Version 1.687

Released: 2025-10-14

• File Manager "Create Folder" now uses a new API endpoint evolutionupdate
• File Manager "Search" now uses a new API endpoint evolutionupdate
• Spacing and size improvements for File Manager folder tree evolutionupdate
  • Before the changes
  • After the changes
• Protected directories list improvements evolutionupdate
  • Before the changes
  • After the changes
• WordPress Manager hooks update
• Web installer provides multiple urls update
• Software version changes custombuildupdate
• Modsecurity ruleset updates custombuildupdate
• Ignore hidden and non-executable hook files update
• Hide plugin menu entries when all plugins are disabled fix
• Executing long-running user-owned tasks on RHEL systems fix
• Redis service file for CloudLinux systems fix
• Include subdomains with custom document root in user-level backups fix
• Use multiple colors for usage charts evolutionfix
• Incorrect days of the week in calendar evolutionfix
• Better support for legacy browsers evolutionfix

File Manager "Create Folder" now uses a new API endpoint evolutionupdate

The Create Folder action in File Manager now uses a new API endpoint, replacing the previous one.

File Manager "Search" now uses a new API endpoint evolutionupdate

The File Manager Search now uses a new API endpoint. It also features improved request-state handling and clearer error messages.

Spacing and size improvements for File Manager folder tree evolutionupdate

The folder tree now uses tighter spacing so more items fit on screen without scrolling. Text size is aligned with the main files and folders list for consistency. Left padding of the expand-folder button has been reduced.

Before the changes

After the changes

Protected directories list improvements evolutionupdate

The protected directories now groups directories by domain for improved usability.

Before the changes

After the changes

WordPress Manager hooks update

New hooks were added for WordPress Manager. Full feature documentation can be found here

Web installer provides multiple urls update

Initiating DirectAdmin setup in web installer mode from within a private network, now displays two URLs. The first URL uses the server’s main IP address, and the second uses the public facing IP address.

Software version changes custombuildupdate

• ModSecurity rules from Comodo for apache added with 1.233 version
• ModSecurity rules from Comodo for litespeed added with 1.233 version
• ModSecurity rules from Comodo for nginx added with 1.236 version
• ModSecurity rules from OWASP CRS updated from 4.18.0 to 4.19.0
• nginx updated from 1.29.1 to 1.29.2
• PHP 8.5 updated from 8.5.0RC1 to 8.5.0RC2
• phpmyadmin updated from 5.2.2 to 5.2.3
• redis updated from 8.2.1 to 8.2.2
• webalizer updated from 2.23-09 to 2.23-08
• cwaf_rules removed
• modsec-sdbm-util removed

Note: The webalizer version have not actually changed. The versions.txt file is updated to have the webalizer version we actually install.

Modsecurity ruleset updates custombuildupdate

Comodo ruleset versions in versions.txt file were split accross different webservers and renamed:

• cwaf_rules were split to modsecurity-rules-comodo-nginx, modsecurity-rules-comodo-apache and modsecurity-rules-comodo-litespeed

Owasp ruleset were renamed to match the rules naming convention:

• modsecurity_owasp_rules were renamed to modsecurity-rules-owasp

Ignore hidden and non-executable hook files update

Executing pre/post hooks from a hook directory (files in scripts/custom/{hook_name}/*) will automatically skip all the hidden files (file names starting with . symbols) and all non-executable files (files without +x permission).

These new exceptions help in the following situations:

• Temporary disabling hooks. Removing the +x attribute allows the hook script to be disabled without removing the hook script file.
• Avoiding errors from text editor temporary files. The vim text editor with a default configuration creates a temporary hidden file in the same directory. Prior to this update the temporary files used to cause hook execution errors.

Hide plugin menu entries when all plugins are disabled fix

If an empty list of allowed plugins was configured for the user, then the plugin menu entries were still visible, but access to the plugin page was blocked.

The menu items and actual plugin page availability are in sync now. Menu entries will be hidden when the plugin page is not accessible.

Executing long-running user-owned tasks on RHEL systems fix

The long-running requests that are executed in a separate user-owned process (for example, file upload or ClamAV scan) were automatically killed by systemd on RHEL systems after ~3 minutes. This affected only RHEL-based systems.

The systemd service file is updated to fix the unexpected long-running process termination.

Redis service file for CloudLinux systems fix

User-owned redis process service file is updated to allow surviving CageFS reconfiguration and to keep the service running even when all other user processes have terminated.

Include subdomains with custom document root in user-level backups fix

User-level backups are fixed to also include subdomains with the document root outside of the main domain directory.

Use multiple colors for usage charts evolutionfix

Previously, the admin and reseller history pages displayed usage charts using only a single color. With this fix, different colors are used for each data series.

Incorrect days of the week in calendar evolutionfix

Fixed an issue where when start of the week was set to "Sunday" (option found in skin options page) the days of the week were named incorrectly.

Better support for legacy browsers evolutionfix

The UI colors now works even with the legacy browsers like Firefox 115 or Google Chrome 109.