Storing/Onderhoud

Upgrade DirectAdmin 1.50.1 naar 1.51.3

Zojuist hebben wij een upgrade geïnstalleerd van het DirectAdmin control panel. Versie 1.50.1 is hierbij vervangen door versie 1.51.3. Hiermee zijn enkele problemen verholpen (bugfix) en nieuwe mogelijkheden geïntroduceerd (features).

Een uitgebreide opsomming van de wijzigingen vindt u hier:
02/25/17
Version 1.513

Ability to disable awstats on a per-User account basis
feature
Ability to disable DKIM on a per-User account or per-Domain basis
feature
Ensure da-popb4smtp gets restarted after update
bugfix
awstats_process.sh + cagefs
bugfix
DNS: Reset Defaults: re-add DKIM records for hostname
bugfix
Segfault relating to commands.allow
bugfix
BFM: WordPress Scanning: return code 302 (TEMPLATES)
bugfix

02/15/17
Version 1.512

DNSSEC: Ability to add DS record without signing zone
feature
dnssec: manual sign causing double records
bugfix
awstats_process.sh: Move /var/user_logs to /var/log/user_logs
bugfix
DNSSEC: remove all related files upon zone deletion
bugfix
Improve referer check conditions (SECURITY)
bugfix

02/11/17
Version 1.511

Bug with sendFile code
bugfix

02/09/17
Version 1.51

Backup/Restore mysql charasets
feature
LetsEncrypt: disable auto-renew (SKINS)(LANG)
feature
skin.conf (SKINS)
feature
commands_force_deny to override allowed/deny commands
feature
CustomBuild to manage letsencrypt.sh
feature
CMD_AJAX_SEARCH json
feature
php_fpm_restarts to override reload/graceful
feature
CMD_FILE_MANAGER action=json_dirs action=json_files action=json_all
feature
json output for CMD_FILE_MANAGER
feature
CMD_API_DB_USER list Users for all databases
feature
CustomBuild and DA to add linked IPs to httpd-vhosts.conf and nginx-vhosts.conf
feature
CMD_FILE_MANAGER div to have icons
feature
SNI for per-domain Dovecot SSL certificates (BETA)
feature
zip_bin unzip_bin to allow zip/unzip binary override
feature
FileManager recursive filename/folder search
feature
difficult_password.php can be translated (LANG)
feature
dnssec.sh to use RSASHA256
feature
Ability to disable reload/HUP of apache/nginx after rotation
feature
file_manager_upload_post.sh
feature
ability to change favicon.ico
feature
new “suspended” template directory for new Admin/Reseller accounts
feature
database_user_password_change_pre.sh database_user_password_change_post.sh
feature
Accountability for domain setting change
feature
DNSSEC: automate adding subdomain’s DS and NS records to parent zone
feature
Max upload size to use larger type
feature
Enable direct_imap_backup by default
feature
CMD_API_SUBDOMAIN?domain=all to show subdomains for all domains
feature
json_out for CMD_TICKET_MANAGE
feature
Append Path for Reseller Backups (SKINS)
feature
CREATOR token in dns templates (eg: dns_a.conf)
feature
edit_files.txt now requires root authentication to edit php.ini files
feature
SpamAssassin whitelist wildcards added to filter
bugfix
Dovecot logging format update
bugfix
directadmin_imap_backup without domains directory throws error
bugfix
Two-Step auth cannot have spaces in “name=” for issuer
bugfix
backup_crons.list now url encoded
bugfix
Automatically detected and set Filemanager timezone
bugfix
rename_username.sh to dump/restore databases
bugfix
ftp_list.php support ftp output with fewer fields
bugfix
output change for: “The request you’ve made cannot be executed because it does not exist in your authority level”
bugfix
Filemanager to support ‘multiple’ file[] types
bugfix
max user quota over 2TB
bugfix
nginx_redirect.conf template not to add location / for blank REDIRECT_PATH
bugfix
Change to use use killall when removing User
bugfix
preloaded .htaccess RedirectMatch being inserted into nginx.conf
bugfix
tickets.list read efficiency
bugfix
login.log missing some cases
bugfix
nginx_redirect.conf template to end with (/|$) instead of / (TEMPLATE)
bugfix
check_subdomain_owner didn’t allow subdomains on your own pointer
bugfix
Remove bad cron from list if crontab errored during addition
bugfix
ensure awstats links are owned by root
bugfix
Filtering on CMD_SELECT_USERS
bugfix
session security improvements (SECURITY)
bugfix
reload dns on monthly dnssec sign
bugfix
Create login key through login-as with login key
bugfix
ftp_list.php ftps required double leading forward slash
bugfix
Awstats to run as User (SECURITY) * will increase User disk usage *
bugfix

