fix(Port80Handler): Restrict ACME HTTP-01 challenge handling to domains with acmeMaintenance or acmeForward enabled

changelog.md

@@ -1,5 +1,11 @@
 # Changelog
 
+## 2025-03-18 - 4.2.6 - fix(Port80Handler)
+Restrict ACME HTTP-01 challenge handling to domains with acmeMaintenance or acmeForward enabled
+
+- Updated challenge handler in ts/classes.port80handler.ts to include a check for (options.acmeMaintenance || options.acmeForward)
+- Prevents unintended processing of ACME challenges when ACME configuration is not enabled
+
 ## 2025-03-18 - 4.2.5 - fix(networkproxy)
 Refactor certificate management components: rename AcmeCertManager to Port80Handler and update related event names from CertManagerEvents to Port80HandlerEvents. The changes update internal API usage in ts/classes.networkproxy.ts and ts/classes.port80handler.ts to unify and simplify ACME certificate handling and HTTP-01 challenge management.
 

ts/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@push.rocks/smartproxy',
-  version: '4.2.5',
+  version: '4.2.6',
   description: 'A powerful proxy package that effectively handles high traffic, with features such as SSL/TLS support, port proxying, WebSocket handling, dynamic routing with authentication options, and automatic ACME certificate management.'
 }

ts/classes.port80handler.ts

@@ -408,7 +408,7 @@ export class Port80Handler extends plugins.EventEmitter {
     const options = domainInfo.options;
 
     // If the request is for an ACME HTTP-01 challenge, handle it
-    if (req.url && req.url.startsWith('/.well-known/acme-challenge/')) {
+    if (req.url && req.url.startsWith('/.well-known/acme-challenge/') && (options.acmeMaintenance || options.acmeForward)) {
       // Check if we should forward ACME requests
       if (options.acmeForward) {
         this.forwardRequest(req, res, options.acmeForward, 'ACME challenge');