Version 1.671

Released: 2024-11-20

The search feature can now be activated with the following keyboard shortcuts:

  • Search for accounts, domains, etc. can be focused with Ctrl + K on PC or ??? + K on Mac.
  • Quick navigation (search for pages) can be opened with Ctrl + J on PC or ??? + J on Mac.

Custom php-fpm configurations now included in backup/restore new

An Admin has the ability to set custom php-fpm configurations on a global basis for all php versions, but also on a per-php-version basis. This files are now included in the backup and restore. Eg: php-fpm.conf.custom1, php-fpm81.conf.custom2, etc.

Support for PHP 8.4 custombuild new

CustomBuild is updated to support building PHP 8.4 on all supported systems.

PHP extension lz4 support custombuild new

CustomBuild is updated to support building lz4 PHP extension on all supported systems.

PHP extension pgsql support custombuild new

CustomBuild is updated to support building pgsql PHP extension on all supported systems.

The Sidebar layout received an update:

  • The header has a permanent search bar.
  • The user-level switch is moved to the right side bar.
  • The layout is now more mobile-friendly.
  • The layout customization option to force a white background on the logo is removed.

Sidebar layout preview

Software version changes custombuild improved

  • PHP 8.4 added with 8.4.1 version
  • php_imap added with 1.0.3 version
  • php_lz4 added with 0.4.4 version
  • phpredis renamed to php_redis and updated from 5.3.7 to 6.1.0 version
  • php_redis5 added with 5.3.7 version
  • php_redis added with 6.1.0 version
  • composer updated from 2.8.2 to 2.8.3
  • dovecot-fts-xapian updated from 1.7.17 to 1.8
  • imagemagick updated from 7.1.1-39 to 7.1.1-41
  • litespeed updated from 6.3.1-4 to 6.3.1-5
  • PHP 8.1 updated from 8.1.30 to 8.1.31
  • PHP 8.2 updated from 8.2.25 to 8.2.26
  • PHP 8.3 updated from 8.3.13 to 8.3.14
  • mod_aclr2 removed

Notes:

The PHP extension redis entry in the versions file is renamed from phpredis to php_redis and updated to version 6.1.0. When this extension is used with PHP 7.0, 7.1, 7.2, and 7.3 the older version from the 5.x branch will be used.

PHP configure.phpXX cleanup custombuild improved

CustomBuild configure/php/configure.phpXX (where XX can be a PHP version like 83) scripts were updated.

  • --with-pear was removed, as it is enabled by default
  • --with-mhash was removed, as mhash extension is emulated through the Hash extension (which is enabled by default: https://www.php.net/manual/en/ref.hash.php
  • --program-suffix=XX was removed, CustomBuild makes sure that all the binary files like bin/php, bin/lsphp, bin/php-cgi, bin/php-config, bin/phpize, sbin/php-fpm get suffix by a symlink for backwards compatibility
  • configure/systemd/php-fpmXX.service files got PHP suffix removed, PIDFile line removed, --pid=/run/php-fpm74.pid in ExecStart line was removed as well, as Type=notify does not need to have a PID file specified
  • configure/fastcgi/fcgid.sh file got PHP suffix removed

EOL indicator in updates page evolution improved

In updates page (located in admin level -> Support & Help -> Updates), a message is shown if system Linux distribution is not supported by DirectAdmin.

Refactored mod_aclr2 module installation for Nginx+Apache custombuild improved

mod_aclr2 gets installed by default with Apache from now on. There is no mod_aclr2 command anymore. The module is loaded only when Nginx+Apache is used as a server.

Login key management rework improved

Request handler of /CMD_LOGIN_KEY is updated to improve speed and reliability.

key changes:

  • POST ?action=create&type=one_time_url ignores allow/deny command lists.
  • GET ?action=log uses new HTM_LOGIN_KEY_LOG_VIEW template to display non-json logs.
  • POST ?action=select&reset=... is now unknown action. Limit on login key request count was removed long time ago
  • GET ?action=show_modfiy no longer provides MAX_USES flag
  • GET ?action=show_(create|modify) no longer provides json response

Impossible to allow all plugins when admin his own account fixed

When admin account modifies his own user account, he was unable to change from allowing some plugins to allowing all plugins. The issue is fixed and should allow admins to switch between allowing all plugins or just some plugins without problems.

Drop ability to create client_read_only login keys removed

It is no longer possible to create login keys with client_read_only=yes when impersonating user. It is still possible to manually add client_read_only=yes in login key config.

Removed check_referer and session_requires_referer configuration options from directadmin.conf removed

The referrer checks will always be performed and can no longer be disabled. However, the checking logic is updated to take the Origin header into consideration. Support the Sec-Fetch-Site header to detect cross-origin requests and extend CORS support with the Cross-Origin-Resource-Policy response header.

These changes improve the security for browser-based access and make it easier to create API requests with cookie-based authentication.

Last Updated: