diff --git a/.github/workflows/agent-build.yml b/.github/workflows/agent-build.yml
index 412c3d40..a0f43ed4 100644
--- a/.github/workflows/agent-build.yml
+++ b/.github/workflows/agent-build.yml
@@ -15,7 +15,6 @@ on:
       - "docs/**"
       - "README.md"
 
-
 jobs:
   agent-release:
     name: Build - ${{ matrix.platform.release_for }}
@@ -136,7 +135,7 @@ jobs:
   release-dev:
     name: Release Dev
     needs: [ agent-release, agent-windows, agent-macos ]
-    if: github.event_name == 'push' && github.ref == 'refs/heads/dev'
+    if: github.ref == 'refs/heads/dev'
     runs-on: ubuntu-latest
     permissions:
       contents: write
@@ -161,7 +160,7 @@ jobs:
   release-main:
     name: Release Main
     needs: [ agent-release, agent-windows, agent-macos ]
-    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    if: github.ref == 'refs/heads/main'
     runs-on: ubuntu-latest
     permissions:
       contents: write
diff --git a/.github/workflows/server-build.yml b/.github/workflows/server-build.yml
index 676679b4..c4fb76cc 100644
--- a/.github/workflows/server-build.yml
+++ b/.github/workflows/server-build.yml
@@ -15,7 +15,6 @@ on:
       - "docs/**"
       - "README.md"
 
-
 jobs:
   server-release:
     name: Build - ${{ matrix.platform.release_for }}
@@ -90,7 +89,7 @@ jobs:
   release-dev:
     name: Release Dev
     needs: [ server-release, server-windows, server-macos ]
-    if: github.event_name == 'push' && github.ref == 'refs/heads/dev'
+    if: github.ref == 'refs/heads/dev'
     runs-on: ubuntu-latest
     permissions:
       contents: write
@@ -115,7 +114,7 @@ jobs:
   release-main:
     name: Release Main
     needs: [ server-release, server-windows, server-macos ]
-    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    if: github.ref == 'refs/heads/main'
     runs-on: ubuntu-latest
     permissions:
       contents: write
diff --git a/.gitignore b/.gitignore
index 2e49ee2e..f1790367 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,4 +12,5 @@ node_modules/
 docs/.vitepress/dist
 docs/.vitepress/cache
 md.md
-test-py
\ No newline at end of file
+test-py
+static
\ No newline at end of file
diff --git a/Cargo.lock b/Cargo.lock
index 54094770..ba23f65c 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2936,7 +2936,7 @@ checksum = "43794a0ace135be66a25d3ae77d41b91615fb68ae937f904090203e81f755b65"
 
 [[package]]
 name = "nodeget-agent"
-version = "0.3.6"
+version = "0.3.7"
 dependencies = [
  "anyhow",
  "base64",
@@ -2970,7 +2970,7 @@ dependencies = [
 
 [[package]]
 name = "nodeget-lib"
-version = "0.3.6"
+version = "0.3.7"
 dependencies = [
  "anyhow",
  "libc",
@@ -2989,7 +2989,7 @@ dependencies = [
 
 [[package]]
 name = "nodeget-server"
-version = "0.3.6"
+version = "0.3.7"
 dependencies = [
  "anyhow",
  "axum",
diff --git a/agent/Cargo.toml b/agent/Cargo.toml
index 21277118..44fb81ea 100644
--- a/agent/Cargo.toml
+++ b/agent/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "nodeget-agent"
-version = "0.3.6"
+version = "0.3.7"
 edition = "2024"
 
 [dependencies]
diff --git a/docs/api/static_bucket/crud.md b/docs/api/static_bucket/crud.md
index 202526d2..e6d0896f 100644
--- a/docs/api/static_bucket/crud.md
+++ b/docs/api/static_bucket/crud.md
@@ -14,7 +14,8 @@
   "name": "my-site",
   "path": "sites/my-site",
   "is_http_root": false,
-  "cors": true
+  "cors": true,
+  "enable": true
 }
 ```
 
@@ -33,7 +34,8 @@
   "name": "my-site",
   "path": "sites/my-site",
   "is_http_root": false,
-  "cors": true
+  "cors": true,
+  "enable": true
 }
 ```
 
