements	2025-02-07 12:39:49 +10:00
Mordy Ovits	b09147eca8	Update frontend copyright year to 2025	2025-02-06 19:40:23 -05:00
jc21	c5a319cb20	Merge pull request #4347 from NginxProxyManager/develop v2.12.3	2025-02-06 20:25:09 +10:00
Jamie Curnow	c4df89df1f	Fix dashboard loading loop and freezing the page	2025-02-06 13:38:47 +10:00
Sander Jochems	df48b835c4	Update order to match others	2025-02-05 22:20:21 +01:00
Sander Jochems	8a1557154a	Add certificate fields to boolFields	2025-02-05 22:15:12 +01:00
Sander Jochems	a6af5ec2c7	Remove certificate as required from proxy host	2025-02-05 18:18:50 +01:00
Sander Jochems	14d7c35fd7	Fix whitespaces	2025-02-05 17:31:09 +01:00
Sander Jochems	cfcf78aaee	Set bearer auth security component	2025-02-05 17:29:40 +01:00
hatharry	2cee211fb0	add First Domains plugin	2024-11-13 16:31:59 +13:00
@@ -1 +1 @@
 .12.3
 .12.4