ISPConfig 3 issueshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues2017-12-27T04:31:24Zhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4451[ISPC 3.1.2] Document Root Nginx patch2017-12-27T04:31:24ZAndyPL[ISPC 3.1.2] Document Root Nginx patchTo work properly the patch must be added to the database field web_root
```
ALTER TABLE `web_domain`
ADD COLUMN `web_root` VARCHAR(255) NULL DEFAULT NULL AFTER `folder_directive_snippets`;
```
[nginx-docroot.diff](/uploads/50d6...To work properly the patch must be added to the database field web_root
```
ALTER TABLE `web_domain`
ADD COLUMN `web_root` VARCHAR(255) NULL DEFAULT NULL AFTER `folder_directive_snippets`;
```
[nginx-docroot.diff](/uploads/50d616ff9b32a1fb79d5306c3ee95fa4/nginx-docroot.diff)Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3036Add a check if there is enough space in /etc, before writing config file changes2020-08-28T19:04:57ZTill BrehmAdd a check if there is enough space in /etc, before writing config file changesAdd a check if there is enough space in /etc, before writing config file changesAdd a check if there is enough space in /etc, before writing config file changesPlanned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3532Add dynamic reject with postfix verify service2020-09-25T20:35:26ZTill BrehmAdd dynamic reject with postfix verify serviceAdd a dynmic reject configuration by using the postfix verify service for systems that use transports in fron of other mail servers like exchange servers.Add a dynmic reject configuration by using the postfix verify service for systems that use transports in fron of other mail servers like exchange servers.Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3253Add ip address filter to suggest IP function2017-08-10T20:10:58ZTill BrehmAdd ip address filter to suggest IP functionRefer to: #3206Refer to: #3206Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3031Add mod_security option to websites2023-02-03T11:30:39ZMarius BurkardAdd mod_security option to websitesAdd a new checkbox to websites "Enable mod_security".
When enabled, modsec is enabled for this website only (if it's installed but disabled globally on the server).
The Checkbox has no effect, if modsec is not installed on the server.
...Add a new checkbox to websites "Enable mod_security".
When enabled, modsec is enabled for this website only (if it's installed but disabled globally on the server).
The Checkbox has no effect, if modsec is not installed on the server.
In addition, add a global admin option to set who can change the modsec switch (Admin, Reseller, Client).Planned featuresMarius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3940Add SFTP (via SSH) as (better) alternative to FTP(S) Users2021-09-28T16:32:10ZJens GrohAdd SFTP (via SSH) as (better) alternative to FTP(S) UsersAdd the Option to create an SFTP User instead of having to run pure-ftpd and use this age-old protocol. FTP/S is an OK'ish workaround for secure transmission of data, but having the option to use SFTP for file transfer uploads would be m...Add the Option to create an SFTP User instead of having to run pure-ftpd and use this age-old protocol. FTP/S is an OK'ish workaround for secure transmission of data, but having the option to use SFTP for file transfer uploads would be much better.
SFTP could be used via an addition to the OpenSSH server configuration by adding an option set for a specific group or groups (e.g. sftponly) to force those upload account to only be used for SFTP and not provide a login shell.
As the "webXY" users already exist and point to a directory (/var/www/clients/clientXX/webXY) that is owned by root:root, the requirements for SFTP chrooting are already given. Those SFTP accounts could be created just like the Shell Users function with the exceptions given above.
The following snippet would provide a safe chroot environment
# SFTP Only Users
Match Group sftponly
X11Forwarding no
AllowTcpForwarding no
ChrootDirectory %h
ForceCommand internal-sftp
A user (e.g. sftp19_webspace) would just get its homedir (e.g. /var/www/clients/client5/web19) without providing a shell (in /etc/passwd) and would get sftp-only as group so to force the chroot active.
Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4794Add support for nginx.org debian packages2020-09-25T21:42:10ZTill BrehmAdd support for nginx.org debian packagesAdd support for the debian packages from nginx.org instead of the nginx packages from the Debian main repository. See #4743 for details.Add support for the debian packages from nginx.org instead of the nginx packages from the Debian main repository. See #4743 for details.Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/2545Add support for realtime logging with vlogger to nginx (code is in forum thread)2020-07-29T17:35:18ZTill BrehmAdd support for realtime logging with vlogger to nginx (code is in forum thread)http://www.howtoforge.de/forum/entwicklerforum-15/vlogger-web_traffic-6737/http://www.howtoforge.de/forum/entwicklerforum-15/vlogger-web_traffic-6737/Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/2294Allow clients to access vm module to start / stop / restart their vm's2018-01-28T13:40:52ZTill BrehmAllow clients to access vm module to start / stop / restart their vm'sAllow clients to access vm module to start / stop / restart their vm'sAllow clients to access vm module to start / stop / restart their vm'sPlanned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3494Allow enable/disable directive snippets for clients2020-11-01T16:11:59ZsdafsadfsdAllow enable/disable directive snippets for clientsI know that apache and php additional options are disabled for clients/resellers due to security as they can potentially break the whole webserver setup. However it is still needed to allow clients/resellers to enable some options in cer...I know that apache and php additional options are disabled for clients/resellers due to security as they can potentially break the whole webserver setup. However it is still needed to allow clients/resellers to enable some options in certain situations. My suggestions is to allow them to simply include some of the predefined snippets. I.e. the snippets that are added in the Directive snippets section are available as a list of checkboxes which resellers/clients can simply enable or disable.Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/1284Build a script for amavisd bayes database training2020-06-03T11:25:49ZTill BrehmBuild a script for amavisd bayes database trainingsu amavis -c 'sa-learn --spam < spam_message'su amavis -c 'sa-learn --spam < spam_message'Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/1983Change confrmation2018-12-15T18:11:29ZMichaelChange confrmationChange the confirmation question when deleting an entry from
"Do you really want to delete this record?" to
"Do you really want to delete the record <NAME_OF_RECORD>"?
Then it is possible to check again if the right record is se...Change the confirmation question when deleting an entry from
"Do you really want to delete this record?" to
"Do you really want to delete the record <NAME_OF_RECORD>"?
Then it is possible to check again if the right record is selected for deletion.
42mPlanned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3726client filter in top menu2017-08-10T20:10:47ZAntalclient filter in top menuPlease consider a client filter in the top menu, only display items for the selected client and be able to deleted everything just like I can do as an admin.
Log in as client, does not provide all abilities an admin has and is too muc...Please consider a client filter in the top menu, only display items for the selected client and be able to deleted everything just like I can do as an admin.
Log in as client, does not provide all abilities an admin has and is too much of a hassle.
The system wide filter would save a lot of time and system resources when switching tabs.Planned featuresMarius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/2163customer cron jobs get prefixed with the user's home directory2020-07-22T22:34:17ZMarc Schützcustomer cron jobs get prefixed with the user's home directoryIf a customer creates a cron job with a command that doesn't start with /, the web user's home directory is automatically prepended to the command. This fact (which is useful by itself) is unfortunately not mentioned in the frontend, and...If a customer creates a cron job with a command that doesn't start with /, the web user's home directory is automatically prepended to the command. This fact (which is useful by itself) is unfortunately not mentioned in the frontend, and thus not obvious to the user.
For me, this was a problem for two types of commands:
1.) "$HOME/some-script.sh" => quoted to avoid problems with spaces in the home directory; one can never know ;-)
This can be easily worked around by prefixing another /: /"$HOME/..."
2.) cd /some/dir && ./do_something.sh
This can be worked around too: /bin/true && cd /some/dir && ...
It would be nice if prefixing of the home directory was made optional (via a checkbox); this can be switch on by default, so existing cron jobs will continue to work.
But there should at least be a note in the frontend about this.Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/2301Edit Domain Module2020-07-22T20:48:00ZMilutin KubikEdit Domain ModuleHello i want add new function for check if is "root domain" owned by another account but without using domain module. I want solution without administrator... we dont have time to add each new domain to customer account... that is not po...Hello i want add new function for check if is "root domain" owned by another account but without using domain module. I want solution without administrator... we dont have time to add each new domain to customer account... that is not possible
So what i want is just check if...
ACCOUNT A: own domain mywebsite.com
ACCOUNT B: want create site as subdomian, aliasdomain, add new site BUT ACCOUNT B want add "mywebsite.com" and that domain is already owned by ACCOUNT A so system stop it and they cant add ANY subdomain like foo.mywebsite.com as new site or any fake aliasdomain because root domain is already owned by ACCOUNT A.
+ any client can add new domains without our check... because we dont have time manage domains for our clientsPlanned featuresTill BrehmTill Brehmhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/2658Enable relay recipient list for clients when transports are allowed2021-08-19T16:22:12ZTill BrehmEnable relay recipient list for clients when transports are allowedEnable relay recipient list for clients when transports are allowed and add a limit in client limits for relay recipients.Enable relay recipient list for clients when transports are allowed and add a limit in client limits for relay recipients.Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4624Extend nginx directives merge features2020-09-25T21:37:13ZTill BrehmExtend nginx directives merge featuresImplement another command like ##before## to put something in front of a section or something like ##mergestart## to put the merged code at the beginning of the section and not at the end.Implement another command like ##before## to put something in front of a section or something like ##mergestart## to put the merged code at the beginning of the section and not at the end.Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5172Feature Request: Create only new certificate request2018-11-01T18:41:00ZRaffael LuthigerFeature Request: Create only new certificate requestI have a domain where we already have a certificate (and private key). Now I would like to create a new request without changing the key and without changing the certificate and bundle.
For this I would like to have a new "SSL action" w...I have a domain where we already have a certificate (and private key). Now I would like to create a new request without changing the key and without changing the certificate and bundle.
For this I would like to have a new "SSL action" with the name "Create certificate request" which will then only generate a new request.Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/2949Improve mail filter function to support X-Originating-To2020-08-14T21:20:32ZTill BrehmImprove mail filter function to support X-Originating-Tohttp://www.howtoforge.com/forums/showthread.php?t=64322http://www.howtoforge.com/forums/showthread.php?t=64322Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/2984Improve support for mysql databases that are not reachable by localhost on th...2017-08-10T20:12:05ZTill BrehmImprove support for mysql databases that are not reachable by localhost on the ispconfig instancehttp://www.howtoforge.com/forums/showthread.php?t=64676http://www.howtoforge.com/forums/showthread.php?t=64676Planned features