ISPConfig 3 issueshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues2021-03-02T16:46:29Zhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4688Monit and Munin not showing in Google Chrome2021-03-02T16:46:29ZNigel HathawayMonit and Munin not showing in Google ChromeThey show up in Firefox but not in Chrome. The likely cause is this:
jquery.min.js:3 [Deprecation] Subresource requests whose URLs contain embedded credentials (e.g. `https://user:pass@host/`) are blocked. See https://www.chromestatus.c...They show up in Firefox but not in Chrome. The likely cause is this:
jquery.min.js:3 [Deprecation] Subresource requests whose URLs contain embedded credentials (e.g. `https://user:pass@host/`) are blocked. See https://www.chromestatus.com/feature/5669008342777856 for more details.
I don't know what the answer to this is. Presumably the jquery people are either aware or need to be made aware of this.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4725bug in client limits2020-06-09T05:47:07ZRein van 't Veerbug in client limitsA reseller should be able to set multiple servers to his clients.
At the moment this it not possible, only one server shows in the client limit edit.
Tested in a clean multi-server dev environment.
What I think is the cause is t...A reseller should be able to set multiple servers to his clients.
At the moment this it not possible, only one server shows in the client limit edit.
Tested in a clean multi-server dev environment.
What I think is the cause is that a reseller is not an admin in "./lib/classes/custom_datasource.inc.php"
```
if($_SESSION["s"]["user"]["typ"] == 'user') {
// Get the limits of the client
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$sql = "SELECT $server_type as server_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?";
$client = $app->db->queryOneRecord($sql, $client_group_id);
if($client['server_id'] > 0) {
//* Select the default server for the client
$sql = "SELECT server_id,server_name FROM server WHERE server_id = ?";
$records = $app->db->queryAllRecords($sql, $client['server_id']);
} else {
//* Not able to find the clients defaults, use this as fallback and add a warning message to the log
$app->log('Unable to find default server for client in custom_datasource.inc.php', 1);
$sql = "SELECT server_id,server_name FROM server WHERE ?? = 1 AND mirror_server_id = 0 ORDER BY server_name";
$records = $app->db->queryAllRecords($sql, $field);
}
} else {
//* The logged in user is admin, so we show him all available servers of a specific type.
$sql = "SELECT server_id,server_name FROM server WHERE ?? = 1 AND mirror_server_id = 0 ORDER BY server_name";
$records = $app->db->queryAllRecords($sql, $field);
}
```3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4631LetsEncrypt and deleted Subdomains2021-01-21T09:40:14ZSteffan NoordLetsEncrypt and deleted SubdomainsWhen deleting a subdomain.
the autorenew function is still looking for the subdomain so no renew will take place.
Only option i can think is to remove
/live
/renew
/archive
and reissue the certificateWhen deleting a subdomain.
the autorenew function is still looking for the subdomain so no renew will take place.
Only option i can think is to remove
/live
/renew
/archive
and reissue the certificatehttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4492Bug. Are not converted names IDN-domains on the home page.2020-07-31T12:19:16ZAlexanderBug. Are not converted names IDN-domains on the home page.Are not converted names IDN-domains on the home page
![IDN_domains](/uploads/260ebba183db9202778ea3e1818f0cb0/IDN_domains.PNG)Are not converted names IDN-domains on the home page
![IDN_domains](/uploads/260ebba183db9202778ea3e1818f0cb0/IDN_domains.PNG)3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3504Search not working correctly2020-06-13T10:58:28ZmintessSearch not working correctlyI'm in the customer view, Tab E-Mail, listing Mailboxes.
Listing:
E-Mail Address | Realname | ...
martin@maurer.com | Martin Maurer
Searching for Realname:
"m" -> works
"Martin" -> works
"Martin Maurer" -> doesn't work
"Maur"...I'm in the customer view, Tab E-Mail, listing Mailboxes.
Listing:
E-Mail Address | Realname | ...
martin@maurer.com | Martin Maurer
Searching for Realname:
"m" -> works
"Martin" -> works
"Martin Maurer" -> doesn't work
"Maur" -> works
"Maurer" -> doesn't work
Also it seems that in some search fields i'm able to use % signs. Hopefully this is not passed directly to the database...3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/2722error in mysql-virtual_forwardings.cf2020-07-27T18:10:42ZMartin Sebalderror in mysql-virtual_forwardings.cfWhen using the original query "additional_conditions = and active = 'y' and server_id = 1" mails to not existing alias addresses of a alias domain are being recieved.
E.g.: domain.tld and aliasdomain.tld. The alias or mailbox spam@dom...When using the original query "additional_conditions = and active = 'y' and server_id = 1" mails to not existing alias addresses of a alias domain are being recieved.
E.g.: domain.tld and aliasdomain.tld. The alias or mailbox spam@domain.tld does not exist, so does not spam@aliasdomain.tld. With the query the mails are trying to be recieved which creates files on the harddisk of the server or creates an error like "temporary failure. Command output: /usr/bin/maildrop: Unable to create a dot-lock at /var/vmail/domain.tld/spam/14950.0.mailserver.".
We run a different query which works perfect. It is:
additional_conditions = and type != 'aliasdomain' and active = 'y' and server_id = 1
For discussion and more information about this please see:
http://www.howtoforge.de/forum/installation-und-konfiguration-12/fehler-mysql-virtual_forwardings-cf-7073/3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4592DMARC disabled after editing2020-10-14T12:26:20Z Jan KraljičDMARC disabled after editing![ISPConfig_3.1.2_-_2017-03-20_12.52.11](/uploads/879e9eae4bf7e6429f9f325c36273524/ISPConfig_3.1.2_-_2017-03-20_12.52.11.png)
When editing DMARC record in DNS by Active is written "CHECKED" and there is not in a checkbox. (see attached ...![ISPConfig_3.1.2_-_2017-03-20_12.52.11](/uploads/879e9eae4bf7e6429f9f325c36273524/ISPConfig_3.1.2_-_2017-03-20_12.52.11.png)
When editing DMARC record in DNS by Active is written "CHECKED" and there is not in a checkbox. (see attached screen). After saving the value DMARC record is de-activated. So there is need to go into DMARC record once again and click on un-checked checkbox.
Version: 3.1.2
Note:
I don't know if it relevant but there was "ISPConfig – DKIM-Patch" installed before upgrading to 3.1.3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4106Mail quota sort by quota2020-10-30T20:24:24ZShafeekMail quota sort by quotaHello,
In the tab Statistics -> Mailbox Quota, we are unable to sort mailboxes by fields "Used Space" and "Used %". Sorting by other fields works great.
ISPConfig version 3.1 RC1.
Could someone check if they are encountering the sa...Hello,
In the tab Statistics -> Mailbox Quota, we are unable to sort mailboxes by fields "Used Space" and "Used %". Sorting by other fields works great.
ISPConfig version 3.1 RC1.
Could someone check if they are encountering the same issue?
Thanks
Shafeekhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3952specify ip address should be wildcard only2020-05-09T04:33:00ZJesse Norellspecify ip address should be wildcard onlyFeature request: add a checkbox to each ip address under System > Server IP Addresses to specify that this ip address should never be used in web server configs, but always use `*` when this ip address is selected.
This would help wi...Feature request: add a checkbox to each ip address under System > Server IP Addresses to specify that this ip address should never be used in web server configs, but always use `*` when this ip address is selected.
This would help with and often eliminate the common problems when mixing ip/wildcard settings in sites.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3782Drop ?> in just PHP files.2020-08-31T14:20:03ZBradley WestonDrop ?> in just PHP files.How do you guys feel about this. https://pear.php.net/manual/en/standards.tags.php#2203
Could also start using PSR-2, then you can have static analysis tests from `php-cs-fixer` which I'd be more then happy to make a PR for.How do you guys feel about this. https://pear.php.net/manual/en/standards.tags.php#2203
Could also start using PSR-2, then you can have static analysis tests from `php-cs-fixer` which I'd be more then happy to make a PR for.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4781Improve SEO redirects2022-06-28T08:25:01ZTill BrehmImprove SEO redirectshttps://www.howtoforge.com/community/threads/seo-redirects-from-h-p-domain-tld-to-h-ps-x-domain-tld.77196/#post-364775https://www.howtoforge.com/community/threads/seo-redirects-from-h-p-domain-tld-to-h-ps-x-domain-tld.77196/#post-364775https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4792rfe: lmtp for amavis and dovecot2021-11-29T11:48:58ZJesse Norellrfe: lmtp for amavis and dovecotrfe: use lmtp to send mail to amavis and final delivery to dovecot. This gives both services the ability to reply with a dsn for each recipient (improves delivery), and is a little more efficient (not much different for amavis, but dove...rfe: use lmtp to send mail to amavis and final delivery to dovecot. This gives both services the ability to reply with a dsn for each recipient (improves delivery), and is a little more efficient (not much different for amavis, but dovecot saves a fork/exec for every message).
## Changes required
Required config changes are quite simple, in current (eg. 3.1.6) config for postfix + dovecot to send to amavis via lmtp you simply need these in main.cf:
``lmtp_data_done_timeout = 1200
lmtp_send_xforward_command = yes
``
Then change the `amavis` transport name to `lmtp` in the 'tag_as_*.re' files:
``sed -i s/amavis/lmtp/g /etc/postfix/tag_as_*.re
``
The dovecot config is in /etc/dovecot/dovecot.conf:
``protocols = imap pop3 lmtp <---- line #2
lmtp_rcpt_check_quota = yes <---- new
``
And in main.cf change `virtual_transport = lmtp:unix:private/dovecot-lmtp`.
You can then remove the `dovecot` and `amavis` transports in master.cf.3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4921+ sign in email creates error2020-07-20T18:04:43ZChris Kessler+ sign in email creates errori am having an issue accepting new clients that have a + sign in the email address.
An example of a valid address is blah+blah@gmail.com, which is a valid gmail address.
the error being thrown is:
SOAP Error: email_error_isemail<br />i am having an issue accepting new clients that have a + sign in the email address.
An example of a valid address is blah+blah@gmail.com, which is a valid gmail address.
the error being thrown is:
SOAP Error: email_error_isemail<br />3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4958Improvement: Restart a FPM process when it is not running2020-09-07T18:26:08ZMichael ScholzImprovement: Restart a FPM process when it is not runningAs in !737 mentioned, a PHP FPM master may not start, when it has not at least one pool file. This may lead to not restart the master, even if ISPConfig may have created a new pool file. This is due to the "problem", that in systemd envi...As in !737 mentioned, a PHP FPM master may not start, when it has not at least one pool file. This may lead to not restart the master, even if ISPConfig may have created a new pool file. This is due to the "problem", that in systemd environments ISPConfig tries to reload the FPM master, but doesn't do a restart on problems.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5052IP anonymization not working in access log2020-04-21T14:22:35ZJanekIP anonymization not working in access log## short description
I just updated to ISPConfig 3.1.12 and set the global option "Store website access and error logs" to "Anonymize IP".
Afterwards I did a resync of "Websites" on all Webservers.
Now IP anonymization does work f...## short description
I just updated to ISPConfig 3.1.12 and set the global option "Store website access and error logs" to "Anonymize IP".
Afterwards I did a resync of "Websites" on all Webservers.
Now IP anonymization does work for error.log of Apache2 but it does not work for access.log - neither Nginx nor Apache2 (All octets visible)
## correct behaviour
Websites access.log should only contain anonymized IP-addresses.
## environment
Server OS: debian
Server OS version: jessie
ISPConfig version: 3.1.12
Multiserver Setup, 2 Webservers: 1 with nginx, 1 with Apache2
```
$ nginx -v
nginx version: nginx/1.13.12
$ apachectl -v
Server version: Apache/2.4.23 (Debian)
Server built: 2016-08-12T19:44:31
$ php -v
PHP 7.0.30-1~dotdeb+8.1 (cli) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
with Zend OPcache v7.0.30-1~dotdeb+8.1, Copyright (c) 1999-2017, by Zend Technologies
```
## references
ispconfig/ispconfig3#5050https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5058Backport apache proxy_fcgi config from master branch2020-09-25T19:35:43ZTill BrehmBackport apache proxy_fcgi config from master branchhttps://www.howtoforge.com/community/threads/issue-with-non-existent-php-files.77589/https://www.howtoforge.com/community/threads/issue-with-non-existent-php-files.77589/https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5088Disable TLSv1.0 and 1.1 by default2020-11-09T04:54:19ZArne HudeDisable TLSv1.0 and 1.1 by defaultJust add !TLSv1 into the standard configations for a new server. Nowadays there are only a few services left who use this....
This gives you a better ranking in most certifiers for a good crypography
`/// /etc/dovecot/dovecot.conf
//....Just add !TLSv1 into the standard configations for a new server. Nowadays there are only a few services left who use this....
This gives you a better ranking in most certifiers for a good crypography
`/// /etc/dovecot/dovecot.conf
//...
ssl_protocols = !SSLv3 !TLSv1
//...
