Version 1.658

Released: 2024-01-02

• Removal scripts for old libmaxminddb in /usr/local custombuild update
• Use quoted document root paths in webserver configuration update
• PHP 8.2 and 8.3 ini file editor in GUI update
• Add Package to List Resellers update
• Software version changes custombuild update
• MariaDB 10.3 file download fallback to DirectAdmin files server update custombuild
• "FTP" and "email" search result labels evolution update
• Increased log viewer dropdown size evolution update
• Validation for the password confirm dialogs evolution update
• Unpredictable Evolution freeze on chromium based browsers fix
• Skin languages for user packages evolution update
• Modsecurity page evolution update
  • Other fixes
  • "Domain" input improvement
  • Other improvements
• Long error message responses from legacy API can trigger single process crash fix
• Create forwarder "add" button evolution fix
• Domain pointers table reload evolution fix
• Disabled PHP, CGI, SSL settings evolution fix
• Redundant API calls on route changes evolution fix
• "No results" almost invisible evolution fix
• Login Keys menu entry evolution fix
• Lost password page evolution fix
• Reload mailing lists table evolution fix
• Loader icon in login pages evolution fix
• Filemanager dialog actions fix
• Removed option http2 from directadmin.conf removal

Removal scripts for old libmaxminddb in /usr/local custombuild update

CustomBuild is extended to detect and remove old copies of libmaxminddb library in /usr/local.

Presence of this library in /usr/local on Debian systems can make bind service to fail to start due to violation of AppArmor profile.

Related CLI commands:

• da build list_removals - reports if library is detected on the system.
• da build remove_old_local libmaxminddb - creates a backup and removes old library.
• da build restore_old_local libmaxminddb - restores old library from a backup.

It will be visible in CustomBuild software removal section in GUI as well.

Use quoted document root paths in webserver configuration update

Web server templates are updated to use quotes when setting document root paths. This ensures more symbols are supported in paths.

• data/templates/ips_virtual_host.conf
• data/templates/nginx_ips.conf
• data/templates/nginx_server.conf
• data/templates/nginx_server_secure.conf
• data/templates/nginx_server_secure_sub.conf
• data/templates/nginx_server_sub.conf
• data/templates/virtual_host2.conf
• data/templates/virtual_host2_secure.conf
• data/templates/virtual_host2_secure_sub.conf
• data/templates/virtual_host2_sub.conf

PHP 8.2 and 8.3 ini file editor in GUI update

Configuration file editor in GUI (Admin level Admin Tools > System Info & Files > File Editor) is extended to include php.ini files for PHP 8.2 and PHP 8.3 versions.

Add Package to List Resellers update

The call to CMD_RESELLER_SHOW?bytes=yes&json=yes will now includes a package entry, with 2 values, eg:

		"package": 
		{
			"original_package": "Gold-package",
			"package": "custom"
		},

where the original_package will show the package name if the User package is set to custom. The package value will always be the currently used value, custom or not. The original_package may be empty. The Enhanced skin already shows the field, and Evolution should follow with the optional column shortly.

Software version changes custombuild update

• exim updated from 4.97 to 4.97.1
• PHP 8.1 updated from 8.1.26 to 8.1.27
• PHP 8.3 updated from 8.3.0 to 8.3.1
• PHP 8.2 updated from 8.2.13 to 8.2.14
• MySQL 5.7 updated from 5.7.43 to 5.7.44
• MySQL 8.0 updated from 8.0.34 to 8.0.35
• litespeed updated from 6.1.2 to 6.2
• openlitespeed updated from 1.7.18.1 to 1.7.19
• proftpd updated from 1.3.8a to 1.3.8b
• lego updated to 4.14.2-SNAPSHOT-cd63b325
• modsecurity3 updated from 3.0.10 to 3.0.11
• imagemagick updated from 7.1.1-21 to 7.1.1-25
• igbinary updated from 3.2.14 to 3.2.15
• phalcon5 updated from 5.4.0 to 5.5.0
• galera_versions updated from 26.4.13 to 26.4.16
• composer updated from 2.6.5 to 2.6.6
• mod_lsapi updated from 1.1-71 to 1.1-72

MariaDB 10.3 file download fallback to DirectAdmin files server update custombuild

Packages for MariaDB 10.3 are no longer available in the official sources.

CustomBuild is updated to retry fetching MariaDB files from DirectAdmin server to keep MariaDB 10.3 installation option available.

"FTP" and "email" search result labels evolution update

FTP accounts and mailboxes appear in the same format within global search results. This causes confusion when user thinks the result is a mailbox but is then redirected to the ftp management page. With this change, a label "FTP" has been added on the right side of ftp results. Mailboxes have "email" label instead.

Increased log viewer dropdown size evolution update

Previously the dropdown height in log viewer was capped at 200px. This has been increased to 40% of the viewport height, while leaving the minimum height at 200px.

Validation for the password confirm dialogs evolution update

The password confirmation dialog lacked the required validation of the password, but now it has been improved. Users won't be able to press the "Confirm" button when the password is empty.

Unpredictable Evolution freeze on chromium based browsers fix

Due to implementation bug on chromium based browsers, sometimes a fresh load of Evolution skin would freeze and stop reacting to any actions. Reloading the page would fix the issue and it would continue to run fine.

Root cause was interoperability problem in HTTP2 protocol stream priority subsystem. This release fixes the issue.

Skin languages for user packages evolution update

Previously after choosing a different skin from the "Skin" dropdown, the language dropdown retained all of its options. This was in spite of the fact that languages could be unsupported by the newly selected skin. With this change, switching between skin options will cause language options to update as well. This additionally fixes an issue where it was possible to create package with a language that a skin did not support.

Modsecurity page evolution update

Multiple fixes and improvements have been added to the admin (/evo/admin/modsecurity) and user level (/evo/user/modsecurity) modsecurity pages.

The most important fix is that admin level modsecurity page no longer limits admin user to managing only his own domains. Previously within /evo/admin/modsecurity page, if admin made any kind of input using the "Domain" input, he would be shown a dropdown list of domains. Clicking on the ones that do not belong to the admin user itself used to show global modsecurity rules rather than that domain's rules. This is no longer the case and to prevent any further confusion the "domain" input itself has been improved which is further explained in "Domain" input improvement subsection.

Other fixes

Below is a list of other fixes:

• subdomain (also domain if in admin level modsecurity page) will now always appear in url
• ID placeholder used to be 1234-1239 where it should have been "1234-1239" (with the quotation marks included). This is because backend is only able to add a range of IDs if they're enclosed in quotation marks.

"Domain" input improvement

A "View Global Rules" button will now be shown when admin is viewing domain's/subdomain's rules (see screenshot below). Previously if admin was viewing domain's rules, he would have to modify input in a way where the input didn't match any domains. So if user had something like "exampledomain.com", removing any letter from that input used to show global rules again. Having this button means that global rules now will only be shown when user clicks it.

The domain input will only display domain's modsecurity configurations when you click any of the search results (or press the enter key). Previously it reloaded page data any time input was made.

Also, a "Search for domains" placeholder has been added. "No Results" message will be displayed when focusing "Domain" input (if there's no results). Example shown below:

Other improvements

Added validation for the ID field. It will now validate whether the field is an empty string as well as check whether input is in correct format. Here are some examples of allowed inputs: 1234, "1234-1239", "0001-9999". Note that it also doesn't allow user to disable rule with an ID of 0.

Example provided below shows what happens when ID of 0 is included within the input:

Furthermore, a loading icon will now be displayed when new page configuration data (list of disabled rules and other data) is being fetched. For example, when switching between domains/subdomains or loading page on initial render.

Long error message responses from legacy API can trigger single process crash fix

Returning very long error messages from legacy JSON API endpoints could trigger a crash of a process handling this request. Message about single process crash then masks real error message.

This issue is fixed.

Create forwarder "add" button evolution fix

Create forwarder "add" button was not aligned properly in regards to the input field to its left. This button has been moved directly below the "New Forwarder Name" input field.

Domain pointers table reload evolution fix

Domain pointers table now reloads its data after changing domains

Disabled PHP, CGI, SSL settings evolution fix

Within "My Users" page, when viewing user's domain settings, if all three settings were disabled, a plain object was shown instead of icons representing the state these options were in. With this change, if any of the three options is disabled, they will show up as disabled. Previously only enabled ones would show up.

Redundant API calls on route changes evolution fix

Pages with tables always executed an additional API request on route changes. This lead to issues where a reseller could remove a user and then get an API error because the now deleted user's info is being fetched again.

"No results" almost invisible evolution fix

On mobile, using a non-refreshed layout along with dark mode, the "No results" message given by input search was almost invisible. It will now be the same color as on desktop.

Login Keys menu entry evolution fix

The "Login Keys" page wasn't accessible via the menu; it lacked a menu entry for the page, and now it has been added

Lost password page evolution fix

It was impossible to execute API calls within lost password page (/evo/login/lost-password). Because of this, clicking "Send me a Link" button ended up showing an empty window as seen below:

Using the "Send me a Link" button will now properly generate an API request and progress password recovery process.

Reload mailing lists table evolution fix

Previously adding or removing a mailing list in /evo/user/email/lists/:listName/view didn't automatically update table. This has been fixed. Additionally, switching between tabs within the page now properly updates the url (will now end in either view/list or view/digest depending on which tab we're in).

Loader icon in login pages evolution fix

Fixed an issue where the loader icon was not visible in the login application. This resulted in an empty button after triggering an API request.

Example of the issue shown below:

Filemanager dialog actions fix

It was previously impossible to execute any of the actions that called a separate dialog window when previewing images. This includes actions such as "Remove", "Add to archive", "Set permissions" and so on...

Removed option http2 from directadmin.conf removal

Option http2 to disable or enable HTTP/2 support for the main webserver is removed from directadmin.conf HTTP/2 support will always be enabled.

This change also updates the following templates:

• custombuild/configure/nginx/conf/nginx-vhosts.conf
• custombuild/configure/nginx_reverse/conf/nginx-vhosts.conf
• data/templates/nginx_ips.conf
• data/templates/nginx_server_redirect.conf
• data/templates/nginx_server_secure.conf
• data/templates/nginx_server_secure_sub.conf

These templates no longer use SPACE_HTTP2 token. For backwards compatibility this token is still present in templating system.

If these templates were customized make sure changes are back-ported to the custom templates.