Version 1.668

Released: 2024-09-20

• Server TLS upload page evolutionnew
• Server TLS status page actions evolutionupdate
• Unified widgets dashboard evolutionupdate
• Simpler widgets customization evolutionupdate
• Email-only feature set has access to email-config command update
• Fix file path encoding in Apache integration with php-fpm update
• Detect old local libcurl custombuildupdate
• syslogd option to use split priority for each log type. update
• DNS Providers GUI for Enhanced update
• Software version changes custombuildupdate
• Language override in headers update
• Host name in two-factor authentication secret key name evolutionfix
• System skin deprecation removal
• Removed userdir_access from custombuild options removalcustombuild
• Removed http_methods CustomBuild option custombuildremoval
• Legacy translations system removal
• Removed support for suphp and ruid2 webserver integration modes removal
• Removed support for PHP safe_mode flag removal
• Removed support for two-step authentication scratch code expiry removal

Server TLS upload page evolutionnew

A page for uploading server TLS certificate has been introduced to Evolution. It can be accessed from admin level -> Server Manager -> Server TLS Certificate -> Change Certificate.

Server TLS status page actions evolutionupdate

The Server TLS page is updated to show if the web interface is using HTTPS and the status of automatic certificate management.

The page has quick action buttons to enable both features.

Unified widgets dashboard evolutionupdate

All Evolution skin layouts have a unified way of showing widgets. This change allows widgets to show more content and the same amount of information for all skin layouts.

Simpler widgets customization evolutionupdate

Widgets customization is now easier and follows the same rules as all other Evolution skin customizations.

The widgets customization page (Admin Tools > Customize Evolution Skin > Widgets ) allows hiding and reordering widgets. Customizations done by the reseller or admin accounts will be inherited by owned user accounts.

Email-only feature set has access to email-config command update

The built-in feature set email-only is extended to allow users to use the email-config action (download mail box configuration for iOS devices).

Fix file path encoding in Apache integration with php-fpm update

The latest Apache webserver (starting from 2.4.60) changed the encoding of the script file name that gets passed to the pfp-fpm service. This caused PHP scripts that have spaces or non-ASCII characters in their path to return 404 responses.

Apache config templates are updated to fix script filenames before passing them to php-fpm. The fix is conditionally applied only for affected Apache versions. We expect Apache upstream will have a proper fix for this issue in the upcoming versions.

Detect old local libcurl custombuildupdate

CustomBuild will detect if an old version of libcurl is installed in the /usr/local directory when listing software available for removal.

It can be removed with the da build remove_old_local libcurl command. And restored back with the da build restore_old_local libcurl command.

Having an old version of locally built libcurl can cause PHP compile problems if it is linked to one of the removed local libraries.

syslogd option to use split priority for each log type. update

Previously, when the optional use_syslogd=1 was used, all 4 logs were sent to syslogd as type err. This change splits the 4 directadmin.conf log types as follows:

• errorlog=/var/log/directadmin/error.log and errortaskq.log will remain as LOG_ERR
• systemlog=/var/log/directadmin/system.log will now be LOG_NOTICE
• securitylog=/var/log/directadmin/security.log will now be LOG_CRIT
• loginlog=/var/log/directadmin/login.log will now be LOG_INFO

DNS Providers GUI for Enhanced update

Users, Resellers, and Admins can now access the DNS Providers feature for their domains, using the Enhanced skin (Evolution TBD) For all account types, the tool can be accessed from: User Level » SSL Certificates » Manage ACME DNS Providers

• Users - Can select from the list of dns providers for their domain, or if set by the higher account, inherit a provider from them.
• Resellers - Can setup the creator type of dns provider, to be used by their Users.
• Admins - Can setup the global type of dns provider, which can be used by any User.

The creator and global types can include Domain Restrictions, where they can have a domains_allow or domains_deny list, to control which domains should be allowed or denied from using these inhertibale dns providers. This feature does not affect the acme_server_cert set of directadmin.conf options, which would only be for the hostname.

Related: Remote DNS providers with LetsEncrypt

Software version changes custombuildupdate

• composer updated from 2.7.8 to 2.7.9
• litespeed updated from 6.3.1-0 to 6.3.1-1
• modsecurity3 updated from 3.0.12 to 3.0.13
• PHP 8.1 updated from 8.1.29 to 8.1.30
• PHP 8.2 updated from 8.2.23 to 8.2.24
• PHP 8.3 updated from 8.3.11 to 8.3.12
• snuffleupagus updated from 0.10.0 to 0.11.0
• unit updated from 1.32.1 to 1.33.0

Language override in headers update

Added with the use of APIs in mind, this feature will allow an extra header to be passed, allowing the caller to override the User's current language, using the one passed.

X-Language-Override: en

This should make the results more unified, as they'll use the desired language. Note that newer calls using the restful /api method return mainly just data, not sentences, so this won't have any effect on them.

This change also fixes a bug with regards to temporary languages set in the session.

Host name in two-factor authentication secret key name evolutionfix

Generating a new two-factor authentication secret gives user a QR code to add the secret into the password manager app. The key name is fixed to have server hostname instead of static value undefined.

System skin deprecation removal

In future releases, the login page will always use the Evolution skin. Admins with non-Evolution system skins will get notified about this change.

Removed userdir_access from custombuild options removalcustombuild

Userdir access feature is removed from custombuild.

If userdir_access is enabled, CustomBuild will refuse to perform any software reconfiguration action.

Removed http_methods CustomBuild option custombuildremoval

The CustomBuild option http_methods used for restricting HTTP methods is no longer supported.

Legacy translations system removal

Legacy translation system that used .txt files is no longer supported.

Example of legacy translation file data/skins/enhanced/lang/en/internal/authentication.txt:

1=The lost password feature is disabled
2=Invalid username
3=Invalid code
4=No such user
...

Removed support for suphp and ruid2 webserver integration modes removal

The main directadmin service will no longer be aware of suphp mode. The following webserver template tokens will always be set to 0:

• SUPHP
• HAVE_PHP1_SUPHP
• HAVE_PHP2_SUPHP
• HAVE_RUID2
• RUID2_AND_MOD_SECURITY
• MODSEC_AUDIT_DIR token will be set to not supported

CustomBuild does not support suphp and ruid2 modes since version 1.647.

If custom webserver templates are being used please make sure they are not referencing the deprecated template tokens.

Removed support for PHP safe_mode flag removal

PHP option safe_mode is deprecated starting PHP 5.3 and completely removed since PHP 5.4.

Template token HAVE_SAFE_MODE will always be set to 0.

Template token SAFE_MODE will always be set to OFF.

Templates bundled with DirectAdmin will no longer use HAVE_SAFE_MODE and SAFE_MODE tokens.

Removed support for two-step authentication scratch code expiry removal

The ability to generate two-step authentication codes with expiry time is removed.

Already expired codes will be removed. Still valid codes with expiration will get converted to eternally valid codes.