`3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5103Missing 'Web server config' Snippets on subdomain Vhost2020-08-30T16:40:55ZDmitryMissing 'Web server config' Snippets on subdomain VhostI have 'Create subdomains as web site' and 'Create aliasdomains as web site' enabled.
For these (Vhost) websites a 'Web server config' dropdown is empty. It should contain my Snippets just like a regular Website.I have 'Create subdomains as web site' and 'Create aliasdomains as web site' enabled.
For these (Vhost) websites a 'Web server config' dropdown is empty. It should contain my Snippets just like a regular Website.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5114MySQL on another host (monitoring and update issue)2019-07-04T16:56:08ZRenat ShaimardanovMySQL on another host (monitoring and update issue)## short description
I have percona cluster installed and ISPconfig conneected to it throught HAProxy.
So I've used socket and host to connect to it.
But in this case:
1. service monitoring showing error - MySQL is nit running
2. Update...## short description
I have percona cluster installed and ISPconfig conneected to it throught HAProxy.
So I've used socket and host to connect to it.
But in this case:
1. service monitoring showing error - MySQL is nit running
2. Update to next version not working properly
## environment
Server OS: (debian)
Server OS version: (stretch)
ISPConfig version: (3.1.12/3.1.13)
## proposed fix
I've attached patch to fix this
for server/lib/classes/monitor_tools.inc.php[monitor_tools.inc.php.diff](/uploads/fce4780c1c46e9f3da98451c433de96c/monitor_tools.inc.php.diff)
and for install/update.php[update.php.diff](/uploads/d683967563395dccce212f59eae3d4c7/update.php.diff)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5132Implement Migration mode in DNSSEC plugin2020-07-23T14:12:41ZTill BrehmImplement Migration mode in DNSSEC pluginImplement Migration mode in DNSSEC plugin to avoid that new DNSSEC keys get generated during server migrations.Implement Migration mode in DNSSEC plugin to avoid that new DNSSEC keys get generated during server migrations.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5143sites without https give someone else's content.2020-09-01T19:33:17ZViktorsites without https give someone else's content.If at least one site creates https keys, then all other sites that do not have https begin to give https content to the site where the keys are registered.
HTTP connection is different from HTTPS since HTTP referer is sent after connecti...If at least one site creates https keys, then all other sites that do not have https begin to give https content to the site where the keys are registered.
HTTP connection is different from HTTPS since HTTP referer is sent after connection.
Wherein
HTTP referer is not readable, but by taking the nearest keys, it is the nearest! Those that will be closer alphabetically!
## correct behaviour
Create at least 1 sites with https
environment in any versions of ispconfig!
## proposed fix
`ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/1.conf`
Partial solution of the problem, put the first 1.conf file, since it goes first and when there are no keys, it comes across first, you understand this crooked solution.
The right decision is to create https keys for each site by default, and if the parela is disabled, https then document root "/var/www/html/ssl"
if SSL is enabled, then change document roots to real.
There is no other way!
In any case, the site will be accessible via https!
Or refuse to listen *: 443 obsalyutno in all files, and do dynamic or ports or IP but this is even less preferred option.
![v](/uploads/a724a6d36ca60268550391c81c59235c/v.png)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5147Check if ISPConfig fully supports latest MySQL 8 releases2020-09-08T07:44:53ZTill BrehmCheck if ISPConfig fully supports latest MySQL 8 releasesCheck if ISPConfig fully supports latest MySQL 8 releases.
https://www.howtoforge.com/community/threads/config-for-mysql-8-and-ispconfig3.80202Check if ISPConfig fully supports latest MySQL 8 releases.
https://www.howtoforge.com/community/threads/config-for-mysql-8-and-ispconfig3.80202https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5171software raid status not showing2020-09-25T22:23:37ZIgnacio Garciasoftware raid status not showing## short description
Server has linux sofware traid aka mdraid with 2 volumes but ispconfig shows "No controller found. Make sure appropriate AMCC/3ware device driver(s) are loaded"
## correct behaviour
It should detect software raid en...## short description
Server has linux sofware traid aka mdraid with 2 volumes but ispconfig shows "No controller found. Make sure appropriate AMCC/3ware device driver(s) are loaded"
## correct behaviour
It should detect software raid environment
## environment
Server OS: debian
Server OS version: 9.5
ISPConfig version: 3.1.13
```
root@s0:~# cat /proc/mdstat
Personalities : [linear] [raid0] [raid1] [raid10] [raid6] [raid5] [raid4] [multipath] [faulty]
md2 : active raid1 sdb2[1] sda2[0]
51198912 blocks [2/2] [UU]
md3 : active raid1 sdb3[1] sda3[0]
1885533120 blocks [2/2] [UU]
bitmap: 1/15 pages [4KB], 65536KB chunk
```https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5180PHP-FPM might fail to reload config when multiple sites are removed at once2022-02-26T21:12:43ZTill BrehmPHP-FPM might fail to reload config when multiple sites are removed at oncehttps://www.howtoforge.com/community/threads/php-fpm-crashing-when-deleting-multiple-sites-at-once.80635/https://www.howtoforge.com/community/threads/php-fpm-crashing-when-deleting-multiple-sites-at-once.80635/https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5193Add Chroot checkbox in cronjob settings2019-07-04T13:33:03ZTill BrehmAdd Chroot checkbox in cronjob settingsCurrently, the chroot type is set in client settings and the chroot type is applied when the cronjob is created. There is no option to turn off chrooting for an existing cronjob yet.Currently, the chroot type is set in client settings and the chroot type is applied when the cronjob is created. There is no option to turn off chrooting for an existing cronjob yet.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/2677Reseller Limit Usage Report2020-07-31T07:15:31ZMichael FürmannReseller Limit Usage ReportThis is a high priority task for me because I shortly had a reseller that messed up my servers
4 Suggestions for Resellers:
- Compairson of defined limits with assigned ressources and actual limits
- Overview of this compairson on r...This is a high priority task for me because I shortly had a reseller that messed up my servers
4 Suggestions for Resellers:
- Compairson of defined limits with assigned ressources and actual limits
- Overview of this compairson on resellers dashboard
- Mail Notifications for exceeded limits
- Lock Resellers on set limits
The customers of my resellers get their invoices from my resellers.
So I only write an invoice to my resellers for the limits I set in the reseller account.
Because there is no overview of assigned / used ressources by reseller I have to trust my resellers not to assign more ressources to their customers than they paid for.
Would be great to have a third tab on reseller form to compare the limits with assigned ressources and actual usage of ressources.
The reseller should also have a compairson of these data on his dashboard.
It would also be great to send an E-Mail notification to the reseller and the admin if the used ressources hit defined marks. Maybe the marks could be configurable in system settings. I'd suggest 75%, 90%, 100%
My last suggestion is an option in resellers profile to lock the reseller to the set limits.
So the reseller can't assign more ressources that set in the limits.Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5319Web server config not working for vHost Aliasdomain2020-08-30T16:40:55ZJanThielWeb server config not working for vHost Aliasdomain## short description
Web server configs (nginx / apache) cannot be selected when using vHost Aliasdomains. The dropdown is there but only contains the "-" entry. Using regular websites all expected Web Server Configs are there and select...## short description
Web server configs (nginx / apache) cannot be selected when using vHost Aliasdomains. The dropdown is there but only contains the "-" entry. Using regular websites all expected Web Server Configs are there and selectable.
Currently the nginx (didn't tested with apache) is used from the parent. But the PHP configs ("required php snippets" from the web server config) are not applied.
## correct behaviour
The dropdown should contain the configured Web Server Configs and also apply webserver AND php configs to the aliasdomains config files.
I believe this might be a regression, as I think it worked before.
## environment
Server OS: Centos
Server OS version: 7.6
ISPConfig version: 3.1.13p1
## screenshots
Aliasdomain (vHost) - Config missing:
![aliasdomain-vhost](/uploads/2c81de15d0f674ee77478c9e826ae693/aliasdomain-vhost.PNG)
Website / Web Domain - Configs available:
![website-webdomain](/uploads/12fb83f241fba86ba1e91da23ea8a661/website-webdomain.PNG)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5339Allow Dkim editing in DNS Records without mail server2019-07-30T20:25:18ZTill BrehmAllow Dkim editing in DNS Records without mail serverAllow dkim record editing in DNS records when there is no mail serverAllow dkim record editing in DNS records when there is no mail serverhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5341CSS Styles do not load in ISPConfig UI when no SSL is used2019-07-15T14:41:45ZTill BrehmCSS Styles do not load in ISPConfig UI when no SSL is usedCSS Styles do not load in ISPConfig UI when no SSL is used and login problems when no SSL is used.CSS Styles do not load in ISPConfig UI when no SSL is used and login problems when no SSL is used.3.1.14p2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5342Remove MySQL engine directive from SQL files2019-08-03T08:55:43ZTill BrehmRemove MySQL engine directive from SQL filesRemove MySQL engine directive from SQL files so that the default engine is used. This will default to InnoDB instead of MyISAM on newer systems.Remove MySQL engine directive from SQL files so that the default engine is used. This will default to InnoDB instead of MyISAM on newer systems.3.1.15Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5343Buster/Dovecot stats-writer2020-05-19T11:01:15ZHelmoBuster/Dovecot stats-writerI noticed another issue on an upgraded test server...
```
postfix/pipe[9881]: 18F1A402DF: to=<drdev@example.com>, relay=dovecot, delay=0.05, delays=0/0.01/0/0.03, dsn=2.0.0, status=sent (delivered via dovecot service (lda(drdev@example.c...I noticed another issue on an upgraded test server...
```
postfix/pipe[9881]: 18F1A402DF: to=<drdev@example.com>, relay=dovecot, delay=0.05, delays=0/0.01/0/0.03, dsn=2.0.0, status=sent (delivered via dovecot service (lda(drdev@example.com,)Error: net_connect_unix(/var/run/dovecot/stats-writer) failed: Permission de))
```
By default the stats-writer socket is owned by root.dovecot ... while the delivery is running as the vmail user.
The solution from https://forum.iredmail.org/post67035.html#p67035 seems to work. It adds to dovecot.conf:
```
service stats {
unix_listener stats-reader {
user = vmail
group = vmail
mode = 0660
}
unix_listener stats-writer {
user = vmail
group = vmail
mode = 0660
}
}
```3.1.15https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5344Incomplete chroot configuration if user "is currently logged in"2020-09-18T19:48:18ZZakIncomplete chroot configuration if user "is currently logged in"## short description
On creation of a chrooted cronjob, the jail is initialized if needed and the homedir of the affected user gets reconfigured via *usermod --home=/var/www/clients/clientXXX/webXXX/./home/webXXX webXXX*. The command how...## short description
On creation of a chrooted cronjob, the jail is initialized if needed and the homedir of the affected user gets reconfigured via *usermod --home=/var/www/clients/clientXXX/webXXX/./home/webXXX webXXX*. The command however will fail, if the user is logged in or a process is running under the user which is always the case if using php-fpm.
Due to the misconfigured user the chrooted cronjob can't be executed and the following will be logged in ''/var/log/auth.log'':
`jk_chrootsh[30473]: abort, homedir '/var/www/clients/clientXXX/webXXX' for user webXXX (XXX) does not contain the jail separator <jail>/./<home>`
## environment
Server OS: (probably all)
Server OS version: (probably all)
ISPConfig version: (3.14)
## proposed fix
- Since neither the files relevant for the chroot are removed, nor the users homedir is reconfigured upon deletion of all chrooted cronjobs the user should be initially created with the "jailed" homedir which would render a later reconfiguration unnecessary.
- Alternatively ''/etc/passwd'' could be altered directly without invoking the ''usermod'' command.3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5348Virtual server config panel showing without active VServer2019-09-02T13:45:00ZMark CraxfordVirtual server config panel showing without active VServer![Screenshot_20190720_120620](/uploads/462765d49c4f4dfd939b3ffdceadc872/Screenshot_20190720_120620.jpg)![Screenshot_20190720_120717](/uploads/47117b5711b474ea91b5ad9f17acc31e/Screenshot_20190720_120717.jpg)
Cluster setup (incomplete)
V...![Screenshot_20190720_120620](/uploads/462765d49c4f4dfd939b3ffdceadc872/Screenshot_20190720_120620.jpg)![Screenshot_20190720_120717](/uploads/47117b5711b474ea91b5ad9f17acc31e/Screenshot_20190720_120717.jpg)
Cluster setup (incomplete)
Virtual server button shows on dashboard and is accessible. No virtual server configured or package(s) installed. Will update when cluster is complete.
Debian 10 Buster.
