Version 1.671

Released: 2024-11-20

• Keyboard shortcuts for search evolution new
• Custom php-fpm configurations now included in backup/restore new
• Support for PHP 8.4 custombuild new
• PHP extension lz4 support custombuild new
• PHP extension pgsql support custombuild new
• Sidebar layout update evolution update
• Software version changes custombuild update
• PHP configure.phpXX cleanup custombuild update
• EOL indicator in updates page evolution update
• Refactored mod_aclr2 module installation for Nginx+Apache custombuild update
• Login key management rework update
• Impossible to allow all plugins when admin his own account fix
• Drop ability to create client_read_only login keys removal
• Removed check_referer and session_requires_referer configuration options from directadmin.conf removal

Keyboard shortcuts for search evolution new

The search feature can now be activated with the following keyboard shortcuts:

• Search for accounts, domains, etc. can be focused with Ctrl + K on PC or ??? + K on Mac.
• Quick navigation (search for pages) can be opened with Ctrl + J on PC or ??? + J on Mac.

Custom php-fpm configurations now included in backup/restore new

An Admin has the ability to set custom php-fpm configurations on a global basis for all php versions, but also on a per-php-version basis. This files are now included in the backup and restore. Eg: php-fpm.conf.custom1, php-fpm81.conf.custom2, etc.

Support for PHP 8.4 custombuild new

CustomBuild is updated to support building PHP 8.4 on all supported systems.

PHP extension lz4 support custombuild new

CustomBuild is updated to support building lz4 PHP extension on all supported systems.

PHP extension pgsql support custombuild new

CustomBuild is updated to support building pgsql PHP extension on all supported systems.

Sidebar layout update evolution update

The Sidebar layout received an update:

• The header has a permanent search bar.
• The user-level switch is moved to the right side bar.
• The layout is now more mobile-friendly.
• The layout customization option to force a white background on the logo is removed.

Software version changes custombuild update

• PHP 8.4 added with 8.4.1 version
• php_imap added with 1.0.3 version
• php_lz4 added with 0.4.4 version
• phpredis renamed to php_redis and updated from 5.3.7 to 6.1.0 version
• php_redis5 added with 5.3.7 version
• php_redis added with 6.1.0 version
• composer updated from 2.8.2 to 2.8.3
• dovecot-fts-xapian updated from 1.7.17 to 1.8
• imagemagick updated from 7.1.1-39 to 7.1.1-41
• litespeed updated from 6.3.1-4 to 6.3.1-5
• PHP 8.1 updated from 8.1.30 to 8.1.31
• PHP 8.2 updated from 8.2.25 to 8.2.26
• PHP 8.3 updated from 8.3.13 to 8.3.14
• mod_aclr2 removed

Notes:

The PHP extension redis entry in the versions file is renamed from phpredis to php_redis and updated to version 6.1.0. When this extension is used with PHP 7.0, 7.1, 7.2, and 7.3 the older version from the 5.x branch will be used.

PHP configure.phpXX cleanup custombuild update

CustomBuild configure/php/configure.phpXX (where XX can be a PHP version like 83) scripts were updated.

• --with-pear was removed, as it is enabled by default
• --with-mhash was removed, as mhash extension is emulated through the Hash extension (which is enabled by default: https://www.php.net/manual/en/ref.hash.php
• --program-suffix=XX was removed, CustomBuild makes sure that all the binary files like bin/php, bin/lsphp, bin/php-cgi, bin/php-config, bin/phpize, sbin/php-fpm get suffix by a symlink for backwards compatibility
• configure/systemd/php-fpmXX.service files got PHP suffix removed, PIDFile line removed, --pid=/run/php-fpm74.pid in ExecStart line was removed as well, as Type=notify does not need to have a PID file specified
• configure/fastcgi/fcgid.sh file got PHP suffix removed

EOL indicator in updates page evolution update

In updates page (located in admin level -> Support & Help -> Updates), a message is shown if system Linux distribution is not supported by DirectAdmin.

Refactored mod_aclr2 module installation for Nginx+Apache custombuild update

mod_aclr2 gets installed by default with Apache from now on. There is no mod_aclr2 command anymore. The module is loaded only when Nginx+Apache is used as a server.

Login key management rework update

Request handler of /CMD_LOGIN_KEY is updated to improve speed and reliability.

key changes:

• POST ?action=create&type=one_time_url ignores allow/deny command lists.
• GET ?action=log uses new HTM_LOGIN_KEY_LOG_VIEW template to display non-json logs.
• POST ?action=select&reset=... is now unknown action. Limit on login key request count was removed long time ago
• GET ?action=show_modfiy no longer provides MAX_USES flag
• GET ?action=show_(create|modify) no longer provides json response

Impossible to allow all plugins when admin his own account fix

When admin account modifies his own user account, he was unable to change from allowing some plugins to allowing all plugins. The issue is fixed and should allow admins to switch between allowing all plugins or just some plugins without problems.

Drop ability to create client_read_only login keys removal

It is no longer possible to create login keys with client_read_only=yes when impersonating user. It is still possible to manually add client_read_only=yes in login key config.

Removed check_referer and session_requires_referer configuration options from directadmin.conf removal

The referrer checks will always be performed and can no longer be disabled. However, the checking logic is updated to take the Origin header into consideration. Support the Sec-Fetch-Site header to detect cross-origin requests and extend CORS support with the Cross-Origin-Resource-Policy response header.

These changes improve the security for browser-based access and make it easier to create API requests with cookie-based authentication.