@@ -50,7 +52,8 @@
     "name": "my-site",
     "path": "sites/my-site",
     "is_http_root": false,
-    "cors": true
+    "cors": true,
+    "enable": true
   },
   "id": 1
 }
@@ -67,7 +70,8 @@
     "name": "my-site",
     "path": "sites/my-site",
     "is_http_root": false,
-    "cors": true
+    "cors": true,
+    "enable": true
   }
 }
 ```
@@ -123,7 +127,8 @@
     "name": "my-site",
     "path": "sites/my-site",
     "is_http_root": false,
-    "cors": true
+    "cors": true,
+    "enable": true
   }
 }
 ```
@@ -154,7 +159,8 @@
     "name": "my-site",
     "path": "sites/my-site",
     "is_http_root": true,
-    "cors": true
+    "cors": true,
+    "enable": false
   },
   "id": 1
 }
@@ -171,7 +177,8 @@
     "name": "my-site",
     "path": "sites/my-site",
     "is_http_root": true,
-    "cors": true
+    "cors": true,
+    "enable": false
   }
 }
 ```
diff --git a/docs/api/static_bucket/index.md b/docs/api/static_bucket/index.md
index 371e9691..30970382 100644
--- a/docs/api/static_bucket/index.md
+++ b/docs/api/static_bucket/index.md
@@ -37,7 +37,8 @@ Config 中的 `static_path` 字段决定所有 bucket 的顶级磁盘根目录
   "name": "my-site",
   "path": "sites/my-site",
   "is_http_root": false,
-  "cors": true
+  "cors": true,
+  "enable": true
 }
 ```
 
@@ -48,6 +49,7 @@ Config 中的 `static_path` 字段决定所有 bucket 的顶级磁盘根目录
 - `path`：磁盘相对路径（相对 `static_path`），如 `sites/my-site`，允许 `/` 多级嵌套
 - `is_http_root`：是否接管根路由 `/`
 - `cors`：是否开启 `Access-Control-Allow-Origin: *`
+- `enable`：是否启用 HTTP 访问。`false` 时该 bucket 的 HTTP 入口返回 404（不影响 RPC 操作和 WebDAV）
 
 ## 注意事项
 
diff --git a/nodeget-lib/Cargo.toml b/nodeget-lib/Cargo.toml
index 76ff43e8..2ccbddd3 100644
--- a/nodeget-lib/Cargo.toml
+++ b/nodeget-lib/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "nodeget-lib"
-version = "0.3.6"
+version = "0.3.7"
 edition = "2024"
 
 [dependencies]
diff --git a/server/Cargo.toml b/server/Cargo.toml
index e979d045..bb7cce33 100644
--- a/server/Cargo.toml
+++ b/server/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "nodeget-server"
-version = "0.3.6"
+version = "0.3.7"
 edition = "2024"
 description = "Next-generation server monitoring and management tools"
 license = "AGPL-3"
diff --git a/server/src/rpc/token/change_password.rs b/server/src/rpc/token/change_password.rs
index dc29fbf1..d991ed0b 100644
--- a/server/src/rpc/token/change_password.rs
+++ b/server/src/rpc/token/change_password.rs
@@ -1,3 +1,4 @@
+use super::utils::{find_target_token, verify_supertoken};
 use crate::entity::token;
 use crate::token::cache::TokenCache;
 use crate::token::hash_string;
@@ -5,7 +6,6 @@ use jsonrpsee::core::RpcResult;
 use nodeget_lib::error::NodegetError;
 use sea_orm::{ActiveModelTrait, Set};
 use serde_json::value::RawValue;
-use super::utils::{find_target_token, verify_supertoken};
 use tracing::debug;
 
 /// 修改指定 token 的密码（Super Token 专用）
@@ -69,8 +69,7 @@ pub async fn change_password(
             );
         }
 
