Version 1.650

Released: 2023-05-??

CustomBuild reports system package upgrades custombuild new

In the available software updates list CustomBuild will start showing if system package updates are available.

A new command for upgrading system packages is introduced:

da build update_system

Layout Options

Note: Updating all software components with command ./build update_versions or da build update_versions will not upgrade system packages to stay compatible with the old CustomBuild behaviour. This also means clicking Update All button in GUI will update all components except system packages, which needs to be perfomed by clicking Update button for this specific action.

Maintenance task for migrating old Evolution customizations to new format new

Older Evolution versions used to store all customizations in a single config.json file. Starting DirectAdmin 1.640 Evolutions would split out customizations into multiple JSON files.

Migration from a single file to multiple files are performed automatically when Admin or Reseller user signs in into evolution.

However if Admin or Reseller accounts with legacy customizations are never used they might still have customizations in old format.

Starting this release Evolution will not perform automatic conversion on user log-in. Instead there is a new maintenance task that finds all such users on the system and performs conversion for everyone in one go.

One-Time-Login URLs improved

Login URLs are upgraded to be shorter and use API endpoint while retaining same security guarantees.

Login URLs created before this change are still valid but it is a good idea to not have long-living unused Login URLs laying around.

Future updates may require for all Login URLs to be re-created.

Updated modsecurity3 install script custombuild improved

Install script for installing modsecurity3 (with NGINX) is updated:

  • It ensures modsecurity will have support for libgeoip or libmaxminddb.
  • Caches modsecurity sources to make reinstalls faster.
  • Downloads modsecurity directly from github, rather than CustomBuild mirror servers.

Without this change on systems without libgeoip or libmaxminddb using default CWAF modsecurity rules might lead to nginx start failure:

nginx: [emerg] "modsecurity_rules_file" directive Rules error. File: /etc/modsecurity.d/REQUEST-910-IP-REPUTATION.conf. Line: 77. Column: 22. This version of ModSecurity was not compiled with GeoIP or MaxMind support.  in /etc/nginx/nginx-modsecurity-enable.conf:2

Software version updates custombuild improved

  • litespeed updated from 6.1.1 to 6.1.2
  • composer updated from 2.5.5 to 2.5.7
  • nginx updated from 1.24.0 to 1.25.0
  • modsecurity3 updated from 3.0.8 to 3.0.9
  • imagemagick updated from 7.1.1-8 to 7.1.1-10
  • PHP 8.1 updated from 8.1.18 to 8.1.19
  • PHP 8.2 updated from 8.2.5 to 8.2.6
  • MariaDB 10.4 updated from 10.4.28 to 10.4.29
  • MariaDB 10.5 updated from 10.5.19 to 10.5.20
  • MariaDB 10.6 updated from 10.6.12 to 10.6.13
  • MariaDB 10.3 updated from 10.3.38 to 10.3.39

Jailshell environment in PHP fastcgi mode custombuild fixed

PHP in FastCGI mode had a separate script that takes care to create a jailed user environment when jailshell script is being used.

Over-time jailed environment for PHP and jailed user login shell have diverged. With this release jailed users will use same jailshell script that is used for jailed users login shell environment. It also ensures any further changes to jailshell script will be automatically applied to PHP in fastcgi mode.

This change also fixes email sending from PHP fastcgi mode for RHEL 9 systems.

Update notification for ionCube PHP extension custombuild fixed

Using default PHP version which does not support ionCube extension would always incorrectly show that ionCube update is available.

In this release PHP extension ionCube install script was updated to work with each supported PHP version separately. When ionCube update is available it will be shown as separate updates for each PHP version.

Silent backup failures when user home directory has too many files fixed

Creating a backup for user account which has too many files in the home dir would create a backup without user files and would not report any errors.

Issue is fixed and backup operation will terminate if backup must include user home directory files, but there was error creating files archive.

Bind service restart on Debian 10 systems fixed

Restarting bind service on Debian 10 systems (where main service file has name bind9.service) via GUI used to fail while restarting via dataksq used to work fine. This release fixes the issue for service restarts using GUI.

The problem and fix affects only Debian 10 systems (or systems where named_service_override config option was used).

Login keys not sending messages fixed

In the new Login keys management API, creation and update actions did not account for login_keys_notify_on_creation in directadmin.conf, and system messages were not being sent.

New Login keys API is fixed to send system messages according to this value.

User level login history order fixed

Depending on the login method, user level login history would get appended to the top or the bottom of the list, leading to inconsistent log.

Issue is fixed so login history is always appended and trimmed correctly based on login time.

Options default_private_html_link is removed, starting this release private_html will always be created as symlink to public_html.

Last Updated: