0.5.1 was released last week, but somehow we managed to miss a forum post about it. Whoops, sorry about that! But now, 0.5.2 which is a pretty minor bug-fix has just been published with the following changes: Bug fixes We've adjusted the fingerprint weights to resolve some issues that were occurring, primarily when using a reverse proxy. Fixed an issue where the config migrator would introduce the cookie_lifespan configuration property as a string instead of as an int. This issue only effected very old version of FOSSBilling or users who were using BoxBilling. The installer will no longer attempt to detect and redirect to HTTPS as this functionality was causing issues with some server configurations. New features FOSSBilling will now use the cf-ipcountry header Cloudflare sends while creating fingerprints to further increase protection against session hijacking. "IP Geolocation" must be enabled under Cloudflare's "network" settings before this header is sent. That's the complete changelog, so you don't need a link to the website this time 🙂

FOSSBilling Version 0.5.2 hs been released

0.5.1 was released last week, but somehow we managed to miss a forum post about it. Whoops, sorry about that!

But now, 0.5.2 which is a pretty minor bug-fix has just been published with the following changes:

We've adjusted the fingerprint weights to resolve some issues that were occurring, primarily when using a reverse proxy.
Fixed an issue where the config migrator would introduce the cookie_lifespan configuration property as a string instead of as an int. This issue only effected very old version of FOSSBilling or users who were using BoxBilling.
The installer will no longer attempt to detect and redirect to HTTPS as this functionality was causing issues with some server configurations.

FOSSBilling will now use the cf-ipcountry header Cloudflare sends while creating fingerprints to further increase protection against session hijacking.
- "IP Geolocation" must be enabled under Cloudflare's "network" settings before this header is sent.

That's the complete changelog, so you don't need a link to the website this time 🙂