Version 1.63.6

Released: 2022-02-01

• ACME provider selection LE vs ZeroSSL on a per domain basis new
• Cgroups now support setting MemoryMax limit new
• task.queue option to resync User and Reseller configs to their packages new
• Optional ftp upload confirmation via remote ftp size listing (SCRIPTS) new
• Update Nginx unix route templates update
• Updated ClamAV feature user interface evolutionupdate
• Login-key usage count feature is removed removal
• Security issues reported by Rack911 team fix
• Socket leak on legacy cli --DocumentRoot call fix

ACME provider selection LE vs ZeroSSL on a per domain basis new

In the LetsEncrypt configuration it is now possible to select between ZeroSSL or LetsEncrypt as an ACME provider.

This is only visible in the Evolution skin.

Legacy mode for swapping LetsEncrypt with ZeroSSL with magic file /root/.zerossl is now deprecated.

Cgroups now support setting MemoryMax limit new

This is an absolute Memory limit. When reached it triggers Out-Of-Memory Killer.

It is useful when used in combination with MemoryHigh limit.

task.queue option to resync User and Reseller configs to their packages new

You can now reset Users/Resellers to match any manual changes to their packages via the CLI/task.queue The option already exists when using the GUI simply by saving the package.

The syntax would be:

echo "action=rewrite&value=package&type=user|reseller&creator=CREATOR&package=PACKAGE" >> /usr/local/directadmin/data/task.queue

Where the type=user refers to User Packages and Users created by CREATOR, and type=reseller refers to Reseller Packages and Resellers created by CREATOR (usually admin). This triggers the user_modify_post.sh and reseller_modify_post.sh hooks as of 1.63.7.

Optional ftp upload confirmation via remote ftp size listing (SCRIPTS) new

We've had one report where curl did not throw any error on remote disk was full, resulting in lost data. As an extra layer of checks, new internal directadmin.conf default variable:

backup_ftp_upload_confirmation=0

can be set to 1:

./directadmin set backup_ftp_upload_confirmation  1

which follws up any successful curl upload with a curl download (updated ftp_list.php) which returns the filesize as well. This is compared to the local size and an error is thrown if there is a mismatch.

Update Nginx unix route templates update

From Nginx Unit version 1.26.0 share action behaviour changes from specifying document root directory that gets prepended to request URI, to specifying full path to the file to serve.

Route templates has been updated to reflect this change.

Please note that this change doesn't update currently configured routes.

Updated ClamAV feature user interface evolutionupdate

ClamAV feature now allows to select a pre-defined scan paths to avoid having to type in scan path manually. It is still possible to use custom scan path.

Login-key usage count feature is removed removal

A feature allowing login-keys to have max usage counter is deprecated and removed. It was decided that most useful login-key usage limitation is time based. API usage counters does not work well because for some actions to be achieved multiple API requests might be necessary and it is hard to know in advance how may API requests will be made.

We recommend that all existing login-keys with usage limit to be updated to have time restriction.

Security issues reported by Rack911 team fix

Continuation of work on a set of security issues that were reported by the Rack911 team.

This release hardens some manually triggered CLI tools.

We recommend everyone to update to this version.

Socket leak on legacy cli --DocumentRoot call fix

Compatibility mode for listing user document roots from cli causes persistent HTTP requests to linger leading to FD exhaustion. Issue is fixed in this release.