-        let response =
-            r#"{"success":true,"message":"Password changed successfully"}"#.to_owned();
+        let response = r#"{"success":true,"message":"Password changed successfully"}"#.to_owned();
         RawValue::from_string(response)
             .map_err(|e| NodegetError::SerializationError(format!("{e}")).into())
     };
diff --git a/server/src/rpc/token/mod.rs b/server/src/rpc/token/mod.rs
index 51a928fc..483e7cda 100644
--- a/server/src/rpc/token/mod.rs
+++ b/server/src/rpc/token/mod.rs
@@ -107,9 +107,11 @@ impl RpcServer for TokenRpcImpl {
             target_token_key = target_tk,
             target_username = target_un,
         );
-        async { rpc_exec!(change_password::change_password(token, target_token, new_password).await) }
-            .instrument(span)
-            .await
+        async {
+            rpc_exec!(change_password::change_password(token, target_token, new_password).await)
+        }
+        .instrument(span)
+        .await
     }
 
     async fn roll_token_secret(
diff --git a/server/src/rpc/token/roll_token_secret.rs b/server/src/rpc/token/roll_token_secret.rs
index db67b4ce..53fe3bd5 100644
--- a/server/src/rpc/token/roll_token_secret.rs
+++ b/server/src/rpc/token/roll_token_secret.rs
@@ -1,3 +1,4 @@
+use super::utils::{find_target_token, verify_supertoken};
 use crate::entity::token;
 use crate::token::cache::TokenCache;
 use crate::token::hash_string;
@@ -6,7 +7,6 @@ use nodeget_lib::error::NodegetError;
 use nodeget_lib::utils::generate_random_string;
 use sea_orm::{ActiveModelTrait, Set};
 use serde_json::value::RawValue;
-use super::utils::{find_target_token, verify_supertoken};
 use tracing::debug;
 
 /// 重新生成目标 token 的 secret（Super Token 专用）
@@ -40,10 +40,9 @@ pub async fn roll_token_secret(token: String, target_token: String) -> RpcResult
         let mut active_model: token::ActiveModel = target_model.into();
         active_model.token_hash = Set(new_token_hash);
 
-        let updated = active_model
-            .update(db)
-            .await
-            .map_err(|e| NodegetError::DatabaseError(format!("Failed to update token secret: {e}")))?;
+        let updated = active_model.update(db).await.map_err(|e| {
+            NodegetError::DatabaseError(format!("Failed to update token secret: {e}"))
+        })?;
 
         debug!(
             target: "token",
diff --git a/server/src/rpc/token/utils.rs b/server/src/rpc/token/utils.rs
index 0ce7fbaa..7842beed 100644
--- a/server/src/rpc/token/utils.rs
+++ b/server/src/rpc/token/utils.rs
@@ -8,12 +8,10 @@ use tracing::{debug, warn};
 /// 辅助函数：从标识符中提取 token_key（如果是 `key:secret` 格式则取 key 部分）
 /// 也支持 `username|password` 格式（取 username 部分）
 pub fn extract_target_identifier(identifier: &str) -> &str {
-    identifier
-        .split_once(':')
-        .map_or(
-            identifier.split_once('|').map_or(identifier, |(u, _)| u),
-            |(k, _)| k,
-        )
+    identifier.split_once(':').map_or(
+        identifier.split_once('|').map_or(identifier, |(u, _)| u),
+        |(k, _)| k,
+    )
 }
 
 /// 辅助函数：按 token_key 或 username 查找目标 token
@@ -54,8 +52,8 @@ pub async fn find_target_token(identifier: &str) -> Result<token::Model, Nodeget
 
 /// 校验调用者是否为 Super Token
 pub async fn verify_supertoken(token: &str) -> Result<(), NodegetError> {
-    let token_or_auth =
-        TokenOrAuth::from_full_token(token).map_err(|e| NodegetError::ParseError(format!("{e}")))?;
+    let token_or_auth = TokenOrAuth::from_full_token(token)
+        .map_err(|e| NodegetError::ParseError(format!("{e}")))?;
 
     let is_super = check_super_token(&token_or_auth)
         .await