Version 1.63.2

Released: 2021-11-25

Git Manager (PRO PACK) new

Git Manager allows users to host and manage Git repositories on the Directadmin server.

Syncing with remote repositories is available as well with auto deployment support via a webhook.

Read more.

Backup locking slots: max_concurrent_backups=3 new

Each call to create an Admin/Reseller level triggered backup will require a backup lock. y default, there will be:


meaning 3 different lock files. The backup being attempted must get one of those locks, eg:

  • /usr/local/directadmin/data/admin/backup_slot.1.lock
  • /usr/local/directadmin/data/admin/backup_slot.2.lock
  • /usr/local/directadmin/data/admin/backup_slot.3.lock

where the contents of the lock will be some json with the PID of the dataskq running and other misc info, so it can be verified later, in case it's no longer active.


The lock duration default is 8 hours, based on the directadmin.conf timeout=60. If you have a higher timeout, eg: timeout=120, the lock timeout will double as well: 16hrs. It's a dynamic value, in case you need to adjust it.


The contents of the backup_slot.X.lock will be json, eg:

        "id": "1",
        "owner": "admin",
        "pid": "501795"

Where id is the backup id. If it's manual trigger, it will not be present there. Field pid is the process ID of the running dataskq call, so it can be checked if it's still alive.

Owner is the account that triggered the backup (cron or direct).

Make rootauth login keys read-only for normal users improved

Login keys created by root account using commands directadmin --root-auth-url or directadmin --root-auth-url-for=username will be marked as read-only for normal user accounts (will have client_read_only=yes in key.conf).

These keys are used by DA server administrator or some 3rd party plugins to gain API access to a particular account. Marking them as read-only will prevent users from disabling or removing these keys.

Refactored and scripts improved

Changed script to have no installation logic, all the installation bits have been moved to The scripts have also been cleaned up of unused functions. has the ability to install DA from any update channel/branch. Instructions for the usage can be found here.

Script accepts just the license key improved

As our new licensing system does not require re-download of license.key, we have changed to only accept license key as the argument. Instructions for the usage can be found here.

License and version information page simplified in Evolution skin improved

Using Evolution skin information about current DA version and license is simplified. Change of preferred release channel is now done immediately without having to wait for DA restart.

UNIT: no need for SSL listener by default (DEFAULT) improved

Default change to the directadmin.conf option, new value:


where the previous default would be:


This change, upon full rewrite, will clear:

  • /certificates/hostname
  • /listeners/*:8091

from the unit config, as it's extra overhead which is not needed (we use localhost plaintext) If you need ssl with your connection to unit, just enable it:

./directadmin set unit_port_ssl 8091
service directadmin restart

When updating DA, these fields will not be purged. Only after a full rewrite, eg:

echo "action=rewrite&value=nginx_unit" /usr/local/directadmin/data/task.queue


/usr/local/directadmin/custombuild/build rewrite_confs

will the 2 values get dropped. Nothing internal to DA's code is connecting to the 8091 port, hence it's removal.

Cron: disable jail needs to clear jailshell fixed

When modifying a User, if the jail option is disabled when cron is still on, the value SHELL=/usr/bin/jailshell needed to be cleared from the crontab.

Custom dns_txt.conf with _dmarc causes double _dmarc after restore fixed

For anyone who are trying to automate setting up _dmarc records by default for new zones, during a restore, it will end up merging the backed up _dmarc with the templates/custom/dns_txt.conf _dmarc records.

Fixed: Prevent duplicate _dmarc records. Other record types not touched to prevent affecting the spf values which are controlled via checkbox restore options.

Subdomain-Alias with domain subdomain: missing CERT/KEY not reverting correctly fixed

If you have a domain, say and it has a subdomain, called

If you were to create a domain alias on called when the httpd.conf writes, it will also try to add all subdomains, adding a VH with name

If that cert/value was not available, a bug in the code did not correctly revert to the server cert/key values.

Fix typo in rspamd template fixed

Typo in rspamd temlate prioity=1 changed to priority=1.

Last Updated: