Lighttpd 1.4.68 Brings Stronger TLS Defaults, KTLS Sendfile Support For Faster Performance

Written by Michael Larabel in Free Software on 4 January 2023 at 12:35 PM EST. 14 Comments
Lighttpd 1.4.68 was released on Tuesday as the newest version of this lightweight, high performance open-source web server.

This CPU and memory efficiency optimized HTTP(S) web server under the revised BSD license has continued tacking on more improvements with its newest release.

Lighttpd 1.4.68 now enforces stronger TLS defaults out-of-the-box though legacy ciphers can still be configured. The default for Lighttpd's TLS modules are to now use stronger, modern ciphers unless otherwise specified. This web server update has also removed several previously deprecated TLS options.

Also notable with Lighttpd 1.4.68 is adding KTLS sendfile support in the OpenSSL and GnuTLS modules when available and enabled. This is similar to what has already been available in the likes of Nginx for making use of kernel TLS with SSL_sendfile() for improving performance and reducing copy operations between kernel and user-space. Lighttpd hasn't provided any performance figures but in the case of Nginx when they added kTLS sendfile support there were 13~28% performance improvements experienced. Making use of the in-kernel TLS with SSL_sendfile() also led to reduction in CPU usage.

Lighttpd 1.4.68 has also removed deprecated modules and fixed various bugs with this lightweight web server update. Downloads and more details on the new release via
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week