Apache2 2.4.38
Php 7.3
Ispconfig sourced on the 19 July 2019 (Is there a version check in the gui?) http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz3.1.15https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5349Debian 10 - Update Packagelist - No packages to read in2019-09-02T14:12:23ZMichal PiatekDebian 10 - Update Packagelist - No packages to read inAfter installation on 3 servers i cant update package list:
Update Packagelist - No packages to read in
OS: Debian 10
ISPConfig 3.1.14p1
But it looks / refresh OK on Debian 9.
system installed base on tutorial:
https://www.howtoforge...After installation on 3 servers i cant update package list:
Update Packagelist - No packages to read in
OS: Debian 10
ISPConfig 3.1.14p1
But it looks / refresh OK on Debian 9.
system installed base on tutorial:
https://www.howtoforge.com/perfect-server-debian-10-buster-apache-bind-dovecot-ispconfig-3-1/
Hope its just me and ther is simple solution for this issue.
Regards,
Michalhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5351Remote API function dns_templatezone_add issue2019-10-07T14:41:26ZTill BrehmRemote API function dns_templatezone_add issuehttps://www.howtoforge.com/community/threads/problem-on-dns-zone-creation-after-update-to-3-1-14p1.82392/https://www.howtoforge.com/community/threads/problem-on-dns-zone-creation-after-update-to-3-1-14p1.82392/3.1.15https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5353Support CRYPT-SHA512 for passwords2020-01-31T13:49:22ZMarius BurkardSupport CRYPT-SHA512 for passwordsAdd support for CRYPT-SHA512 and SHA256 passwords to ISPConfig and make it the default password algorithm if available in PHP.Add support for CRYPT-SHA512 and SHA256 passwords to ISPConfig and make it the default password algorithm if available in PHP.3.1.15Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5361Dovecot mail user deletion requires more actions prior to deleting user2020-06-12T16:03:06ZThe Real KinetixDovecot mail user deletion requires more actions prior to deleting userIf one has single instance storage enabled in dovecot, in particular a separate attachments dir, then if users mail isn't purged appropriately prior to deleting a mail user, their attachments will wind up orphaned in the attachments stor...If one has single instance storage enabled in dovecot, in particular a separate attachments dir, then if users mail isn't purged appropriately prior to deleting a mail user, their attachments will wind up orphaned in the attachments store.
A side discussion on this on the dovecot users lists can be found here: https://dovecot.org/list/dovecot/2015-February/099655.html
What it boils down to is simply running the following 2 commands prior to doing any mail user deletion:
```
doveadm expunge -d -u johndoe mailbox '*' all
doveadm -v purge -u johndoe
```
The single instance storage is a wonderful feature and very simple to enable/utilize - all I did in my dovecot configuration was add in:
```
mail_attachment_dir = /var/vmail/attachments
mail_attachment_min_size = 128k
mail_attachment_fs = sis posix
mail_attachment_hash = %{sha256}
```
I am using mdbox for the rest of the mail storage format.
I have tested the expunge & purge commands above and they do work as advertised, mail and attachments were cleaned up & storage space returned.
I believe that, to implement a fix for this feature appropriately, the deletion portion of user_update would need to be fixed to incorporate this as well.
As an aside - if I were to hack the appropriate commands in locally (in 3.1.14p1 with p2 patch), I presume I might add them near the top of function user_delete in server/plugins-available/mail_plugin.inc.php? I am about to test with inserted lines 452 + 453:
```
exec("su -c 'doveadm expunge -d -u \"".$data["old"]["email"]."\" \'*\' all'");
exec("su -c 'doveadm -v purge -u \"".$data["old"]["email"]."\" '");
```
(This didn't work on my first test... I've added debug logging statements after each exec and those did show, so I have more testing to do...)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5369Internal ISPConfig cronjobs are not run in 3.1-dev version2019-08-16T13:21:55ZTill BrehmInternal ISPConfig cronjobs are not run in 3.1-dev versionInternal ISPConfig cronjobs are not run. This problem existed in git stable versions from July 30 until August 16. Released versions are not affected by this.
To fix the issue, update to ISPConfig 3.1.15 (when it got released) or to git...Internal ISPConfig cronjobs are not run. This problem existed in git stable versions from July 30 until August 16. Released versions are not affected by this.
To fix the issue, update to ISPConfig 3.1.15 (when it got released) or to git-stable.3.1.15Till BrehmTill Brehmhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5370Web server config cannot be deselected as client2023-08-29T17:05:16ZWHOWeb server config cannot be deselected as client## short description
As a client, if you have activated a Web server config (Apache) for a website, the directive snippet cannot be deselected.
The change to "-" is not saved.
As Admin however it is possible to deselect the directive s...## short description
As a client, if you have activated a Web server config (Apache) for a website, the directive snippet cannot be deselected.
The change to "-" is not saved.
As Admin however it is possible to deselect the directive snippet at *Sites* => *Websites*.
## correct behaviour
Web server config should be deselected and entry in apache2.conf should be removed.
## environment
Server OS: Debian
Server OS version: Stretch
ISPConfig version: 3.1.13p1https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5372Re-use dashboard dashlets as tab on client2023-07-30T13:43:47ZHelmoRe-use dashboard dashlets as tab on clientAs admin you see data for all clients on your dashboard.
And as client you see your own usage.
But how can I as an admin see the overview of what a specific client is using?
Just an idea ... Can't we add an extra tab when viewing a cli...As admin you see data for all clients on your dashboard.
And as client you see your own usage.
But how can I as an admin see the overview of what a specific client is using?
Just an idea ... Can't we add an extra tab when viewing a client. Besides 'Address' and 'Limits' I'd like to have an overview or 'dashboard'.
Additionally it might then be nice to make the make the statistics rows clickable to directly navigate to a certain mail account.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5373No file when dns zone delete.2019-08-29T12:15:09ZMarek AdamskiNo file when dns zone delete.## short description
in ispconfig i select domain to delete
## correct behaviour
root@server /usr/local/ispconfig/server/server.sh
sh: /usr/local/ispconfig/server/scripts/dnssec-delete.sh: file not found
## environment
Server OS: debi...## short description
in ispconfig i select domain to delete
## correct behaviour
root@server /usr/local/ispconfig/server/server.sh
sh: /usr/local/ispconfig/server/scripts/dnssec-delete.sh: file not found
## environment
Server OS: debian
Server OS version: stretch
ISPConfig version: 3.1.14p2
3.1.15https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5378Greylisting setting not respected under some circumstances2019-08-30T13:27:13ZMarius BurkardGreylisting setting not respected under some circumstancesIf a catchall is defined for a mail domain and the target has configured greylisting "yes", then it is not possible to disable greylisting for a specific mail account of that domain.
This does not affect rspamd.
The query for that is
`...If a catchall is defined for a mail domain and the target has configured greylisting "yes", then it is not possible to disable greylisting for a specific mail account of that domain.
This does not affect rspamd.
The query for that is
```sql
SELECT 'greylisting' FROM (SELECT greylisting, source AS email FROM mail_forwarding WHERE server_id = {server_id} UNION SELECT greylisting, email FROM mail_user WHERE server_id = {server_id}) addresses WHERE addresses.email='%s' AND addresses.greylisting='y' UNION SELECT 'greylisting' FROM `mail_forwarding` f CROSS JOIN `mail_user` u ON u.email = f.destination WHERE f.type = 'catchall' AND u.greylisting = 'y' AND u.server_id = {server_id} AND f.source = '@%s'
```
The "UNION SELECT" part is responsible for this behaviour.3.1.15https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5379Rspamd has inconsistent greylisting setting2021-04-16T15:24:58ZMarius BurkardRspamd has inconsistent greylisting settingWhen using rspamd the greylisting is set via spamfilter policies. Instead it should use the same setting that are used by amavis (mail user, mail fwd/alias, mail catchall).When using rspamd the greylisting is set via spamfilter policies. Instead it should use the same setting that are used by amavis (mail user, mail fwd/alias, mail catchall).3.1.15Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5380deleting a mailbox should also delete any backups2019-09-02T20:10:01Zfireba11deleting a mailbox should also delete any backups## short description
Deleting a mailbox does not delete it's backups in the filesystem.
(Talking about the backup tab on each mailbox.)
## correct behaviour
Backups should be deleted as well
## environment
Server OS: debian
Server OS v...## short description
Deleting a mailbox does not delete it's backups in the filesystem.
(Talking about the backup tab on each mailbox.)
## correct behaviour
Backups should be deleted as well
## environment
Server OS: debian
Server OS version: buster
ISPConfig version: 3.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5393when using pigz, tar arguments for backup are in wrong order2019-09-18T11:32:34ZTill Brehmwhen using pigz, tar arguments for backup are in wrong orderhttps://www.howtoforge.com/community/threads/backup-error.82730/https://www.howtoforge.com/community/threads/backup-error.82730/3.1.15p1https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5401Rspamd plugin does not handle delete of users and addresses correctly2019-09-18T11:32:17ZMarius BurkardRspamd plugin does not handle delete of users and addresses correctlyWhen deleting spamfilter users / email addresses / domains the corresponding conf might not be deleted due to a wrong event name check.When deleting spamfilter users / email addresses / domains the corresponding conf might not be deleted due to a wrong event name check.3.1.15p1https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5415Insufficient CSRF check for delete actions2019-10-09T14:15:50ZTill BrehmInsufficient CSRF check for delete actionsWhile Edit actions are protected correctly, delete actions in ISPConfig were not protected against CSRF attacks.
This issue has been reported to us by RACK911 LABS.While Edit actions are protected correctly, delete actions in ISPConfig were not protected against CSRF attacks.
This issue has been reported to us by RACK911 LABS.3.1.15p1Till BrehmTill Brehmhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5416Hashed password visible in processlist when using useradd on shell users2019-10-09T14:15:09ZMarius BurkardHashed password visible in processlist when using useradd on shell usersThe useradd command on creation of shell users is given the sha-256-hashed password via command line. This makes the sha hash visible to process listing tools like `ps`.
This issue has been reported to us by RACK911 LABS.The useradd command on creation of shell users is given the sha-256-hashed password via command line. This makes the sha hash visible to process listing tools like `ps`.
This issue has been reported to us by RACK911 LABS.3.1.15p1Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5417Lower privileges for processes creating / reading web files and directories2019-10-09T14:14:38ZTill BrehmLower privileges for processes creating / reading web files and directoriesAdd or extend the file write and read functions to add support to drop privileges when a file is written or read.
This feature was suggested by RACK911 LABS.Add or extend the file write and read functions to add support to drop privileges when a file is written or read.
This feature was suggested by RACK911 LABS.3.1.15p1Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5418Database user creation not working on MySQL 82020-09-19T11:33:24ZViktorDatabase user creation not working on MySQL 8Dear all,
I would like to ask for your support if you have a solution but haven't postid it yes (I could not find any solution on Google) to how to fix database user creation function where db server is MySQL 8.
There is an SQL syntax ...Dear all,
I would like to ask for your support if you have a solution but haven't postid it yes (I could not find any solution on Google) to how to fix database user creation function where db server is MySQL 8.
There is an SQL syntax error on creation due to PASSWORD() function has been removed (ALSO DECRAPTED ON MYSQL 5.7 !!!) and the logic of user creation is also changed: we have to use CREATE USER function first then on a second command GRANT permissions for our newly created user.
I have checked mysql_clientdb_plugin.inc.php but I have to admit I could not get what's the idea behind.
I'm running my MySQL 8 server with mysql_native_password support due for better compatibility.
I tried to get rid of PASSWORD() function by double SHA1 the password with a PHP function:
```
function sqlPassword($input) {
$pass = strtoupper(
sha1(
sha1($input, true)
)
);
$pass = '*' . $pass;
return $pass;
}
```
Plus also extend the SQL command of a new user but without success:
```
if(!$link->query("CREATE USER ".$link->escape_string($database_user)."'@'$db_host'"." IDENTIFIED WITH mysql_native_password BY '".$link->escape_string($database_password_native)."';");
if(!$link->query("GRANT " . $grants . " ON `".$link->escape_string($database_name)."`.* TO '".$link->escape_string($database_user)."'@'$db_host';")) $success = false;
```
Any help would be appreciated!
Thank you!3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5419white/blacklist using rspamd matches against "smtp from" only2021-08-06T22:55:53ZZakwhite/blacklist using rspamd matches against "smtp from" onlyI'am not sure how this is handled when using amavis, but in rspamd the generated config matches against the "smtp from" - instead of the "header from".\
Althought this might be more precise, a lot of end users don't even have knowledge o...I'am not sure how this is handled when using amavis, but in rspamd the generated config matches against the "smtp from" - instead of the "header from".\
Althought this might be more precise, a lot of end users don't even have knowledge of the smtp from/return-path header and in times of SRS it's pretty much impossible to get a match when not using regex matching anyway.\
Furthermore there is no guarantee that "smtp from" and the "header from" are equal or even using the same domain. Hence the black/whitelisting might not have the desired effect from the end user perspective.
## proposed fix
Since no "or" matching is available in rspamd (at least not between different attributes), a second stanza matching the from header could be introduced:
`header = { "From" = "sender@domain.tld"; }`Jesse NorellJesse Norellhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5420Improve input filters for Tools > Interface settings2019-10-08T16:26:49ZTill BrehmImprove input filters for Tools > Interface settingsImprove the input checks for Tools > Interface settings. This change was recommended by RACK911 LABS.Improve the input checks for Tools > Interface settings. This change was recommended by RACK911 LABS.3.1.15p1https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5424Unable to change passwd or user of admin2019-10-11T14:53:41ZJordi OlléUnable to change passwd or user of adminUnable to change passwd or user of admin.
I have installed today a new server and when I try to change the admin passwd or the name of user admin we receive:
1. Invalid chars in App theme.
It is impossible to change pa...Unable to change passwd or user of admin.
I have installed today a new server and when I try to change the admin passwd or the name of user admin we receive:
1. Invalid chars in App theme.
It is impossible to change passwd or the name of user admin under system CP Users…
It seems a bug into this version…3.1.15p2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5425Valid delete requests blocked by CSRF check2019-10-11T14:57:24ZTill BrehmValid delete requests blocked by CSRF checkSome valid delete requests were blocked by csrf check function.Some valid delete requests were blocked by csrf check function.3.1.15p2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5429Wrong class variable in server/lib/classes/db_mysql.inc.php LINE 2752019-10-16T15:10:51ZMathiasWrong class variable in server/lib/classes/db_mysql.inc.php LINE 275## short description
Multi-Server environment should connect to master server but spelling mistake in
[server/lib/classes/db_mysql.inc.php LINE 275](https://git.ispconfig.org/ispconfig/ispconfig3/blob/master/server/lib/classes/db_mysql.i...## short description
Multi-Server environment should connect to master server but spelling mistake in
[server/lib/classes/db_mysql.inc.php LINE 275](https://git.ispconfig.org/ispconfig/ispconfig3/blob/master/server/lib/classes/db_mysql.inc.php#L275) forbid this and cron.log fills with warnings.
## correct behaviour
*$this->i**s**ConnId* should be **$this->iConnId**
## environment
Server OS: Debian 10
Server OS version: buster
ISPConfig version: 3.1.15p13.1.15p2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5434BUG - Cleanup website tmp directories2020-01-22T09:49:00ZDaniel KovářBUG - Cleanup website tmp directories## short description
Cleanup website tmp directories doesnt work
## correct behaviour
Cleanup website tmp directories
## environment
Server OS: ubuntu
Server OS version: 18.04
ISPConfig version: 3.1.15p1
If it might be related to ...## short description
Cleanup website tmp directories doesnt work
## correct behaviour
Cleanup website tmp directories
## environment
Server OS: ubuntu
Server OS version: 18.04
ISPConfig version: 3.1.15p1
If it might be related to the problem
/ispconfig/server/lib/classes/cron.d/200-logfiles.inc.php
## proposed fix
row 220:
{-exec("cd ?; find . -mtime +1 -name 'sess_*' | grep -v -w .no_delete | xargs rm > /dev/null 2> /dev/null", $tmp_path);-}
new:
{+$app->system->exec_safe("cd ?; find . -mtime +1 -name 'sess_*' | grep -v -w .no_delete | xargs rm > /dev/null 2> /dev/null", $tmp_path);+}
## references
## screenshots
## log entries3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5440MariaDB: Field 'nginx_directives' doesn't have a default value2020-07-24T10:32:09ZMartin SebaldMariaDB: Field 'nginx_directives' doesn't have a default value## short description
After upgrading MariaDB from 10.1 to 10.4 I experienced the SQL error "Field 'nginx_directives' doesn't have a default value" when trying to add/modify a web domain, alias domain... The problem is that that MariaDB c...## short description
After upgrading MariaDB from 10.1 to 10.4 I experienced the SQL error "Field 'nginx_directives' doesn't have a default value" when trying to add/modify a web domain, alias domain... The problem is that that MariaDB changed SQL_MODE starting 10.2.4.
## correct behaviour
No error.
## environment
Server OS: Debian
Server OS version: 9.0 Stretch with MariaDB 10.4.8 from the original MariaDB repositories (downloads.mariadb.com)
ISPConfig version: 3.1.15p2
## proposed fix
I first entered a default value for 'nginx_directives' in the table web_domain by allowing NULL as a default value. No idea if that is a correct default value. So I changed it back and fixed the problem by changing the default value of the SQL_MODE of MariaDB by leaving out STRICT_TRANS_TABLES.
In my eyes it would be good to have a default value for the field as STRICT_TRANS_TABLES is in the default value for SQL_MODE of MariaDB starting in 10.2.4 - so everybody will experience the problem after upgrading.
## references
https://mariadb.com/kb/en/library/sql-mode/3.2Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5443optical issue at autoresponder2020-07-09T13:41:56ZWHOoptical issue at autoresponderif we create an autorepsonder and click at the date line an popup occours.
The images to scroll the calendar forward and backward are not shown.if we create an autorepsonder and click at the date line an popup occours.
The images to scroll the calendar forward and backward are not shown.3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5447php-fpm socket/config not removed on change of php version2020-10-09T09:33:38ZZakphp-fpm socket/config not removed on change of php version## short description
When changing from one version of php-fpm to another, the corresponding config of the website is not removed. This always happens from one "direction" to another, but not the other way around. \
I've posted a similar...## short description
When changing from one version of php-fpm to another, the corresponding config of the website is not removed. This always happens from one "direction" to another, but not the other way around. \
I've posted a similar issue three months ago in another thread - regarding a different server and in context to a servers default php setting. I don't remembers hitting this issue when not changing the servers php default setting, as well as a websites php version - however I don't recall changing the php default on that server... Please see https://git.ispconfig.org/ispconfig/ispconfig3/issues/5333#note_68059 for reference as well.
## correct behaviour
php-fpm config should be removed and the daemon should be reloaded.
## environment
Server OS: ubuntu \
Server OS version: bionic / 18.04.3 LTS \
ISPConfig version: 3.1.15 (checked changelogs of p1 and p2 but couldn't see any relevant fixes)
## log entries
### From php5.6 -> 7.3
This is where the error ouccurs!
There should be a line "Removed PHP-FPM config file: /etc/php/5.6/fpm/pool.d/web3363.conf", as well as a reload of the daemon itself.
```
08.11.2019-10:32 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
08.11.2019-10:32 - DEBUG - Found 1 changes, starting update process.
08.11.2019-10:32 - DEBUG - Replicated from master: REPLACE INTO `web_domain` (`domain_id`,`sys_userid`,`sys_groupid`,`sys_perm_user`,`sys_perm_group`,`sys_perm_other`,`server_id`,`ip_address`,`ipv6_address`,`domain`,`type`,`parent_domain_id`,`vhost_type`,`document_root`,`web_folder`,`system_user`,`system_group`,`hd_quota`,`traffic_quota`,`cgi`,`ssi`,`suexec`,`errordocs`,`is_subdomainwww`,`subdomain`,`php`,`ruby`,`python`,`perl`,`redirect_type`,`redirect_path`,`seo_redirect`,`rewrite_to_https`,`ssl`,`ssl_letsencrypt`,`ssl_letsencrypt_exclude`,`ssl_state`,`ssl_locality`,`ssl_organisation`,`ssl_organisation_unit`,`ssl_country`,`ssl_domain`,`ssl_request`,`ssl_cert`,`ssl_bundle`,`ssl_key`,`ssl_action`,`stats_password`,`stats_type`,`allow_override`,`apache_directives`,`nginx_directives`,`php_fpm_use_socket`,`php_fpm_chroot`,`pm`,`pm_max_children`,`pm_start_servers`,`pm_min_spare_servers`,`pm_max_spare_servers`,`pm_process_idle_timeout`,`pm_max_requests`,`php_open_basedir`,`custom_php_ini`,`backup_interval`,`backup_copies`,`backup_excludes`,`active`,`traffic_quota_lock`,`fastcgi_php_version`,`proxy_directives`,`enable_spdy`,`last_quota_notification`,`rewrite_rules`,`added_date`,`added_by`,`directive_snippets_id`,`enable_pagespeed`,`http_port`,`https_port`,`log_retention`,`folder_directive_snippets`) VALUES ('3363','526','525','riud','ru','','31','*','','domain.tld','vhost','0','name','/var/www/clients/client524/web3363','','web3363','client524','1000','100000','n','n','y','0','1','none','php-fpm','n','n','n',NULL,NULL,NULL,'n','n','n','n',NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,'$6$rounds=5000$48b2e56734a9d55b$XNfG0T8n/Y7ZQA.7NbzVFTJ8DInMBGGGwoKApbZQmjnSM9ytK2OUdYCbnp8dZBjcrz24mvw0j2hy9FqojTcXp.','awstats','All','','','y','n','dynamic','10','2','1','5','10','0','/var/www/clients/client524/web3363/web:/var/www/clients/client524/web3363/private:/var/www/clients/client524/web3363/tmp:/var/www/domain.tld/web:/srv/www/domain.tld/web:/usr/share/php5:/usr/share/php:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/dev/random:/dev/urandom','\r\nmemory_limit = 256M\r\npost_max_size = 64M\r\nupload_max_filesize = 64M\r\nmax_input_time = -1\r\nmax_execution_time = 180\r\nmax_input_vars = 1580\r\n','none','1','','y','n','','','n',NULL,NULL,'2019-11-08','113548','0','n','80','443','10',NULL)
08.11.2019-10:32 - DEBUG - Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
08.11.2019-10:32 - DEBUG - Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
08.11.2019-10:32 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client524/web3363' - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: chattr +i '/var/www/clients/client524/web3363' - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: df -T '/var/www/clients/client524/web3363'|awk 'END{print $2,$NF}' - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: which 'setquota' 2> /dev/null - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: setquota -u 'web3363' '1024000' '1025024' 0 0 -a &> /dev/null - return code: 0
setquota: Not setting block grace time on /dev/zd16p1 because softlimit is not exceeded.
setquota: Not setting inode grace time on /dev/zd16p1 because softlimit is not exceeded.
08.11.2019-10:32 - DEBUG - safe_exec cmd: setquota -T -u 'web3363' 604800 604800 -a &> /dev/null - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: chattr +i '/var/www/clients/client524/web3363' - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
08.11.2019-10:32 - DEBUG - Writing the vhost file: /etc/apache2/sites-available/domain.tld.vhost
08.11.2019-10:32 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
08.11.2019-10:32 - DEBUG - Writing the PHP-FPM config file: /etc/php/7.3/fpm/pool.d/web3363.conf
08.11.2019-10:32 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.11.2019-10:32 - DEBUG - Restarting php-fpm: systemctl reload php7.3-fpm.service
08.11.2019-10:32 - DEBUG - Apache status is: running
08.11.2019-10:32 - DEBUG - Calling function 'restartHttpd' from module 'web_module'.
08.11.2019-10:32 - DEBUG - Restarting httpd: systemctl restart apache2.service
08.11.2019-10:32 - DEBUG - Apache restart return value is: 0
08.11.2019-10:32 - DEBUG - Apache online status after restart is: running
08.11.2019-10:32 - DEBUG - Processed datalog_id 30661
08.11.2019-10:32 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
finished.
```
### From php7.3 -> 5.6
All good here...
```
08.11.2019-10:32 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
08.11.2019-10:32 - DEBUG - Found 1 changes, starting update process.
08.11.2019-10:32 - DEBUG - Replicated from master: REPLACE INTO `web_domain` (`domain_id`,`sys_userid`,`sys_groupid`,`sys_perm_user`,`sys_perm_group`,`sys_perm_other`,`server_id`,`ip_address`,`ipv6_address`,`domain`,`type`,`parent_domain_id`,`vhost_type`,`document_root`,`web_folder`,`system_user`,`system_group`,`hd_quota`,`traffic_quota`,`cgi`,`ssi`,`suexec`,`errordocs`,`is_subdomainwww`,`subdomain`,`php`,`ruby`,`python`,`perl`,`redirect_type`,`redirect_path`,`seo_redirect`,`rewrite_to_https`,`ssl`,`ssl_letsencrypt`,`ssl_letsencrypt_exclude`,`ssl_state`,`ssl_locality`,`ssl_organisation`,`ssl_organisation_unit`,`ssl_country`,`ssl_domain`,`ssl_request`,`ssl_cert`,`ssl_bundle`,`ssl_key`,`ssl_action`,`stats_password`,`stats_type`,`allow_override`,`apache_directives`,`nginx_directives`,`php_fpm_use_socket`,`php_fpm_chroot`,`pm`,`pm_max_children`,`pm_start_servers`,`pm_min_spare_servers`,`pm_max_spare_servers`,`pm_process_idle_timeout`,`pm_max_requests`,`php_open_basedir`,`custom_php_ini`,`backup_interval`,`backup_copies`,`backup_excludes`,`active`,`traffic_quota_lock`,`fastcgi_php_version`,`proxy_directives`,`enable_spdy`,`last_quota_notification`,`rewrite_rules`,`added_date`,`added_by`,`directive_snippets_id`,`enable_pagespeed`,`http_port`,`https_port`,`log_retention`,`folder_directive_snippets`) VALUES ('3363','526','525','riud','ru','','31','*','','domain.tld','vhost','0','name','/var/www/clients/client524/web3363','','web3363','client524','1000','100000','n','n','y','0','1','none','php-fpm','n','n','n',NULL,NULL,NULL,'n','n','n','n',NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,'$6$rounds=5000$48b2e56734a9d55b$XNfG0T8n/Y7ZQA.7NbzVFTJ8DInMBGGGwoKApbZQmjnSM9ytK2OUdYCbnp8dZBjcrz24mvw0j2hy9FqojTcXp.','awstats','All','','','y','n','dynamic','10','2','1','5','10','0','/var/www/clients/client524/web3363/web:/var/www/clients/client524/web3363/private:/var/www/clients/client524/web3363/tmp:/var/www/domain.tld/web:/srv/www/domain.tld/web:/usr/share/php5:/usr/share/php:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/dev/random:/dev/urandom','\r\nmemory_limit = 256M\r\npost_max_size = 64M\r\nupload_max_filesize = 64M\r\nmax_input_time = -1\r\nmax_execution_time = 180\r\nmax_input_vars = 1580\r\n','none','1','','y','n','php5.6:/etc/init.d/php5.6-fpm:/etc/php/5.6/fpm/:/etc/php/5.6/fpm/pool.d','','n',NULL,NULL,'2019-11-08','113548','0','n','80','443','10',NULL)
08.11.2019-10:32 - DEBUG - Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
08.11.2019-10:32 - DEBUG - Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
08.11.2019-10:32 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client524/web3363' - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: chattr +i '/var/www/clients/client524/web3363' - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: df -T '/var/www/clients/client524/web3363'|awk 'END{print $2,$NF}' - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: which 'setquota' 2> /dev/null - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: setquota -u 'web3363' '1024000' '1025024' 0 0 -a &> /dev/null - return code: 0
setquota: Not setting block grace time on /dev/zd16p1 because softlimit is not exceeded.
setquota: Not setting inode grace time on /dev/zd16p1 because softlimit is not exceeded.
08.11.2019-10:32 - DEBUG - safe_exec cmd: setquota -T -u 'web3363' 604800 604800 -a &> /dev/null - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: chattr +i '/var/www/clients/client524/web3363' - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
08.11.2019-10:32 - DEBUG - Writing the vhost file: /etc/apache2/sites-available/domain.tld.vhost
08.11.2019-10:32 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
08.11.2019-10:32 - DEBUG - Writing the PHP-FPM config file: /etc/php/5.6/fpm/pool.d/web3363.conf
08.11.2019-10:32 - DEBUG - Removed PHP-FPM config file: /etc/php/7.3/fpm/pool.d/web3363.conf
08.11.2019-10:32 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.11.2019-10:32 - DEBUG - Restarting php-fpm: systemctl reload php7.3-fpm.service
08.11.2019-10:32 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.11.2019-10:32 - DEBUG - Restarting php-fpm: systemctl reload php5.6-fpm.service
08.11.2019-10:32 - DEBUG - Apache status is: running
08.11.2019-10:32 - DEBUG - Calling function 'restartHttpd' from module 'web_module'.
08.11.2019-10:32 - DEBUG - Restarting httpd: systemctl restart apache2.service
08.11.2019-10:32 - DEBUG - Apache restart return value is: 0
08.11.2019-10:32 - DEBUG - Apache online status after restart is: running
08.11.2019-10:32 - DEBUG - Processed datalog_id 30660
08.11.2019-10:32 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
finished.
```https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5448Mail settings tabs are not working when accessed directly from the dashboard2023-08-01T21:17:13ZJonathan ElderMail settings tabs are not working when accessed directly from the dashboard## short description
Users cannot access autoresponder and other tabs settings when viewing email settings directly from the dashboard. Clicking on the tab results in a 404 error in the console. Tabs still works if you go to "Email Mail...## short description
Users cannot access autoresponder and other tabs settings when viewing email settings directly from the dashboard. Clicking on the tab results in a 404 error in the console. Tabs still works if you go to "Email Mailbox" section first, instead of selecting the email account directly from the dashboard. This only affects users, not the admin.
## correct behaviour
User should be able to see the tabs for other settings.
## environment
- Server OS: centos
- Server OS version: CentOS 7.7.1908
- ISPConfig version: 3.1.15p2
## log entries
### Console log
```
POST https://domain.com/dashboard/mail_user_edit.php 404 (Not Found)
```
## inspector details
### "Autoresponder" link code when viewed from dashboard
```
<a href="#" onclick="return ISPConfig.changeTab('autoresponder','dashboard/mail_user_edit.php')">Autoresponder</a>
```
### "Autoresponder" link code when viewed from "Email Mailbox" section
```
<a href="#" onclick="return ISPConfig.changeTab('autoresponder','mail/mail_user_edit.php')">Autoresponder</a>
```3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5449Why the firewall is always seen inactive during the update process2021-01-09T22:12:26ZOlivier BOUMATIWhy the firewall is always seen inactive during the update processHello,
I use ISPConfig for several years on 6 different Debian servers. So I proceeded regularly updates ISPConfig and systems packages.
I noticed during each update, that the process detects that the firewall is inactive while I answer ...Hello,
I use ISPConfig for several years on 6 different Debian servers. So I proceeded regularly updates ISPConfig and systems packages.
I noticed during each update, that the process detects that the firewall is inactive while I answer always need to activate it. Why does not he retains this choice as he does very well for all other matters relating to the installation?
Thank you
Regards,
Olivier
## environment
Server OS: (Debian)
Server OS version: (Stretch)
ISPConfig version: (3.1.15p2 and other)
## Apache version
root:~# apachectl -v
Server version: Apache/2.4.25 (Debian)
Server built: 2019-10-13T15:43:54
## PHP version
root:~# php -v
PHP 5.6.40-13+0~20191026.23+debian9~1.gbp37e45b (cli)
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologieshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5453Remove postfix receive_override_options = no_address_mappings in Rspamd mode2019-11-22T18:37:20ZTill BrehmRemove postfix receive_override_options = no_address_mappings in Rspamd modeRemove postfix receive_override_options = no_address_mappings in Rspamd mode. See https://www.howtoforge.com/community/threads/error-virtual-alias-maps-user-unkown-postfix-rspamd-ispconfig-3-1-15p2.83239/Remove postfix receive_override_options = no_address_mappings in Rspamd mode. See https://www.howtoforge.com/community/threads/error-virtual-alias-maps-user-unkown-postfix-rspamd-ispconfig-3-1-15p2.83239/3.2Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5463Allow short form for wildcard DNS records2020-09-15T13:06:22ZTomAllow short form for wildcard DNS records## short description
I would like to add a TXT record with name '*' and a value of 'some nice text' to the kovoks.nl domain.
This is rejected as 'invalid name'.
## correct behaviour
This is allowed according to the RFC.
## Workaround
...## short description
I would like to add a TXT record with name '*' and a value of 'some nice text' to the kovoks.nl domain.
This is rejected as 'invalid name'.
## correct behaviour
This is allowed according to the RFC.
## Workaround
Use '*.kovoks.nl.' as name. This is accepted.3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5464Use unique id for additional php selection in website2020-07-27T10:05:39ZMarius BurkardUse unique id for additional php selection in websiteWe should use an internal unique id for storing website to php version relations instead of using a fixes string. It would solve the issues like #5210 and would also make handling easier.
See also https://www.howtoforge.com/community/th...We should use an internal unique id for storing website to php version relations instead of using a fixes string. It would solve the issues like #5210 and would also make handling easier.
See also https://www.howtoforge.com/community/threads/php-version-in-additional-php-versions.82961/3.2Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5466Enable logging for acme.sh2020-07-23T16:59:59ZTill BrehmEnable logging for acme.shEnable logging for acme.sh when SSL certs get genarated in ISPConfig.Enable logging for acme.sh when SSL certs get genarated in ISPConfig.3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5468allow axfr range instead of only ipaddress2020-08-30T16:18:47Zcommentatorallow axfr range instead of only ipaddresswould be nice if we can add an axfr range instead of only ipaddresses.
See also https://www.howtoforge.com/community/threads/axfr-range.82959/#post-395710would be nice if we can add an axfr range instead of only ipaddresses.
See also https://www.howtoforge.com/community/threads/axfr-range.82959/#post-395710https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5477Incomplete translation ./interface/web/mail/lib/lang/de_mail_user.lng2020-06-08T09:49:02ZZakIncomplete translation ./interface/web/mail/lib/lang/de_mail_user.lng```
--- ./interface/web/mail/lib/lang/de_mail_user.lng_ 2019-09-05 16:38:08.226559943 +0200
+++ ./interface/web/mail/lib/lang/de_mail_user.lng 2019-12-06 10:16:38.192786309 +0100
@@ -57,9 +57,9 @@
$wb['weekly_backup_txt'] = 'woechentlic...```
--- ./interface/web/mail/lib/lang/de_mail_user.lng_ 2019-09-05 16:38:08.226559943 +0200
+++ ./interface/web/mail/lib/lang/de_mail_user.lng 2019-12-06 10:16:38.192786309 +0100
@@ -57,9 +57,9 @@
$wb['weekly_backup_txt'] = 'woechentlich';
$wb['monthly_backup_txt'] = 'monatlich';
$wb['cc_note_txt'] = '(Mehrere E-Mail-Adressen mit Kommas trennen)';
-$wb['autoresponder_start_date_is_required'] = 'Start date must be set when Autoresponder is enabled.';
-$wb['sender_cc_txt'] = 'Send outgoing BCC to';
-$wb['sender_cc_error_isemail'] = 'The -Send outgoing copy to- field does not contain a valid email address';
-$wb['sender_cc_note_txt'] = '(Separate multiple email addresses with commas)';
+$wb['autoresponder_start_date_is_required'] = 'Startdatum muss angegeben werden.';
+$wb['sender_cc_txt'] = 'Kopie ausgehender Emails senden an (BCC)';
+$wb['sender_cc_error_isemail'] = '-Kopie ausgehender Emails senden an- Feld enthält keine gültige Emailadresse';
+$wb['sender_cc_note_txt'] = '(Mehrere E-Mail-Adressen mit Kommas trennen)';
$wb['password_click_to_set_txt'] = 'Click to set';
?>
```3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5478Spamfilter BL/WL leaks servernames to customer2021-11-15T20:47:18ZZakSpamfilter BL/WL leaks servernames to customer### Problem
The "Server" dropdown selector in the users Spamfilter BL/WL dialog leaks all servernames within the "ISPConfig network" to the user - regardless of their function and their availability to the user.
### Proposed solution(s)...### Problem
The "Server" dropdown selector in the users Spamfilter BL/WL dialog leaks all servernames within the "ISPConfig network" to the user - regardless of their function and their availability to the user.
### Proposed solution(s)
1) Only offer (mail)servers assigned to the specific user
2) Only offer (mail)servers which are already in use by a user set spamfilter directive
3) Remove the dropdown menu in favor of a text input fieldhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5479Lost password form and mail not shown localized2020-06-07T12:45:58ZGeorg MarxLost password form and mail not shown localized## short description
Lost password form and password reset emails are always in english. Default language setting in ISPConfig is not considered.
Open ispconfig-admin:8080/login/password_reset.php page in Browser. Language is always set...## short description
Lost password form and password reset emails are always in english. Default language setting in ISPConfig is not considered.
Open ispconfig-admin:8080/login/password_reset.php page in Browser. Language is always set to english.
## correct behaviour
Show form and emails in default language as defined in ISPConfig.
## environment
* Lost password function must be active in ISPConfig.
* Default language is not english
## proposed fix
Change in file interface/web/login/password_reset.php in line 46
```
include ISPC_ROOT_PATH.'/web/login/lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'.lng';
```
to
```
include ISPC_ROOT_PATH.'/web/login/lib/lang/'.$app->functions->check_language($conf['language']).'.lng';
```3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5480Add conf-custom support for security_settings.ini2020-05-28T14:53:37ZTill BrehmAdd conf-custom support for security_settings.iniAdd conf-custom support for security_settings.iniAdd conf-custom support for security_settings.ini3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5483Subdomain (vhost) with subroot creates incorrect document root2019-12-22T08:31:56ZXaver MaierhoferSubdomain (vhost) with subroot creates incorrect document root## short description
Docroot is missing a `/`
`subdomain` as folder and `##subroot web ##` in vhost ends up with `path.../clienZY/webXY/subdomainweb` as root
## correct behaviour
`/` needs to be added. `subdomain/` will strip the `/` o...## short description
Docroot is missing a `/`
`subdomain` as folder and `##subroot web ##` in vhost ends up with `path.../clienZY/webXY/subdomainweb` as root
## correct behaviour
`/` needs to be added. `subdomain/` will strip the `/` on save and also subroot used a ltrim `/` and will remove the needed `/`
## environment
Server OS: debian
Server OS version: 10
ISPConfig version: git-stable
If it might be related to the problem
```
nginx version: nginx/1.17.6
```
```
PHP 7.3.12
```
## proposed fix
add a `/` in subdomain vhost, because the website/domain has a `/` or allow `/` and strip double `//`https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5495Backup Stats menu item shown in user view, even if function is not available ...2020-07-13T20:38:58ZZakBackup Stats menu item shown in user view, even if function is not available to user### Feature Request
Remove `Backups Stats` from Statistic menu if option is not available to the user.### Feature Request
Remove `Backups Stats` from Statistic menu if option is not available to the user.3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5513Rsapmd user configuration always add header and rewrite subject regardless of...2020-08-12T13:34:55ZFiftyzRsapmd user configuration always add header and rewrite subject regardless of SPAM tag method configured## wrong behaviour
Rsapmd user configuration generated always include `add header` and `rewrite subject` regardless of SPAM tag method configured in ISPConfig spamfilter policy.
## correct behaviour
Rsapmd user configuration generated s...## wrong behaviour
Rsapmd user configuration generated always include `add header` and `rewrite subject` regardless of SPAM tag method configured in ISPConfig spamfilter policy.
## correct behaviour
Rsapmd user configuration generated should include "add header" or/and "rewrite subject" based on SPAM tag method configured in ISPConfig spamfilter policy.
## problem
The problem is causated by the code in `rspamd_plugin::user_settings_update()` from `/server/plugins-available/rspamd_plugin.inc.php`:
```
class rspamd_plugin {
# (...)
function user_settings_update($event_name, $data) {
# (...)
$tpl->setVar('rspamd_spam_tag_method', floatval($policy['rspamd_spam_tag_method']));
# (...)
}
}
```
## proposed fix
`rspamd_spam_tag_method` is a string not a float, so it should be set like this:
```
class rspamd_plugin {
# (...)
function user_settings_update($event_name, $data) {
# (...)
$tpl->setVar('rspamd_spam_tag_method', $policy['rspamd_spam_tag_method']);
# (...)
}
}
```https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5514Mount for log files gets deleted after domain change2021-03-18T19:58:42ZDanielMount for log files gets deleted after domain change## short description
When changing the domain of a website in ISPConfig, the "log" folder of the website is empty. Reason is that the fstab entries are not added for the new domain (but the old entry gets deleted).
*(I assume that a dom...## short description
When changing the domain of a website in ISPConfig, the "log" folder of the website is empty. Reason is that the fstab entries are not added for the new domain (but the old entry gets deleted).
*(I assume that a domain change affects other parts of ISPConfig and the system too - if you can think of them maybe a new bug ticket should be opened)*
## correct behaviour
A new fstab entry should be created based on the new domain name, after deleting the old one.
## environment
Server OS: Ubuntu
Server OS version: 16.04 LTS
ISPConfig version: 3.1.15p2 (older versions affected too)
## references
https://www.howtoforge.com/community/threads/renaming-domain-deletes-logs.83607/https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5515API client_template_additional_get always return just one template2020-01-17T14:06:37ZWHOAPI client_template_additional_get always return just one template## short description
When two additional client templates are assigned the function client_template_additional_get has alsways just one entry in result.
## correct behaviour
I would expect all assigned ids in the result array
## enviro...## short description
When two additional client templates are assigned the function client_template_additional_get has alsways just one entry in result.
## correct behaviour
I would expect all assigned ids in the result array
## environment
Server OS: Debian
Server OS version: (wheezy/trusty/centos6/...)
ISPConfig version: 3.1.15p23.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5521Allow IPv6 Addresses for xfer and notify in DNS Module2020-08-10T17:59:28ZPatrick OmlandAllow IPv6 Addresses for xfer and notify in DNS ModuleIn the DNS module for Allow-Transfer, Notify etc. both IPv6 and IPv4 addresses should be allowed.In the DNS module for Allow-Transfer, Notify etc. both IPv6 and IPv4 addresses should be allowed.3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5523Can't delete Q&A; CSRF attempt blocked2020-03-02T09:37:57ZThomCan't delete Q&A; CSRF attempt blockedWhen trying to delete a Q&A, I get the error "CSRF attempt blocked", and the Q&A isn't deleted.
ISPConfig version: 3.1.15p2When trying to delete a Q&A, I get the error "CSRF attempt blocked", and the Q&A isn't deleted.
ISPConfig version: 3.1.15p2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5533spamfilter users form don't allow amavis catchall pattern2022-08-17T14:19:03ZCarlosspamfilter users form don't allow amavis catchall pattern## What is happening and what is wrong with that?
In the web interface, in spamfilter users form, if in the email pattern i write the amavis catchall "@." pattern (see [https://docs.iredmail.org/amavisd.sql.db.html#lookup_sql_dsn](https:...## What is happening and what is wrong with that?
In the web interface, in spamfilter users form, if in the email pattern i write the amavis catchall "@." pattern (see [https://docs.iredmail.org/amavisd.sql.db.html#lookup_sql_dsn](https://docs.iredmail.org/amavisd.sql.db.html#lookup_sql_dsn)) it is modified on save and replaced by "@"
## What should happen instead?
It should allow to store the catchall pattern
## environment
Server OS: debian
Server OS version: buster
ISPConfig version: 3.1.15p2
## proposed fix
I think we can check if $domain is the amavis pattern "@." to the second line of the method "_idn_encode_decode" on the file "interface/lib/classes/functions.inc.php"
like this
```
private function _idn_encode_decode($domain, $encode = true) {
if($domain == '') return '';
if($domain == '@.') return $domain; //amavis catchall pattern
if(preg_match('/^[0-9\.]+$/', $domain)) return $domain; // may be an ip address - anyway does not need to bee encoded
```https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5539IDN encode domains in Rspamd config file names2020-07-23T13:48:27ZTill BrehmIDN encode domains in Rspamd config file namesIDN encode domains in Rspamd config file names.
https://forum.howtoforge.de/threads/rspamd-user-filter-warning-action-aborted-file-is-a-symlink.12001/#post-59459IDN encode domains in Rspamd config file names.
https://forum.howtoforge.de/threads/rspamd-user-filter-warning-action-aborted-file-is-a-symlink.12001/#post-594593.2Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5545Password reset form doesn't load correct language file2020-03-02T09:37:14ZSuhajdaPassword reset form doesn't load correct language fileThe login form uses the global language settings:
`$app->load_language_file('web/login/lib/lang/'.$conf["language"].'.lng');`
But the password reset form (password_reset.php) tries to load the language file based on the session:
`includ...The login form uses the global language settings:
`$app->load_language_file('web/login/lib/lang/'.$conf["language"].'.lng');`
But the password reset form (password_reset.php) tries to load the language file based on the session:
`include ISPC_ROOT_PATH.'/web/login/lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'.lng';`
Since there is no session yet (because the user is not logged in yet) the password reset form is always English. At least this is what I think is the problem. :)
It would be nice that the password reset form loads the correct language file from the global settings as the login form does.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5548Changing password rspamd does not change through server config2022-03-01T13:28:35ZDannyChanging password rspamd does not change through server config## short description
trying to change the access password of rspamd GUI through the ISPConfig admin interface. Enabling debug and checking the debuglog after running server.sh gives back no error. Looking at the worker-controller.inc it ...## short description
trying to change the access password of rspamd GUI through the ISPConfig admin interface. Enabling debug and checking the debuglog after running server.sh gives back no error. Looking at the worker-controller.inc it indeed did not change.
## correct behaviour
Changing the access password of the GUI
## environment
Server OS: Ubuntu
Server OS version: 18.04.4 LTS (Bionic Beaver)
ISPConfig version: 3.1.15p3
## log entries
```
28.02.2020-12:02 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
28.02.2020-12:02 - DEBUG - Found 2 changes, starting update process.
28.02.2020-12:02 - DEBUG - Replicated from master: **QUERY
28.02.2020-12:02 - DEBUG - Calling function 'server_ip' from plugin 'apache2_plugin' raised by event 'server_update'.
28.02.2020-12:02 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
28.02.2020-12:02 - DEBUG - Writing the conf file: /etc/apache2/sites-available/ispconfig.conf
28.02.2020-12:02 - DEBUG - Calling function 'update' from plugin 'apps_vhost_plugin' raised by event 'server_update'.
28.02.2020-12:02 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
28.02.2020-12:02 - DEBUG - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'.
28.02.2020-12:02 - DEBUG - Network configuration disabled in server settings.
28.02.2020-12:02 - DEBUG - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'.
28.02.2020-12:02 - DEBUG - safe_exec cmd: which 'dovecot' 2> /dev/null - return code: 0
28.02.2020-12:02 - DEBUG - Processed datalog_id 5757
28.02.2020-12:02 - DEBUG - Replicated from master: **QUERY
28.02.2020-12:02 - DEBUG - Calling function 'server_ip' from plugin 'apache2_plugin' raised by event 'server_update'.
28.02.2020-12:02 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
28.02.2020-12:02 - DEBUG - Writing the conf file: /etc/apache2/sites-available/ispconfig.conf
28.02.2020-12:02 - DEBUG - Calling function 'update' from plugin 'apps_vhost_plugin' raised by event 'server_update'.
28.02.2020-12:02 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
28.02.2020-12:02 - DEBUG - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'.
28.02.2020-12:02 - DEBUG - Network configuration disabled in server settings.
28.02.2020-12:02 - DEBUG - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'.
28.02.2020-12:02 - DEBUG - safe_exec cmd: which 'dovecot' 2> /dev/null - return code: 0
28.02.2020-12:02 - DEBUG - Processed datalog_id 5758
28.02.2020-12:02 - DEBUG - Calling function 'restartHttpd' from module 'web_module'.
28.02.2020-12:02 - DEBUG - Restarting httpd: systemctl restart apache2.service
28.02.2020-12:02 - DEBUG - Calling function 'restartPostfix' from module 'mail_module'.
28.02.2020-12:02 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
finished.
```https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5554Log an error when database backup fails.2020-05-28T17:46:02ZTill BrehmLog an error when database backup fails.Log an error when database backup fails e.g. due to a wrong mysql root password.Log an error when database backup fails e.g. due to a wrong mysql root password.3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5555Remote API function client_template_additional_add() broken2020-08-28T16:34:17ZTill BrehmRemote API function client_template_additional_add() brokenThe remote API function client_template_additional_add() does not calculate the limits correctly.The remote API function client_template_additional_add() does not calculate the limits correctly.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5559Add CAA records via API2020-06-09T17:17:44ZcwispyAdd CAA records via APICan you please add the functions to remote.d/dns.php file and also the Remote User page under system settings? I have added the below to my test server and updated the table directly in the database to confirm its working, but it would b...Can you please add the functions to remote.d/dns.php file and also the Remote User page under system settings? I have added the below to my test server and updated the table directly in the database to confirm its working, but it would be good to have it added to the core.
//* Get record details
public function dns_caa_get($session_id, $primary_id) {
return $this->dns_rr_get($session_id, $primary_id, 'CAA');
}
//* Add a record
public function dns_caa_add($session_id, $client_id, $params, $update_serial=false) {
return $this->dns_rr_add($session_id, $client_id, $params, $update_serial, 'CAA');
}
//* Update a record
public function dns_caa_update($session_id, $client_id, $primary_id, $params, $update_serial=false) {
return $this->dns_rr_update($session_id, $client_id, $primary_id, $params, $update_serial, 'CAA');
}
//* Delete a record
public function dns_caa_delete($session_id, $primary_id, $update_serial=false) {
return $this->dns_rr_delete($session_id, $primary_id, $update_serial, 'CAA');
}3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5574Incorrect Template - mysql-virtual_outgoing_bcc.cf and .cf.master2020-06-10T21:33:49ZMatt WrightIncorrect Template - mysql-virtual_outgoing_bcc.cf and .cf.masterHi,
I have updated to ISPConfig-3.1.0.tar.gz - Stable Release.
Afterwards I was having problems with mysql-virtual_outgoing_bcc.cf trying to connect to SQL at loopback. My installation doesn't have any local SQL servers which would ac...Hi,
I have updated to ISPConfig-3.1.0.tar.gz - Stable Release.
Afterwards I was having problems with mysql-virtual_outgoing_bcc.cf trying to connect to SQL at loopback. My installation doesn't have any local SQL servers which would account for the failure.
Looking at the install template files within the .gz distribution file it would appear loopback is hard coded instead of using hosts = {mysql_server_database] variable.
in install/tpl folder
cat mysql-virtual_outgoing_bcc.cf
user = {mysql_server_ispconfig_user}
password = {mysql_server_ispconfig_password}
dbname = {mysql_server_database}
table = mail_user
select_field = sender_cc
where_field = email
additional_conditions = and postfix = 'y' and disabledeliver = 'n' and disables$
hosts = **127.0.0.1**
cat mysql-virtual_outgoing_bcc.cf.master
user = {mysql_server_ispconfig_user}
password = {mysql_server_ispconfig_password}
dbname = {mysql_server_database}
table = mail_user
select_field = sender_cc
where_field = email
additional_conditions = and postfix = 'y' and disabledeliver = 'n' and disablesmtp = 'n' and sender_cc != ''
hosts = **127.0.0.1**
cat mysql-virtual_mailboxes.cf.master
user = {mysql_server_ispconfig_user}
password = {mysql_server_ispconfig_password}
dbname = {mysql_server_database}
table = mail_user
select_field = CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')
where_field = login
additional_conditions = and postfix = 'y' and server_id = {server_id}
hosts = **{mysql_server_ip}**https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5578security issue when creating ssh users2021-02-02T20:57:39ZKiss Károlysecurity issue when creating ssh users## short description
When creating ssh users with jailkit, it takes a while to create the jail. The user is first created, the shell is disabled
and the password locked. However these actions are done sequentially using separate commands...## short description
When creating ssh users with jailkit, it takes a while to create the jail. The user is first created, the shell is disabled
and the password locked. However these actions are done sequentially using separate commands. This leaves a very short time
for attackers to access the server's OS with a valid user and password. It is very hard to exploit but during a security audit our system has been accessed this way, so it is possible.
## correct behaviour
The newly created ssh user should be created with disabled login until the jail is created and login should be enabled after the shell is set to jk_chrootsh.
## environment
Server OS: debian
Server OS version: buster
ISPConfig version: 3.1dev
## proposed fix
add --disable-login to the adduser command and enable
## log entries
```
Apr 1 17:27:02 ispcwebtest02 useradd[14214]: new user: name=c6crash, UID=10033, GID=10033, home=/var/www/clients/client15/web33, shell=/bin/bash
Apr 1 17:27:02 ispcwebtest02 usermod[14229]: change user 'c6crash' shell from '/bin/bash' to '/bin/false'
Apr 1 17:27:02 ispcwebtest02 usermod[14229]: lock user 'c6crash' password
Apr 1 17:27:56 ispcwebtest02 usermod[21527]: change user 'c6crash' home from '/var/www/clients/client15/web33' to '/var/www/clients/client15/web33/./home/c6crash'
Apr 1 17:27:56 ispcwebtest02 usermod[21534]: change user 'c6crash' shell from '/bin/false' to '/usr/sbin/jk_chrootsh'
Apr 1 17:27:56 ispcwebtest02 usermod[21539]: change user 'web33' home from '/var/www/clients/client15/web33' to '/var/www/clients/client15/web33/./home/web33'
Apr 1 17:27:56 ispcwebtest02 usermod[21557]: unlock user 'c6crash' password
```3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5583Delete Lets Encrypt / certbot data of delete domains2020-06-05T17:42:24ZKoSDelete Lets Encrypt / certbot data of delete domainsWhen a website gets deleted, the associated certbot configurations should be delete via `certbot delete` to prevent certbot trying to renew certificates for non-existing domains (because if one deletes the website, he will most likely al...When a website gets deleted, the associated certbot configurations should be delete via `certbot delete` to prevent certbot trying to renew certificates for non-existing domains (because if one deletes the website, he will most likely also remove the DNS entries).https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5584Delete SSL directory references for vhost subdomains2020-08-30T16:50:46ZKoSDelete SSL directory references for vhost subdomainsWhen a vhost subdomain gets deleted, any associated files, like the Lets Encrypt/certbot symlinks in the SSL subdir, shall be removed. In addition the associated certbot configurations should be removed too, see #5583When a vhost subdomain gets deleted, any associated files, like the Lets Encrypt/certbot symlinks in the SSL subdir, shall be removed. In addition the associated certbot configurations should be removed too, see #5583https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5585DNS Zone import misclassifies record type's as host names2020-06-09T17:17:21ZMichał MosiewiczDNS Zone import misclassifies record type's as host names## short description
In case of the following snippet:
```
IN NS ns1.xxx.
IN NS ns2.xxx.
IN MX 10 mail.xxx.
IN MX 15 backup.xxx.
IN CAA 0 issue "letsencrypt.org"
IN CAA 0 issue "rapidssl.com"
IN CAA 0 iodef "mailto:admin...## short description
In case of the following snippet:
```
IN NS ns1.xxx.
IN NS ns2.xxx.
IN MX 10 mail.xxx.
IN MX 15 backup.xxx.
IN CAA 0 issue "letsencrypt.org"
IN CAA 0 issue "rapidssl.com"
IN CAA 0 iodef "mailto:admin@xxx"
IN CAA 0 issue "sectigo.com"
```
ISPConfig will import IN record type descriptors as names. So it will create records like:
```
in IN NS ns1.xxx.
in IN NS ns2.xxx.
in IN MX 10 mail.xxx.
in IN MX 15 backup.xxx.
in IN CAA 0 issue "letsencrypt.org"
in IN CAA 0 issue "rapidssl.com"
in IN CAA 0 iodef "mailto:admin@xxx"
in IN CAA 0 issue "sectigo.com"
```
## correct behaviour
The line should be imported as original
## environment
Server OS: doesn't matter
Server OS version: doesn't matter
ISPConfig version: 3.1.15p2
## proposed fix
This part of interface/web/dns/dns_import.php needs to be fixed:
```
if(is_numeric($parts[1])){
if($parts[2] == 'in'){
$resource_type = $parts[3];
$pkey = 3;
} else {
$resource_type = $parts[2];
$pkey = 2;
}
} else {
if($parts[1] == 'in'){
$resource_type = $parts[2];
$pkey = 2;
} else {
$resource_type = $parts[1];
$pkey = 1;
}
}
```
The above code looks only for lowercase record type descriptors. However RFC1035 uses uppercase:
> 3.2.4. CLASS values
>
> CLASS fields appear in resource records. The following CLASS mnemonics
> and values are defined:
>
> IN 1 the Internet
>
> CS 2 the CSNET class (Obsolete - used only for examples in
> some obsolete RFCs)
>
> CH 3 the CHAOS class
>
> HS 4 Hesiod [Dyer 87]
## references
Domain name zone file format is described in RFC1035 https://tools.ietf.org/html/rfc10353.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5586Maibox quota | Email domain quota2020-11-02T15:54:15ZTonMaibox quota | Email domain quotaGood afternoon,
I'm writing because we have detected a problem with email quotas. It's a real case that has happened to us.
1. The client has created an email box: email01@domain.com with a fee of 5 Gb.
2. When the mailbox reaches 5Gb...Good afternoon,
I'm writing because we have detected a problem with email quotas. It's a real case that has happened to us.
1. The client has created an email box: email01@domain.com with a fee of 5 Gb.
2. When the mailbox reaches 5Gb, they deactivate it and modify the quota reducing it to 1 Mb for example.
3. Then they create a new email box: email02@domain.com and they have all the domain fees to use again.
4. The first mailbox has not been deleted, so it uses the 5 Gb hard disk quota.
5. This has been repeated with several emails, so this user is consuming much more hard disk quota than the one assigned to his domain without our control.
Regards.
On the other hand, would it be possible to have a limit per account instead of a global limit for all accounts? I think it is the most used option in hosting plans (max quota limit per account) more common than global quota per email domain.
Example:
Currently, we could set a domain email quota to 10Gb. This means we could have a mailbox with a 10Gb quota or 10 email mailboxes with 1Gb. We believe it is more common to set a maximum of 10 mailboxes and 1G max for each one for example.
I have seen that it is an open request a long time ago, we are following the changes but it has not entered the roadmap.
Thank you very much for the excellent work on this project.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5588CAA for Sectigo2023-04-29T19:13:26ZPacoCAA for SectigoHello,
Comodo rebranded their company, change his name and now called Sectigo.
In DNS zone menu, when you try to add CAA for Sectigo - issuer was missing.
https://sectigo.com/comodo
When I check - issuers contained in dbispconfig da...Hello,
Comodo rebranded their company, change his name and now called Sectigo.
In DNS zone menu, when you try to add CAA for Sectigo - issuer was missing.
https://sectigo.com/comodo
When I check - issuers contained in dbispconfig database -> dns_ssl_ca table.
I do not want to manually insert a row in this table, as I am not sure if this would break the dbispconfig database in a possible future update for ISPConfig.
It is possible Sectigo to be added in next releases of ISPConfig?
3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5593Data too long for column 'id_rsa' at row 12020-07-27T15:03:35ZTrimilurData too long for column 'id_rsa' at row 1While you create a new customer you can switch to "Limits". If you filled all requiered fields and switch to Limits you get "Data too long for column 'id_rsa' at row 1" error.
PHP7.4-FPM
NGINX
ISPConfig 3.1.15p3
Ubuntu 20.4While you create a new customer you can switch to "Limits". If you filled all requiered fields and switch to Limits you get "Data too long for column 'id_rsa' at row 1" error.
PHP7.4-FPM
NGINX
ISPConfig 3.1.15p3
Ubuntu 20.43.2Till BrehmTill Brehmhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5602mailman images not showing [nginx fix]2020-07-24T09:25:55ZBarretmailman images not showing [nginx fix]The images on the bottom of the web interface are not showing,
The problem is located in `000-apps.vhost` at the mailman image directive.
Nginx fix:
```
#location /images/mailman {
# alias /usr/share/images/mail...The images on the bottom of the web interface are not showing,
The problem is located in `000-apps.vhost` at the mailman image directive.
Nginx fix:
```
#location /images/mailman {
# alias /usr/share/images/mailman;
#}
location ^~ /images/mailman {
alias /usr/share/images/mailman;
}
```
Running ISPConfig 3.1.15p3 on Debian 10 using Nginx3.2Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5607Clicking from search result alias/child domain fails to open2020-07-08T19:06:50ZHelmoClicking from search result alias/child domain fails to openWhen you use the search function to look for an alias or child domain it shows the result but clicking the link fails to open.
With the Firefox developer tools I noticed that the https response was 'redirect contains unallowed chars.'
...When you use the search function to look for an alias or child domain it shows the result but clicking the link fails to open.
With the Firefox developer tools I noticed that the https response was 'redirect contains unallowed chars.'
It tries to load `capp.php?mod=sites&redirect=sites/web_childdomain_edit.php%3Fid%3D291%26type%3Daliasdomain`
The `%26` in there is the & char, from the extra 'type=aliasdomain' parameter. Regular domains only get the `id` parameter.
The patch below is a quick fix to allow the extra `type` parameter. Would that be sufficient?
```patch
diff --git a/interface/web/capp.php b/interface/web/capp.php
index 39392691f..5d49fe80d 100755
--- a/interface/web/capp.php
+++ b/interface/web/capp.php
@@ -43,7 +43,7 @@ if($_SESSION["s"]["user"]['active'] != 1) {
}
if(!preg_match("/^[a-z]{2,20}$/i", $mod)) die('module name contains unallowed chars.');
-if($redirect != '' && !preg_match("/^[a-z0-9]+\/[a-z0-9_\.\-]+\?id=[0-9]{1,9}$/i", $redirect)) die('redirect contains unallowed chars.');
+if($redirect != '' && !preg_match("/^[a-z0-9]+\/[a-z0-9_\.\-]+\?id=[0-9]{1,9}(\&type=[a-z0-9_\.\-]+)?$/i", $redirect)) die('redirect contains unallowed chars.');
//* Check if user may use the module.
$user_modules = explode(",", $_SESSION["s"]["user"]["modules"]);
```3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5608[rspamd] DKIM check not working when switching from amavis to rspamd (CentOS7)2022-04-26T17:53:27ZJanThiel[rspamd] DKIM check not working when switching from amavis to rspamd (CentOS7)## short description
As described in this topic already, the dkim_signing.conf is not created in the rspamd config folder ( /etc/rspamd/local.d/ ) when you switch from amavisd to rspam. The _rspamd user also needs to be added to the amav...## short description
As described in this topic already, the dkim_signing.conf is not created in the rspamd config folder ( /etc/rspamd/local.d/ ) when you switch from amavisd to rspam. The _rspamd user also needs to be added to the amavis group (though I didn't check if this really was missing, before simply adding it :-/)
Thus rspamd is not able to find the dkim keys and throws warnings in the log.
```
dkim_module_load_key_format: cannot load dkim key /var/lib/rspamd/dkim/[DOMAIN].dkim.key: cannot stat key file: '/var/lib/rspamd/dkim/[DOMAIN].dkim.key' File or folder not found
```
https://www.howtoforge.com/community/threads/rspamd-greylist-dkim-keys-not-loaded.82823/#post-395279
## correct behaviour
DKIM files should be read from existing amavisd folder without manual intervention and configuration
## environment
Server OS: centos 7
ISPConfig version: 3.1.15p3
## proposed fix
- _rspamd user should be added to group amavisd
- **/etc/rspamd/local.d/dkim_signing.conf** should be created with the following content:
```
try_fallback = false;
path_map = "/etc/rspamd/local.d/dkim_domains.map";
selector_map = "/etc/rspamd/local.d/dkim_selectors.map";
```https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5613Adding zones to PowerDNS with 'notified_serial' set breaks native DNS replica...2020-05-08T08:31:14ZMichael WeißAdding zones to PowerDNS with 'notified_serial' set breaks native DNS replication## short description
When creating a new zone, the powerdns-plugin inserts the domain with the field "notified_serial" set to the inital serial from SOA. Therefore the pdns server does not notify any slaves since notified_serial == curre...## short description
When creating a new zone, the powerdns-plugin inserts the domain with the field "notified_serial" set to the inital serial from SOA. Therefore the pdns server does not notify any slaves since notified_serial == current serial from soa. This breaks zone replication to e.g. bind slaves.
## correct behaviour
Leave out "notified_serial" when adding a new zone or set it explicitly to NULL.
## environment
Any.
## proposed fix
server/plugins-available/powerdns_plugin.inc.php: 137,16
$app->db->query("INSERT INTO powerdns.domains (name, type, ispconfig_id) VALUES (?, ?, ?)", $origin, 'MASTER', $ispconfig_id);https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5614Fix home initialization for Jailkit (incl. Fix)2020-08-26T16:19:06ZTill BrehmFix home initialization for Jailkit (incl. Fix)The previous dir (without `./home/$user`) causes usermod to crash when some FPM processes are already launched for the UID (in `server/scripts/create_jailkit_user.sh`), so jk_jailuser is not able to detect the home inside the jail, inser...The previous dir (without `./home/$user`) causes usermod to crash when some FPM processes are already launched for the UID (in `server/scripts/create_jailkit_user.sh`), so jk_jailuser is not able to detect the home inside the jail, inserting an empty one in the passwd file, and causing an error when the user want to connect via SSH for example.
https://git.ispconfig.org/ispconfig/ispconfig3/-/merge_requests/7953.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5616PHP-FPM fails after too many restarts2022-02-26T21:12:41ZGuillaume SubironPHP-FPM fails after too many restarts## short description
I deleted some shell users. After a few seconds, php7.4-fpm stopped and remained failed.
Here is the syslog, which explains why php7.4-fpm failed.
```
May 8 11:49:01 myhost systemd[1]: php7.4-fpm.service: Succeed...## short description
I deleted some shell users. After a few seconds, php7.4-fpm stopped and remained failed.
Here is the syslog, which explains why php7.4-fpm failed.
```
May 8 11:49:01 myhost systemd[1]: php7.4-fpm.service: Succeeded.
May 8 11:49:01 myhost systemd[1]: php7.4-fpm.service: Succeeded.
May 8 11:49:02 myhost systemd[1]: php7.4-fpm.service: Succeeded.
May 8 11:49:02 myhost systemd[1]: php7.4-fpm.service: Succeeded.
May 8 11:49:03 myhost systemd[1]: php7.4-fpm.service: Succeeded.
May 8 11:49:03 myhost systemd[1]: php7.4-fpm.service: Succeeded.
May 8 11:49:03 myhost systemd[1]: php7.4-fpm.service: Start request repeated too quickly.
May 8 11:49:03 myhost systemd[1]: php7.4-fpm.service: Failed with result 'start-limit-hit'.
May 8 11:49:03 myhost systemd[1]: php7.4-fpm.service: Start request repeated too quickly.
May 8 11:49:03 myhost systemd[1]: php7.4-fpm.service: Failed with result 'start-limit-hit'.
May 8 11:49:04 myhost systemd[1]: php7.4-fpm.service: Start request repeated too quickly.
May 8 11:49:04 myhost systemd[1]: php7.4-fpm.service: Failed with result 'start-limit-hit'.
```
And here is anonymized ISPConfig log:
```
08.05.2020-11:49 - DEBUG - Found 9 changes, starting update process.
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_base_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web119' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: rm -rf '/var/www/clients/client1/web119/home/user1/.ssh' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web119' - return code: 0
08.05.2020-11:49 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.05.2020-11:49 - DEBUG - Restarting php-fpm: systemctl stop php7.4-fpm.service
08.05.2020-11:49 - DEBUG - safe_exec cmd: killall -u 'user1' ; userdel -f 'user1' &> /dev/null - return code: 0
08.05.2020-11:49 - DEBUG - Deleted shelluser: user1
08.05.2020-11:49 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.05.2020-11:49 - DEBUG - Restarting php-fpm: systemctl start php7.4-fpm.service
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_jailkit_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - Jailkit Plugin -> delete username:user1
08.05.2020-11:49 - DEBUG - Processed datalog_id 6957
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_base_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web121' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: rm -rf '/var/www/clients/client1/web121/home/user2/.ssh' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web121' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: killall -u 'user2' ; userdel -f 'user2' &> /dev/null - return code: 0
08.05.2020-11:49 - DEBUG - Deleted shelluser: user2
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_jailkit_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - Jailkit Plugin -> delete username:user2
08.05.2020-11:49 - DEBUG - Processed datalog_id 6958
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_base_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web124' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: rm -rf '/var/www/clients/client1/web124/home/user3/.ssh' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web124' - return code: 0
08.05.2020-11:49 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.05.2020-11:49 - DEBUG - Restarting php-fpm: systemctl stop php7.4-fpm.service
08.05.2020-11:49 - DEBUG - safe_exec cmd: killall -u 'user3' ; userdel -f 'user3' &> /dev/null - return code: 0
08.05.2020-11:49 - DEBUG - Deleted shelluser: user3
08.05.2020-11:49 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.05.2020-11:49 - DEBUG - Restarting php-fpm: systemctl start php7.4-fpm.service
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_jailkit_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - Jailkit Plugin -> delete username:user3
08.05.2020-11:49 - DEBUG - Processed datalog_id 6959
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_base_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web144' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: rm -rf '/var/www/clients/client1/web144/home/user4/.ssh' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web144' - return code: 0
08.05.2020-11:49 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.05.2020-11:49 - DEBUG - Restarting php-fpm: systemctl stop php7.4-fpm.service
08.05.2020-11:49 - DEBUG - safe_exec cmd: killall -u 'user4' ; userdel -f 'user4' &> /dev/null - return code: 0
08.05.2020-11:49 - DEBUG - Deleted shelluser: user4
08.05.2020-11:49 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.05.2020-11:49 - DEBUG - Restarting php-fpm: systemctl start php7.4-fpm.service
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_jailkit_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - Jailkit Plugin -> delete username:user4
08.05.2020-11:49 - DEBUG - Processed datalog_id 6960
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_base_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web163' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: rm -rf '/var/www/clients/client1/web163/home/user5/.ssh' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web163' - return code: 0
08.05.2020-11:49 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.05.2020-11:49 - DEBUG - Restarting php-fpm: systemctl stop php7.4-fpm.service
08.05.2020-11:49 - DEBUG - safe_exec cmd: killall -u 'user5' ; userdel -f 'user5' &> /dev/null - return code: 0
08.05.2020-11:49 - DEBUG - Deleted shelluser: user5
08.05.2020-11:49 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.05.2020-11:49 - DEBUG - Restarting php-fpm: systemctl start php7.4-fpm.service
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_jailkit_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - Jailkit Plugin -> delete username:user5
08.05.2020-11:49 - DEBUG - Processed datalog_id 6961
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_base_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web122' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: rm -rf '/var/www/clients/client1/web122/home/user6/.ssh' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web122' - return code: 0
08.05.2020-11:49 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.05.2020-11:49 - DEBUG - Restarting php-fpm: systemctl stop php7.4-fpm.service
08.05.2020-11:49 - DEBUG - safe_exec cmd: killall -u 'user6' ; userdel -f 'user6' &> /dev/null - return code: 0
08.05.2020-11:49 - DEBUG - Deleted shelluser: user6
08.05.2020-11:49 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.05.2020-11:49 - DEBUG - Restarting php-fpm: systemctl start php7.4-fpm.service
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_jailkit_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - Jailkit Plugin -> delete username:user6
08.05.2020-11:49 - DEBUG - Processed datalog_id 6962
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_base_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web81' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: rm -rf '/var/www/clients/client1/web81/home/user7/.ssh' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web81' - return code: 0
08.05.2020-11:49 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.05.2020-11:49 - DEBUG - Restarting php-fpm: systemctl stop php7.4-fpm.service
08.05.2020-11:49 - DEBUG - safe_exec cmd: killall -u 'user7' ; userdel -f 'user7' &> /dev/null - return code: 0
08.05.2020-11:49 - DEBUG - Deleted shelluser: user7
08.05.2020-11:49 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.05.2020-11:49 - DEBUG - Restarting php-fpm: systemctl start php7.4-fpm.service
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_jailkit_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - Jailkit Plugin -> delete username:user7
08.05.2020-11:49 - DEBUG - Processed datalog_id 6963
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_base_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web50' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: rm -rf '/var/www/clients/client1/web50/home/user8/.ssh' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web50' - return code: 0
08.05.2020-11:49 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.05.2020-11:49 - DEBUG - Restarting php-fpm: systemctl stop php7.4-fpm.service
08.05.2020-11:49 - DEBUG - safe_exec cmd: killall -u 'user8' ; userdel -f 'user8' &> /dev/null - return code: 0
08.05.2020-11:49 - DEBUG - Deleted shelluser: user8
08.05.2020-11:49 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.05.2020-11:49 - DEBUG - Restarting php-fpm: systemctl start php7.4-fpm.service
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_jailkit_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - Jailkit Plugin -> delete username:user8
08.05.2020-11:49 - DEBUG - Processed datalog_id 6964
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_base_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web166' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: rm -rf '/var/www/clients/client1/web166/home/user9/.ssh' - return code: 0
08.05.2020-11:49 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client1/web166' - return code: 0
08.05.2020-11:49 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.05.2020-11:49 - DEBUG - Restarting php-fpm: systemctl stop php7.4-fpm.service
08.05.2020-11:49 - DEBUG - safe_exec cmd: killall -u 'user9' ; userdel -f 'user9' &> /dev/null - return code: 0
08.05.2020-11:49 - DEBUG - Deleted shelluser: user9
08.05.2020-11:49 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.05.2020-11:49 - DEBUG - Restarting php-fpm: systemctl start php7.4-fpm.service
08.05.2020-11:49 - DEBUG - Calling function 'delete' from plugin 'shelluser_jailkit_plugin' raised by event 'shell_user_delete'.
08.05.2020-11:49 - DEBUG - Jailkit Plugin -> delete username:user9
08.05.2020-11:49 - DEBUG - Processed datalog_id 6965
08.05.2020-11:49 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
```
## environment
Server OS: Debian 10 "Buster"
ISPConfig version: 3.1.15p3
## proposed fix
It seems tunning Systemd (https://www.freedesktop.org/software/systemd/man/systemd.unit.html#StartLimitIntervalSec=interval) could avoid this, but I don't think this is the right solution, and I don't want to edit the systemd unit for every FPM version.
I think ISPConfig should be careful not to restart the same PHP-FPM too many times in a row.
Thanks.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5620"Use SMTP to send system mails" should work with default smtp settings2020-06-09T05:47:06ZJesse Norell"Use SMTP to send system mails" should work with default smtp settingsIf you check the "Use SMTP to send system mails" checkbox and leave the other smtp settings the same, password reset emails stop working and there is no error/indication when this happens. Using 'localhost' as a server name in particula...If you check the "Use SMTP to send system mails" checkbox and leave the other smtp settings the same, password reset emails stop working and there is no error/indication when this happens. Using 'localhost' as a server name in particular should be allowed, as that is the default.
https://www.howtoforge.com/community/threads/password-reset-email-not-sent.84349/3.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5624Failed to make backup of web files, because of unknown backup format gzip (IS...2020-05-29T09:48:38ZPatrick SchlesingerFailed to make backup of web files, because of unknown backup format gzip (ISPConfig dev version)## short description
After updating the ISPConfig installation on a mutiserver setup the manual and automatic backups do not work anymore.
## environment
```
Operating System: Debian 10.0 (Buster)
```
```
Version: ispconfig3-stable-3...## short description
After updating the ISPConfig installation on a mutiserver setup the manual and automatic backups do not work anymore.
## environment
```
Operating System: Debian 10.0 (Buster)
```
```
Version: ispconfig3-stable-3.1-e69a5b3f683d75e782613577f89e5be3e97d4f27
```
```
nginx version: nginx/1.14.2
```
```
gzip 1.9
```
```
# which gzip
/usr/bin/gzip
```
```
PHP 7.3.18-1+0~20200514.58+debian10~1.gbp12fa4f
```
## log entries
```
28.05.2020-22:27 - DEBUG - Triggered backup routine for domain id 8, action name backup_web_files
28.05.2020-22:27 - DEBUG - safe_exec cmd: mount 2>/dev/null | grep ' on /backup type ' - return code: 0
28.05.2020-22:27 - ERROR - Failed to make backup of web files, because of unknown backup format gzip for website domain.de
28.05.2020-22:27 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
```3.2