Aankondiging verhuizing servers 13-14 september

In de nacht van 13 op 14 september gaan wij ons volledige serverpark verhuizen van onze huidige hosting-locatie (EasyNet te Schiphol-Rijk) naar het datacenter EvoSwitch in Haarlem. Onze huidige hostinglocatie EasyNet te Schiphol-Rijk komt hiermee volledig te vervallen. Alle servers, netwerkapparatuur en andere gerelateerde zaken worden verplaatst naar de nieuwe locatie EvoSwitch te Haarlem. Dit betekent dat ook de door u afgenomen diensten door ons gemigreerd zullen gaan worden naar de nieuwe locatie.

De migratie van alle hardware wordt uitgevoerd gedurende de nacht om overlast zo veel mogelijk te beperken. Wij hebben in de afgelopen weken voorbereidingen getroffen om de migratie zo soepel mogelijk en met zo min mogelijk downtime uit te voeren. Zo is ons netwerk gereed gemaakt om via twee locaties bereikbaar te zijn en behouden alle klanten hun toegewezen IP- adres(sen). Alle VPS hardware-nodes en managed servers zijn vooraf gecontroleerd op eventuele disk errors en waar nodig zijn deze verholpen om problemen tijdens de verhuizing te voorkomen. Desondanks valt het niet uit te sluiten dat er een server niet op de juiste wijze online komt, hiervoor is bij elke nachtelijke verplaatsing nazorg voorzien door hiervoor extra medewerkers in te plannen.

Door de migratie is downtime helaas onvermijdelijk. Door gedurende de nacht te verhuizen trachten wij de overlast zo veel mogelijk te beperken. U hoeft zelf niets te doen!

Vanaf 21:00 zullen de servers worden uitgeschakeld en gereedgemaakt voor transport. Wij verwachten vanaf 04:00 uur de servers op de nieuwe locatie online te kunnen gaan brengen. Tussen 04:00 en 08:00 hebben wij in extra nazorg voorzien om eventuele problemen ter plekke te kunnen oplossen. Houd er daarom rekening mee dat de downtime tot 08:00 uur kan duren.

We gaan er van uit u op deze wijze voldoende geïnformeerd te hebben. Mocht u nog vragen hebben of problemen ondervinden dan kunt u contact opnemen met ons via telefoonnummer 0478-550102 of support@slash.nl.

 

Aankondiging software update

Op maandag 1 februari 2016 zullen wij de volgende upgrades door gaan voeren op onze webservers:

  • Upgrade MySQL van 5.6.17 naar 5.7.10
  • Upgrade PHP  5.4.27 naar PHP 5.6.17
  • Upgrade Apache/2 2.27 naar 4.18

Dit onderhoud is nodig in verband met enkele kwetsbaarheden in de software en end-of-life status van de versies die wij draaien.

Gelieve uw eigen software / scripts te controleren op compatibiliteit met deze nieuwe versies.

Upgrade DirectAdmin 1.48.3 naar 1.49.1

Zojuist hebben wij een upgrade geïnstalleerd van het DirectAdmin control panel. Versie 1.48.3 is hierbij vervangen door versie 1.49.1. Hiermee zijn enkele problemen verholpen (bugfix) en nieuwe mogelijkheden geïntroduceerd (features).

Een uitgebreide opsomming van de wijzigingen vindt u hier:

10/20/15 Version 1.491

  • ftp_upload uses wrong timeout [bugfix]

10/17/15 Version 1.49

  • filemanager_pre.sh [feature]
  • Password protected directory to add ErrorDocument 401 [feature]
  • Remote ftp backup/restore to support secure FTPS (SKINS)(LANG) [feature]
  • Server time on login page [feature]
  • When SNI is enabled, Admin SSL certificates are saved to the domain, not to the shared server cert/key [feature]
  • Custom Domain Items (SKINS)(LANG) [feature]
  • HSTS header: HTTP Strict Transport Security [feature]
  • Mail Queue Admin to use -bpr instead of -bp for faster output [feature]
  • Option to allow Resellers to reset their User’s daily E-Mail send count [feature]
  • Ability to pass custom variables to pre/post.sh scripts from GET/POST [feature]
  • session_create_pre.sh [feature]
  • Ability to override skin html on a per-user basis [feature]
  • Autoreply and Vacation messages to support html or utf-8 (SKINS) [feature]
  • CNAME values to be allowed underscores [feature]
  • Per-User mysql.conf files [feature]
  • directadmin.conf variable: systemd [feature]
  • Ability to set global/user/domain/subdomain custom Apache/Nginx tokens [feature]
  • Sent E-Mails on “Show All Users” [feature]
  • Allow incoming server IP for local session keys [feature]
  • Removed nginx SSL settings, replaced with global settings (TEMPLATES) [feature]
  • Lost password path to use lang encoding (LANG) [bugfix]
  • dns_spf restore causes duplicate SPF [bugfix]
  • Security: open_baseidr on /~username with CLI [bugfix]
  • Changes to how DA figures out which server to use for updates [bugfix]
  • group not correctly set [bugfix]
  • Ftp backups created in /home/tmp to include pid in path [bugfix]
  • Skip all templates in ~/domains/domain.com upon restore creation [bugfix]
  • Allow login-as master API access to User if master has api_with_password=yes

Upgrade DirectAdmin 1.48.0 naar 1.48.3

Zojuist hebben wij een upgrade geïnstalleerd van het DirectAdmin control panel. Versie 1.48.0 is hierbij vervangen door versie 1.48.3. Hiermee zijn enkele problemen verholpen (bugfix) en nieuwe mogelijkheden geïntroduceerd (features).

Een uitgebreide opsomming van de wijzigingen vindt u hier:

06/27/15 Version 1.483

  • Broken cacert file [bugfix]
  • incorrect day for strftime on FreeBSD [bugfix]

06/25/15 Version 1.482

  • Restore not finding all ca root certs [bugfix]
  • php-mail.log parsed incorrectly for evaled code [bugfix]
  • Login: Session cookie may expire early if either client or server have wrong time [bugfix]
  • Segfault on two-step auth [bugfix]

06/22/15 Version 1.481

  • Add all remaining mysql user privileges options (SKINS)(LANG) [feature]
  • Read optimization for ConfigFile class when only single item needed [feature]
  • Prevent Reseller from unsuspending User if Admin suspended it (LANG) [feature]
  • @reboot for User cronjobs (SKINS) [feature]
  • CustomBuild 2.0 slim-down [feature]
  • cron_set_pre.sh [feature]
  • Two-Step Authentication (SKINS)(LANG) [feature]
  • CMD_API_COMMENTS [feature]
  • Reset Zone now passes USERNAME and PACKAGE tokens [bugfix]
  • Update to addip regarding preferred_lft for IPv6 [bugfix]
  • prevent da-popb4smtp from running twice [bugfix]
  • WordPress Brute Force Monitor to check redirect status [bugfix]
  • /home/user/imap restore not set to group mail [bugfix]
  • Better input filtering (SECURITY) [bugfix]
  • old_public_html_link=0 causes broken .htaccess [bugfix]
  • Set session expiry [bugfix]

Aankondiging netwerkonderhoud

In de nacht van donderdag 23 op vrijdag 24 april zal onze netwerkprovider onderhoud uitvoeren op de datacenter netwerkapparatuur.

De onderhoudswerkzaamheden zullen om 0:00 aanvangen en kunnen tot 06:00 duren. Gedurende deze periode kan één of meer keer een onderbreking optreden.

Upgrade DirectAdmin 1.45.2 naar 1.46.3

Zojuist hebben wij een upgrade geinstalleerd van het DirectAdmin control panel. Versie 1.45.2 is hierbij vervangen door versie 1.46.3. Hiermee zijn enkele problemen verholpen (bugfix) en nieuwe mogelijkheden geïntroduceerd (features).

Een uitgebreide opsomming van de wijzigingen vindt u hier:

10/24/14 Version 1.463
Show bad zone if named-checkzone fails [feature]
Ability to change the 1000 email limit send notification [feature]
Domain selector on certain pages (SKINS) [feature]
Custom httpd config to show raw templates (SKINS) [feature]
Template Diff for custom templates CMD_TEMPLATE_DIFF (SKINS)(LANG) [feature]
Ability to merge old inbox imap folders to new folders [feature]
CMD_API_EMAIL_USAGE to show all sends [feature]
typo in the custom fpm/httpd pages [bugfix]
Add DKIM when zone is reset [bugfix]
Rounducbe Backup/Restore: pipe both stderr stdout to DA [bugfix]
Restore Security Question options [bugfix]
ip_blacklist check done before ssl handshake [bugfix]
Backup error with blank line [bugfix]
Php-fpm reload on CentOS 7 [bugfix]
SSLv3 Poodle (SECURITY) [bugfix]

09/26/14 Version 1.462
backup_roundcube.php has write error for php 5.3 [feature]
incorrect exec return values [bugfix]

09/24/14 Version 1.461
reseller_destroy_pre.sh [feature]
More Apache/Nginx custom template tokens (SKINS) [feature]
Only show the last X bytes of the brute_log_entries.list (SKINS) [feature]
domains and domainowners to be set to 640 in the set_permissions.sh [bugfix]
MySQL optimize/check/repair options did nothing [bugfix]
Error restoring reseller’s package packagenme: nsubdomains=unlimited is not a number [bugfix]
Hide SSL/CGI/PHP checkboxes for domain, if User is not allowed to use them (SKINS) [bugfix]

09/14/14 Version 1.46
add roundcube db data to backup/restore [feature]
BFM ignore attempts on suspended accounts [feature]
pigz for parallel process backup [feature]
custom config for nginx_proxy editing (SKINS) [feature]
phpMyAdmin added to Brute Force Monitor (MANUAL CHANGE) [feature]
Allow javascript auto-logout to be cleared (SKINS) [feature]
XFS quotas [feature]
Translation files for email level password change, ftp, and vacation messages (LANG) [feature]
Ability to include special characters in random password generation (SKINS) [feature]
SSL_TEMPLATE token for all apache/nginx templates [feature]
Per-User php-fpmXX.conf customization (SKINS) [feature]
Removed HAVE_PHP1_FPM_OLD from templates (TEMPLATES) [feature]
Ability to edit dns zone through Login-As even if User doesn’t have access (SKINS) [feature]
Also notify Resellers of their User’s email overuage [feature]
Include php script name is highest send count and ability to automatically chmod to 0 (TEMPLATES) [feature]
Better backup tracking for User data [feature]
DNSSEC: DS records for subdomain delegation & User Level DNSSEC (SKINS) (TEMPLATES) [feature]
nginx proxy to disable proxy_buffering by default (TEMPLATES) [feature]
PHP-fpm: safemode: only main domain control open_basedir [feature]
Add the SpamAssassin Whitelist to the domain filter to also whitelist SPAM Fitlter (TEMPLATES) [feature]
CB2.0: Move htaccess/user.ini block to webapps.conf (TEMPLATES) [feature]
Give warning if package inode set between 1-200 [feature]
Update session time on plugin calls [bugfix]
Nginx to have included nginx_php.conf to fix proected directories (TEMPLATES) [bugfix]
Php selector for CB2 mod_php/CLI and suphp (TEMPLATES) [bugfix]
Restores to/from different IPv4/IPv6 types cause duplicate dns records (IMPORTANT RESTORE CHANGES) [bugfix]
Reduce permissions on system files (SECURITY) [bugfix]
Duplicate AuthType Basic in .htaccess [bugfix]
Ensure fpm/fastcgi/suphp are disabled with domain php setting [bugfix]
SHA-256 requests were generating self-signed certificates & removed 1024 bit keys (SKINS) [bugfix]
If custom private_html link, keep custom value on restore [bugfix]
DNSKEY keys may have different format for CentOS 5 [bugfix]
Nginx password protected directories and redirects (TEMPLATES) [bugfix]
Duplicate use of internal text in one string caused segfault [bugfix]
Workaround for Chrome autofill (SKINS) [bugfix]
Reseller to be limited when editing own data without overselling [bugfix]
Reseller restore without overselling and without unlimited domains hits domain limit [bugfix]
Typo in reseller_run_as [bugfix]

07/01/14 Version 1.454
dataskq pipe issue prevent restores [bugfix]

06/30/14 Version 1.453
Admin will override subdomain_owner_check [feature]
Ability to force no sorting in a table [feature]
Alias CMD_API_SUBDOMAIN for CMD_API_SUBDOMAINS [feature]
New log file: login.log [feature]
Support up to 4096 bit key for SSL certificates (SKINS) [feature]
Plugins to have the ability to run as a specified User [feature]
SHA-256 for certificates (SKINS) [feature]
Better pipes for plugins [feature]
Message System, Manage Tickets, Plugin Updates, Licenses/Udpates to show count box (SKINS) [feature]
Changed default numservers=10 for new installs [feature]
Plugins to be allowed to set a timeout [feature]
Random passwords now have a random length [feature]
exim.pl 17 and updated exim.conf (Manual changes) [feature]
If force_hostname is used, set that domain in message/ticket notifications [feature]
all_backups_post.sh to know if there were errors [feature]
Added roundcube and squirrelmail to the BFM [feature]
catch proftpd requests for task.queue when pure-ftpd is being [bugfix]
Hidden button “Update disk usage” was broken (SKINS) [bugfix]
DA thinks it finds Roundcube 0.1 for 1.0.1 and chmods to 0 [bugfix]
DDNSSEC showing expiry for some formats [bugfix]
Change default connect_timeout to 20 and drop expired pre-connections [bugfix]
Add “dns” to backup_options.list [bugfix]
Only restore domains in the backup [bugfix]
output from domain_destory_post.sh and user_destroy_post.sh to be displayed [bugfix]

Upgrade DirectAdmin 1.45.0 naar 1.45.2

Zojuist hebben wij een upgrade geinstalleerd van het DirectAdmin control panel. Versie 1.45.0 is hierbij vervangen door versie 1.45.2. Hiermee zijn enkele problemen verholpen (bugfix) en nieuwe mogelijkheden geïntroduceerd (features).

 

Een uitgebreide opsomming van de wijzigingen vindt u hier:

 

05/02/14 Version 1.452

  • Ability to hide version and license owner in headers [feature]
  • Nginx templates don’t receive HAVE_PHP1_FPM=1 [bugfix]

 

 

04/29/14 Version 1.451

  • Apache 2.4.9 and php-fpm HAVE_PHP1_FPM change (TEMPLATES) [feature]
  • Add x-use-https header on http to https redirect [feature]
  • CMD_API versions of CMD_CHANGE_EMAIL_PASSWORD, CMD_CHANGE_FTP_PASSWORD, CMD_EMAIL_ACCOUNT_QUOTA, CMD_EMAIL_ACCOUNT_VACATION [feature]
  • Allow tokenizer to handle shebang scripts [feature]
  • logs_to_keep max hardcoded to 400 [bugfix]
  • breadcrumb when showing a User to point back to correct list (SKINS) [bugfix]
  • Admin/Reseller creation to set correct “skin” based on “docroots” [bugfix]
  • Ftp backup errors not showing what the error is [bugfix]
  • Combine certificate and ca bundle for nginx [bugfix]
  • CB2.0: Add SSLCACertificateFile to User VirtualHosts is shared cert is used [bugfix]
  • Optimize suspension/unsuspension for show_all_users.cache [bugfix]
  • MX name only shows a dot (SKINS) [bugfix]
  • Custom dns IPs for domain.com and www get duplicate merge on restore [bugfix]
  • 8-bit base64 encode and decode [bugfix]
  • Lower max session_minutes to 35791 [bugfix]

 

Spoedonderhoud ivm Heartbleed

In verband met de “Heartbleed” kwetsbaarheid welke recent in het nieuws is gekomen zullen wij in de nacht van 15 op 16 april spoedonderhoud gaan uitvoeren op onze webservers.

Naast het dichten van de kwetsbaarheden in OpenSSL zullen tevens de laatste OS patches geïnstalleerd worden en software geüpdatet worden

  • Webserver: Apache 2.2.27 (was 2.2.23)
  • Webserver: PHP 5.4.27 (was 5.3.27)
  • Database: MySQL 5.6.17 (was 5.5.30)
  • FTP: ProFDPD 1.3.4d (was 1.3.4b)
  • Mailserver: Exim 4.8.2 (was 4.80.1)
  • Mailserver: Dovecot 2.2.12 (was 2.1.1)

Meer informatie: http://www.trosradar.nl/uitzending/artikelen/detail/article/hoe-werkt-misbruik-via-heartbleed/

Security Advisory: kwetsbaarheid in WordPress code

Versie 3.2.1 van de bekende blog-software WordPress bevat een kwetsbaarheid die momenteel actief wordt misbruikt. Meer informatie over de kwetsbaarheid is hier te vinden.

Wij adviseren u dringend om alle security fixes van door u geïnstalleerde applicaties zo spoedig mogelijk aan te brengen om te voorkomen dat u het slachtoffer wordt van kwaadwillende aanvallers. Dit advies geldt niet alleen voor WordPress maar is van toepassing op alle applicaties die u installeert.

Wij willen u tevens wijzen op het belang van een gevalideerde recente backup van uw omgeving. Deze dient u zelf periodiek te maken via het DirectAdmin control panel.

 

Go to Top