Version 1.40.1

Released: 2011-12-05

Realtime email usage stats (SKINS) new

*** REQUIRES new exim.pl version 10 - manual install ***

wget -O /etc/exim.pl http://files1.directadmin.com/services/exim.pl.10
/etc/init.d/exim restart

If you don't update to VERSION=10, you'll be missing some stats on this page. (message size, and destination address)

Once determined to be fully functional, the exim.pl.10 will be renamed to exim.pl on the files server as the default for new installs.


Accessed at:

User Level -> E-Mail Accounts -> E-Mail Usage


New page that will show all emails that were sent today, this month, or this month excluding today.

CMD_EMAIL_USAGE and CMD_API_EMAIL_USAGE

Grabs stats from:

/etc/virtual/usage/username.bytes (today)

or

/usr/local/directadmin/data/users/username/bandwidth.tally (this month, excluding today)

chews on them, and shows the results.

Figures out:

top sending email

top authentication username, when applicable (as it can be different from the "from" email, or blank if email not sent through smtp)

top sending IP address, when applicable.

CMD_API_EMAIL_USAGE:

Method: GET or POST
domain=domain.com

sample output variables:

BYTES_FILE = ./data/users/admin/bandwidth.tally
TOP_AUTH = user@email.com
TOP_AUTH_COUNT = 2
TOP_AUTH_PERCENT = 100
TOP_HOST = 127.0.0.1
TOP_HOST_COUNT = 2
TOP_HOST_PERCENT = 100
TOP_PATH = /
TOP_PATH_COUNT = 2
TOP_PATH_PERCENT = 100
TOP_SEDNER_PERCENT = 100
TOP_SENDER = user@email.com
TOP_SENDER_COUNT = 2
USERNAME = admin
user@email.com = 2
otheruser@email.com = 1

Where the UPPER CASE texts mentioned will always be present. They contain stats about the highest sending data.

Values which are email addresses (or the system account name) will have variable showing the number of emails sent.

Note that the number is based on the From address, only if the authenticated sender is not used (eg: when sending via script or popb4smtp)

SKINS

files_user.conf:

CMD_EMAIL_USAGE=user/email/usage.html

user/email/pop.html:

added link to the new page:

<a href="CMD_EMAIL_USAGE?domain=|DOMAIN|">E-Mail Usage</a><br>

user/email/usage.html:

see new skin for info.

override to allow upper case usernames new

Although you should not use this feature, some Admins don't want to change what's already setup.

To tell DA that upper case usernames should be allowed, add:

allow_upper_case_username=1

to your directadmin.conf.

The internal default is 0.

The reason this should not be enabled, is because the email system (dovecot, exim) convert upper case values to lower case values.

When checks for this username are done, they'll fail since the lower case value does not match the upper case value, and the user cannot login.

If you accept these defects, then you may enable this override.

SymLinksIfOwnerMatch and reduced AllowOverride fixed

Forum thread: https://forum.directadmin.com/threads/42332


Change FollowSymLinks to be SymLinksIfOwnerMatch in all httpd.conf files. This is to improve security.

This only happens after a custombuild:

./build rewrite_confs

and only once:

secure_htaccess=yes

is set in the options.conf.

New installs default to yes.

Existing installs default to no.

All directories:

/home/user/domains/domain.com/stats

/home/user/domains/domain.com/awstats

will be reset to user:user on the next run of webalizer/awstats for that domain, instead of root. This is such that the public_html/stats -> ../stats ownership matches, so that the SymLinksIfOwnerMatch doesn't return "Forbidden"

Resetting the /stats link through:

User Level -> Site Summary / Stats / Logs

will also set the ownership to user:user.

Lastly, the custombuild script now runs a chown on the links in /var/www/html with the -h option to set those links to be owned by webapps:webapps. Again, to ensure the ownership matches for this option.

As usual, excessive checking on the stats/awstats directory is done to prevent creative disk access, so it will only be set to the user if all of the numerous checks pass.

The changes to the main:

/etc/httpd/conf/httpd.conf

consist of removing all <Directory ..> entries, and replace them with:

Include conf/extra/httpd-directories.conf

The httpd-directories.conf file will be a symbolic link to one of:

httpd-directories-old.conf

httpd-directories-new.conf

depending on what setting is used for secure_htaccess.

Note that enabling this feature, although more secure, it's more strict.

This mean the AllowOverride option is no longer set to "All", but rather to a speicific list of items.

If you change to use this option, any .htaccess file that has:

Options FollowSymLinks

will throw an "internal server error".

Note that some scripts (Joomla, Drupal, etc..) may have this value by default, so they would need to comment it out.

OR

If you enable this feature, and have some sites that throw the error, you can do an override for that site by going to:

Admin Level -> Custom Httpd Config -> domain.com

and in the top text area, paste in this one line:

AllowOverride All

Renamed restore not restoring main ftp account fixed

If you have user.admin.user1.tar.gz, and rename it to user.admin.user2.tar.gz, when restored, the "user2" account did not exist.

Caused by the user1 value in the backup not matching the checks for user2.

Added execeptions, including checks for the "system" type, to know it was the system account and set the values accordingly.

commands.deny not being scanned fixed

Relating to this change in 1.40.0:

Ability to hide and block "Domain Setup" page (SKINS)

caused the commands.deny not to be scanned.

Resolved by:

  1. changing the check order

  2. Added a depth counter for the recursive class calls where the deny_override only triggers on the top level function call. (vs the previous flag for "already been called" which broke because of the double call.. for the current command, and for the check of CMD_DOMAIN.

Last Updated: