Directadmin Docs

Version 1.669

Released: 2024-10-16

Advanced global search for all layouts evolution new

A new global search bar is added to all Evolution skin layouts. It unifies and improves how the search works. Notable changes:

  • Search targets (users, domains, menu entries, etc.) can be easily turned on or off inside the search box.
  • The search results are grouped by the search target.
  • The matching part of the search is highlighted on the search results. This makes it easier to understand why and how the result matched the search string.
  • The search results for pages include a page location in the menu.
  • Too many results from a single search target is collapsed with an option to show all results. This avoids results from a single target overwhelming the results from other targets.

Note: If custom CSS rules are being used for the Icons Grid layout to recreate the traditional sub-theme (example in the CSS Customizations section), the rules need to be updated to work correctly with the new global search.

Global search example

Updated two-step authentication page evolution improved

The page for enabling and managing two-step authentication is updated. The page can now be found as a new section in the User Profile page.

Key improvements:

  • It will no longer be possible to enable it without providing a correct code from the Authenticator app.
  • Once enabled, the two-step authentication page will no longer show the authentication secret when the page is visited again.
  • An option to send a notification on two-step authentication failures is now grouped with other notification settings in the General section.
  • Recovery codes will be automatically generated after two-step authentication is enabled.

Two-step authentication

Fixed width font for server TLS upload page's inputs evolution improved

The font used for server TLS upload page's inputs has been changed to one whose letters and characters each occupy the same amount of space.

Removed php[2-9]_mode options from CustomBuild options.conf file custombuild improved

CustomBuild configuration file options.conf will no longer keep php2_mode, php3_mode, etc. options. The only option used for PHP mode configuration will be php1_mode. This will make configuration file simpler and shorted.

Removed options are no longer needed because CustomBuild does not support multiple PHP modes since version 1.667.

Spam scanning will be activated by default if allowed improved

If a User is created with the spam option set to ON, this change will now activate Spam Scanning for the User's by default. If the User then creates a second domain, it will use the settings from the first/main domain from the account.

Also, a new optional template can be created to override the internal defaults:

/usr/local/directadmin/data/templates/custom/spam_defaults.json

A sample of this file might look like:

{
        "required_hits" : "3.5",
        "high_score" : "8",
        "high_score_block" : "yes",
        "rewrite_subject" : "1",
        "subject_tag" : "***SPLAM***",
        "whitelist_from" : [
                "always@delivered.com"
        ],
        "blacklist_from" : [
                "never@accept.com"
        ],
        "where" : "userspamfolder",
        "report_safe" : "2"
}

where only the variables that you wish to override need to be in this file. Using this template will remove any need for the hook scripts How to enable SpamAssassin for new users

More informative licensing errors for legacy skins improved

When DirectAdmin encounters licensing problems (missing license, expired license, etc.), a detailed explanation of the problem and how to fix it used to be shown. But only if Evolution skin is used. In Enhanced or other legacy skins, a blank page with a generic error used to be shown.

The way licensing errors are handled is now changed to always use Evolution skin.

Improved /CMD_LOGIN request handling improved

Request handler of /CMD_LOGIN is updated to improve speed and reliability.

Notable changes:

  • Requests to /CMD_LOGIN will always respond with HTML output, not JSON. If a JSON response is needed, then the /api/login API endpoint should be used.
  • For accounts with two-step authentication enabled, all login data (username, password, 2FA code) have to be sent with a single request. It is no longer possible to pass password validation and 2FA validation with separate requests.
  • The two-step authentication code can be passed in the form field named otp.code.
  • A more detailed error message will be shown on login failures.
  • CMD_ASK_TWOSTEP_AUTH is deprecated. It was used for unfinished sessions to display two-step authentication code input.
  • CMD_LOGIN can no longer be used for impersonation. Any attempt to do this will perform a logout action.

All these changes are only relevant when a custom login page is used.

Software version changes custombuild improved

  • composer updated from 2.7.9 to 2.8.1
  • dovecot-fts-xapian updated from 1.7.14 to 1.7.16
  • imagemagick updated from 7.1.1-38 to 7.1.1-39
  • litespeed updated from 6.3.1-1 to 6.3.1-2
  • modsecurity_owasp_rules updated from 4.6.0 to 4.7.0
  • nginx updated from 1.27.1 to 1.27.2
  • php_yaml updated from 2.2.3 to 2.2.4

Stop logging successful API access in login.log improved

Information about all requests, including authentication type, is stored in the /var/log/directadmin/access.log file. File login.log is used to log all successful API requests with limited information (client IP and username) duplicating the same information that is already present in the access.log.

The file login.log will no longer include information about successful API calls, leaving only authentication failures.

Single login page for all the skins improved

The login page from Evolution is much more flexible and has more features compared with the login pages provided by legacy skins. With this release, the Evolution login page will be used as the main DirectAdmin login page for all the skins.

It is still possible to create a completely custom login page (not related to any skin), but we recommend using Evolution login page customizations to achieve the desired result.

Independent PHP-FPM configuration for each virtual host when nginx is used improved

The directadmin.conf option nginx_fpm_always_set internal default value is changed from 0 (disabled) to 1 (enabled). This means each virtual host definition (for domains and sub-domains) will have a full and independent PHP configuration section. Previously, a single configuration file between different virtual hosts was reused.

In the upcoming releases, this configuration option will be removed completely.

Errors trying to create a forwarder with the "pipe" option evolution fixed

Trying to create or modify a forwarder when "pipe" option is selected and the input field contains some content no longer shows an error when submitting the form.

Redirection to statistics reports page evolution fixed

Pages such as Site Summary / Statistics / Logs and Subdomain Management now correctly display links to domain's webalizer/awstats reports page. The data within reports page is correctly loaded based on what awstats and webalizer values are configured to in DirectAdmin configuration settings (directadmin.conf).

Terminating long-running plugin requests fixed

Subprocesses started by the directadmin service used to ignore SIGTERM signals. This used to allow missbehaving plugin handlers to run for a very long time (longer than the default 10 minute limit) and cause problems when directadmin service needs to gracefully restart.

The issue is fixed by keeping the default SIGTERM handler for sub-processes.

Web terminal disconnects on invalid UTF-8 sequence fixed

On modern systems, opening the vim editor in the web terminal can cause the terminal session to close abruptly. The problem was caused by invalid UTF-8 sequences breaking the connection. Issue is fixed now.

Location of customized password change templates fixed

The location for custom HTML templates used in /CMD_CHANGE_EMAIL_PASSWORD and /CMD_CHANGE_FTP_PASSWORD is changed to be consistent with other customizations.

The old location for custom HTML files used to be:

  • ./data/templates/email_pass_change/custom/index.html
  • ./data/templates/ftp_pass_change/custom/index.html

Because these two files do not follow the general pattern of custom files being placed in the ./data/templates/custom directory, they would get automatically removed when DirectAdmin is updated.

The issue is fixed by changing the customized templates location to:

  • ./data/templates/custom/email_pass_change/index.html
  • ./data/templates/custom/ftp_pass_change/index.html

The update script will detect existing customizations in the old location and move them to the new location automatically.

Fixed Dovecot configuration when modern SSL mode is used custombuild fixed

When ssl_configuration=modern is set in the CustomBiold options.conf file, the Dovecot configuration used to get an empty ssl_cipher_list option in the /etc/dovecot/conf/ssl.conf file.

Empty option can cause dovecot configuration error. This option will be completely omitted to avoid it.

Removed Admin SSL Certificates page evolution removed

The Admin SSL certificates page (previously found under admin level -> Server Manager category -> Admin SSL -> View Certificates) has been removed. The View Certificates button that lead to the now removed page has been replaced with a button which says "Server TLS Certificate" and (as the name suggests) redirects to the Server TLS Certificate page.

Removed search from Refreshed layout menu grid evolution removed

The refreshed layout dashboard in menu grid mode will no longer have a quick search bar and user-level switch at the top of the page.

Access level switching should be performed in the right-side menu.

Refreshed layout dashboard

Removed the system_skin configuration option from directadmin.conf removed

The login page that used to be part of Evolution will now be used as login page for all the skins.

A completely custom login pages are still supported. More details are in the login page customization documentation.

The session_cookie_multiplier option is no longer relevant. Session cookies do not have a client-side expiration time.

Removed max_twostep_auth_attempts configuration option from directadmin.conf removed

Login failures for user accounts with two-step authentication and without two-step authentication will be treated the same.

Removed block_ip_after_failed_twostep_auth configuration option from directadmin.conf removed

Login failures for user accounts with two-step authentication and without two-step authentication will be treated the same.

Removed lock_debug configuration option from directadmin.conf removed

This option is not needed in a production environment.

Optimization for CMD_API and json=yes calls. improved

API calls that don't use the original tokenized skin design do not require tokens. A simple logic change to not pre-load the global tokens for CMD_API and json=yes calls. Some tests yielded a near 3x speed improvement for local calls (same LAN), eg: CMD_API_SHOW_USER_CONFIG went from 290ms to 100ms. All calls of these types are averaging a ~190ms speed increase.

Last Updated: