Version 1.46.3

Released: 2014-10-24

Show bad zone if named-checkzone fails new

Related to this feature:

Use named-checkzone to better filter dns records

The output from a failed zone write due to bad named-checkzone return code will now dump the contents of the temporary zone file into a textarea, prior to deleting the temp zone.

This should make it much easier to see exactly what named-checkzone is talking about.

Ability to change the 1000 email limit send notification new

New directadmin.conf option:

default_email_notify_limit=1000

which allows you to change the default limit that DA uses as a fall back, in case you use 0 (unlimited) in /etc/virtual/limit

Domain selector on certain pages (SKINS) new

New global token:

ALL_DOMAINS_SELECT

Contains a <select> list of all domains for this User account in the form:

<select class=tree ondblclick="location.href='/CMD_SHOW_DOMAIN?domain=currentdomain.com';" onchange="location.href='/CMD_<VALUE>?domain='+this.value;">
<option>domain1.com</option><option>domain2.com</option><option>domain3.com</option>.. etc.
</select>

(it's all on one line, not 3)

DA will set <option select> for the given domain based on the &domain=domain.com or &DOMAIN=domain from the GET headers.

The SESSION_SELECTED_DOMAIN is not used for this case, as it's not always set to the same domain.

If you double-click the select box's current entry, you'll be bounced back up to CMD_SHOW_DOMAIN, as that's the orignal href that the selectbox has replaced, so the functionality is not lost.

For SKIN, basically edit the |?TREE...| and completely remove the <a href> for CMD_SHOW_DOMAIN, and swap it with this:

`ALL_DOMAINS_SELECT`

SKINS:

all below user/*

apache_handlers.html

dns_control.html

dns_mx_control.html

domain_pointers.html

error_pages.html

mime_types.html

email/autresponder.html

email/catch_all.html

email/filter.html

email/forwarder.html

email/list.html

email/pop.html

email/spamassassin.html

email/uasge.html

ftp/ftp.html

filemanager/protected.html

redirects.html

show_domain.html

subdomains.html

user_stats.html

Custom httpd config to show raw templates (SKINS) new

When using:

Admin Level -> Custom HTTPD Configuration

to edit apache, nginx, or php-fpm setups, the page will now show you the raw templates that will be used, just below the available tokens.

They'll be in a visibility javascript +- tool, so they'll be minimized by default.

For apache/nginx, there will be a "Template" section, then each of the 5 or 6 templates will each have their own dropdown section.

For php-fpm, there is only 1 level.

If a custom template is used, a notice will be show beside the filename:

*** Custom Template ***

to alert the admin that a non-standard template is being used, to avoid confusion if the custom template isn't kept up to date.

Template Diff for custom templates CMD_TEMPLATE_DIFF (SKINS)(LANG) new

If you have custom templates in:

/usr/local/directadmin/data/templates/custom/*

you might want to know what changes they have as compare to the defaults.

This is useful to track any new DA updates that you may need to add to your templates.

Eg;

/CMD_TEMPLATE_DIFF?name=virtual_host2.conf

You can only use basic template names.

The mentioned file must exist in the data/templates/* directory (sub-directories don't work at the moment)

Creative ../paths are not allowed.

For the custom httpd config, and custom php-fpm templates, when it says:

*** Custom Template ***

this will now be a URL to that given template, so you can click it to see the differences.

SKINS:

new file:

admin/template_diff.html

add to file;

files_admin.conf:

CMD_TEMPLATE_DIFF=admin/template_diff.html

LANG:

lang/en/admin/template_diff.html

Ability to merge old inbox imap folders to new folders new

Relating to this thread:

http://forum.directadmin.com/showthread.php?t=49997

For DA 1.46.4: Change INBOX.spam to Junk:

Ability to set Spam folder from INBOX.spam to Junk (TEMPLATES)

Changes in CustomBuild 2.0 will set RoundCube and SquirrelMail to stop using:

INBOX.Sent
INBOX.Drafts
INBOX.Trash

and will instead use:

Sent
Drafts
Trash

to be more compliant with most email client's out there.. so that RoundCube and other email clients can use the same folders.

Junk will always be merged to INBOX.spam

However, existing clients may already have the INBOX.* folders, and as such, when they login to RoundCube, it will create the new paths, giving them duplicates of each folder.

This feature gives the Admin the ability to merge the old INBOX.* data into the new folders, without losing messages.

It will add the new folders to the "subscriptions" file, and if removal of the old folders worked, it will remove the old folders from the subscriptions file.

The value in the CustomBuild 2.0 options.conf is checked:

webapps_inbox_prefix=no

which will do the above order for old (INBOX.Sent) vs new (Sent)

However, if you've got this set:

webapps_inbox_prefix=yes

DA will notice that, it everything will happen backwards.

old (Sent) to new (INBOX.Sent)

for the case where you don't want the new format, and you want to force everything back again.

The feature even (should) allow for INBOX.Sent.subfolder to be moved to Sent.subfolder (but it won't make those subfolder subscription changes)

This case should very rarely happen.

**** Before running any merges, be sure to have full backups of your data. ****

To use the feature, there are 2 ways of calling it.

  1. On a Per-User basis. You should test this first on one User (running it twice won't hurt anything)

cd /usr/local/directadmin

echo "action=convert&value=imap_inbox_prefix&user=fred" >> data/task.queue; ./dataskq d2000

where you'd replace "fred" accordingly.

  1. Or for ALL accounts on the server:
cd /usr/local/directadmin
echo "action=convert&value=imap_inbox_prefix" >> data/task.queue; ./dataskq d2000

CMD_API_EMAIL_USAGE to show all sends new

Relating to this feature:

Realtime email usage stats (SKINS)

You can now add this to the GET:

show_sends=1

and DA will create a URL encoded list of all sends, instead of showing the top senders.

This will be a large multi-dementional URL array.. with basic numbers as the index, starting at 0.. and for each number, it will hold URL array for the data itself.

Eg:

CMD_API_EMAIL_USAGE?domain=domain.com&which=both&show_sends=1

typo in the custom fpm/httpd pages fixed

The closing <form> should have been </form>

Also, with the change to the javascript +- visiblity feature, the "submit" button was deleted on the fpm page.

Forum thread:

http://forum.directadmin.com/showthread.php?t=49979

Add DKIM when zone is reset fixed

When using the "Reset Defaults" button for a given zone, the DKIM value, should they exist, are re-added to the zone.

The domain/user must be in /etc/virtual/domainowners for this to work, so wouldn't work for the hostname.

Rounducbe Backup/Restore: pipe both stderr stdout to DA fixed

All output generated from the backup_roundcube.php and restore_roundcube.php is intended to be on stderr, and DA was only reading stderr from the child process.

However, in some cases, no output was shown in the logs, so this change uses:

dup2(STDOUT_FILENO, STDERR_FILENO)

to pipe both pipes to stdout, and DA reads from that.

One case was php 4 that didn't have mysqli caused errors, and seemed to be thrown the missing function/class via stdout so nothing was shown in DA, causing confusion.

Restore Security Question options fixed

In relation to:

Password Icon -> Manage Security Questions

Upon restore, the "Security Questions" themselves were already restored.

However, the 3 checkboxes below the questions for:

  • Require valid answers to the Security Questions for login on this account

  • Allow API logins with the current User/password. Login Keys and Session Keys are always allowed.

  • Notify me on all failed question attempts. Disabling this option will still notify you after 5 failed attempts.

were not being restored.

Fix will restore those options with a Reseller or Admin restore.

User Level restore in "Manage Site Backups" will not restore the options.

The decision to make it Reseller/Admin Level only is only for efficiency, added to existing code that already modifies the user.conf, rather than rewriting the user.conf multiple times in other locations.

ip_blacklist check done before ssl handshake fixed

When an ip is blacklisted, the block on future connections is done before any ssl handshake is done.

Possible re-organizing to allow for the "Your IP is blacklisted" message to be seen if blocked when SSL is enabled.

Backup error with blank line fixed

Some systems were reporting backup errors without any useful details.

After a few blank lines, a <timestamp> would appear with the time of the entry.

It was fuond that the code that copies directories was hitting an error, but wasn't correctly entering it into the results.

The error itself was not the bug, but rather the fact that the error was not correctly reported.

For anyone who is curious, the few cases I did see, the trigger was a root owned file in a Maildir folder... in case that's what you're hitting too.

Php-fpm reload on CentOS 7 fixed

Relating to php-fpm not restarting with nginx

For any apache/nginx/litespeed restart/reload/graceful, previously it would automatically do a "graceful" to the php-fpm boot script.

On Systemd system (CentOS 7), they don't support "graceful" so for this case, changed it to do a "reload"

SSLv3 Poodle (SECURITY) fixed

Changed the openssl protocol to use (SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3) to disable SSLv3, preventing the Poodle exploit in SSLv3.

Note, to all TLSv1.0 and TLS 1.1, use:

ssl_cipher=SSLv3

as TLS1.0 and 1.1 fall under the SSLv3 ciphers list, but because SSLv3 is disabled at the protocol level, SSLv3 itself won't be used.

TLSv1.2 will be enabled either way at the protocol level.

Related ciphers list guide:

http://help.directadmin.com/item.php?id=571

Related forum thread:

http://forum.directadmin.com/showthread.php?t=50105

Upon update of DirectAdmin, it will check the directadmin.conf for:

ssl_cipher=ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-SSLv3:-EXP

and will automatically swap your directadmin.conf back to use:

ssl_cipher=SSLv3

and will notify the Admins via the Message System.

Last Updated: