ISPConfig 3 issueshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues2020-07-18T13:48:47Zhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5039Search not working in domain field with öä characters2020-07-18T13:48:47ZTapio LehtonenSearch not working in domain field with öä characters## short description
What is happening and what is wrong with that?
I tested by creating domain hääyöaie.fi. Creating works and domain shows in DNS-Zones list, but searching with those öä characters does not work. Nothing is found. Like...## short description
What is happening and what is wrong with that?
I tested by creating domain hääyöaie.fi. Creating works and domain shows in DNS-Zones list, but searching with those öä characters does not work. Nothing is found. Like so:
- searching for hää, nothing found
- searching for aie finds the domain
Testing further, same thing in Sites tab searching Domain with öä characters.
## correct behaviour
What should happen instead?
öä and other non-ASCII characters should work in searches
## environment
Server OS: Debian GNU/Linux 9.4
Server OS version: Stretch
ISPConfig version: 3.1.11https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5040Remote client documentation: Add advanced query syntax in documentation and e...2020-08-28T16:58:24ZRuslanRemote client documentation: Add advanced query syntax in documentation and examplesThere is no description of advanced query syntax in remote API documentation. It would be great to add
it.
Examples of advanced syntax:
> Till Brehm @tbrehm commented
>
> You can use any field of the underlaying database table in you...There is no description of advanced query syntax in remote API documentation. It would be great to add
it.
Examples of advanced syntax:
> Till Brehm @tbrehm commented
>
> You can use any field of the underlaying database table in your query and it functions in all *_get functions of the api.
>
> ... by using the advanced query syntax:
>
> $domains = $client->sites_web_domain_get($session_id, array('domain' => 'mydomain.tld'));
>
> you can even do wildcard searches like:
>
> Example, return all domains that contain 'tom' in their name:
>
> $tom_domains = $client->sites_web_domain_get($session_id, array('domain' => '%tom%'));
>https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5041Suspending a client2020-08-28T17:55:09ZSteffen NielsenSuspending a clientI'm trying to suspend a client from API by changing
```
$params['canceled'] = 'y';
$params['locked'] = 'y';
```
These are submitted to the client_update() function which is reflected in the interface marking respectively the checkboxes...I'm trying to suspend a client from API by changing
```
$params['canceled'] = 'y';
$params['locked'] = 'y';
```
These are submitted to the client_update() function which is reflected in the interface marking respectively the checkboxes "Locked" and "Canceled" as activated. However this doesn't seem to have any impact on the client being able to login or not or neither does it seem to have impact on the client's websites, maildomains etc. being deactivated.
Marking Locked and Canceled in the interface manually works fine.
Am i missing something?Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5052IP anonymization not working in access log2020-04-21T14:22:35ZJanekIP anonymization not working in access log## short description
I just updated to ISPConfig 3.1.12 and set the global option "Store website access and error logs" to "Anonymize IP".
Afterwards I did a resync of "Websites" on all Webservers.
Now IP anonymization does work f...## short description
I just updated to ISPConfig 3.1.12 and set the global option "Store website access and error logs" to "Anonymize IP".
Afterwards I did a resync of "Websites" on all Webservers.
Now IP anonymization does work for error.log of Apache2 but it does not work for access.log - neither Nginx nor Apache2 (All octets visible)
## correct behaviour
Websites access.log should only contain anonymized IP-addresses.
## environment
Server OS: debian
Server OS version: jessie
ISPConfig version: 3.1.12
Multiserver Setup, 2 Webservers: 1 with nginx, 1 with Apache2
```
$ nginx -v
nginx version: nginx/1.13.12
$ apachectl -v
Server version: Apache/2.4.23 (Debian)
Server built: 2016-08-12T19:44:31
$ php -v
PHP 7.0.30-1~dotdeb+8.1 (cli) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
with Zend OPcache v7.0.30-1~dotdeb+8.1, Copyright (c) 1999-2017, by Zend Technologies
```
## references
ispconfig/ispconfig3#5050https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5053Global quota usage per user for all services.2018-05-28T09:32:02ZLuis GuzmanGlobal quota usage per user for all services.Since trying to set global limits per user might bring security issues, could we take another approach by summing each field (mail, web, ftp, db) on one table. So it's easier to keep track of each user space usage.
This would be a prett...Since trying to set global limits per user might bring security issues, could we take another approach by summing each field (mail, web, ftp, db) on one table. So it's easier to keep track of each user space usage.
This would be a pretty much useful feature, hopefully we can see it on master at some point.
Cheers!https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5064PHP-FCGI does not work when website client changes2018-06-28T07:30:25ZT0mcatPHP-FCGI does not work when website client changesWhen changing a websites client, the PHP-FCGI Wrapper script doesn't work because of suexec issues.
Cause: The group ownership of the dir holding the FCGI script (/var/www/php-fcgi-scripts/web...) wasn't changed to the new clients group ...When changing a websites client, the PHP-FCGI Wrapper script doesn't work because of suexec issues.
Cause: The group ownership of the dir holding the FCGI script (/var/www/php-fcgi-scripts/web...) wasn't changed to the new clients group (:client...). Changing it manually resolves the issue.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5086Show name of deleted item in delete confirmation dialog2018-07-20T17:41:57ZTill BrehmShow name of deleted item in delete confirmation dialogShow name of deleted item in delete confirmation dialogShow name of deleted item in delete confirmation dialogPlanned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5091show reseller in client template list2020-02-29T12:27:21ZFlorian Schaalshow reseller in client template listhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5103Missing 'Web server config' Snippets on subdomain Vhost2020-08-30T16:40:55ZDmitryMissing 'Web server config' Snippets on subdomain VhostI have 'Create subdomains as web site' and 'Create aliasdomains as web site' enabled.
For these (Vhost) websites a 'Web server config' dropdown is empty. It should contain my Snippets just like a regular Website.I have 'Create subdomains as web site' and 'Create aliasdomains as web site' enabled.
For these (Vhost) websites a 'Web server config' dropdown is empty. It should contain my Snippets just like a regular Website.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5106confusing configuration for imap-login process (dovecot)2020-02-29T16:51:35ZZakconfusing configuration for imap-login process (dovecot)## short description
The imap-login process get configured with the following settings:
`service imap-login {
client_limit = 1000
process_limit = 512
}`
Which could be read as 512 possible imap-login processes each (possibly) servi...## short description
The imap-login process get configured with the following settings:
`service imap-login {
client_limit = 1000
process_limit = 512
}`
Which could be read as 512 possible imap-login processes each (possibly) serving 1000 clients simultaneously.
Dovecot runs in "High security mode" by default and without explicitly setting service_count to 0 (unlimited/high performance mode) the client_limit directive is (afaik) of no use here - only one user is served per process anyway.
## proposed fix
Omitting client_limit at all or setting it to 1 would make it clear, that only one client per process can be served.
## environment
Server OS: all
Server OS version: all
ISPConfig version: (3.1.13 and below)
## references
https://wiki2.dovecot.org/LoginProcess
(superb project - love it!)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5114MySQL on another host (monitoring and update issue)2019-07-04T16:56:08ZRenat ShaimardanovMySQL on another host (monitoring and update issue)## short description
I have percona cluster installed and ISPconfig conneected to it throught HAProxy.
So I've used socket and host to connect to it.
But in this case:
1. service monitoring showing error - MySQL is nit running
2. Update...## short description
I have percona cluster installed and ISPconfig conneected to it throught HAProxy.
So I've used socket and host to connect to it.
But in this case:
1. service monitoring showing error - MySQL is nit running
2. Update to next version not working properly
## environment
Server OS: (debian)
Server OS version: (stretch)
ISPConfig version: (3.1.12/3.1.13)
## proposed fix
I've attached patch to fix this
for server/lib/classes/monitor_tools.inc.php[monitor_tools.inc.php.diff](/uploads/fce4780c1c46e9f3da98451c433de96c/monitor_tools.inc.php.diff)
and for install/update.php[update.php.diff](/uploads/d683967563395dccce212f59eae3d4c7/update.php.diff)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5118Site backup - cannot input all wildcard characters into Excluded Directories2020-03-21T08:05:39ZMartin KokešSite backup - cannot input all wildcard characters into Excluded Directories## short description
Cannot input wildcard like
web/wp-content/uploads/20[0-2][0-9]/[0-1][1-9]/*-[1-9][0-9]*x[1-9][0-9]*.[jp]*g
into Excluded Directories
Error message is: The excluded directories contain invalid characters.
## correct...## short description
Cannot input wildcard like
web/wp-content/uploads/20[0-2][0-9]/[0-1][1-9]/*-[1-9][0-9]*x[1-9][0-9]*.[jp]*g
into Excluded Directories
Error message is: The excluded directories contain invalid characters.
## correct behaviour
allow input all unix wildcards
## environment
ISPConfig version: (3.1.12)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5121Letsencrypt Info in Panel about Cert expire2021-01-21T09:40:52ZAlexLetsencrypt Info in Panel about Cert expireI think its good when Admin can see the the date of expire a cert and next Option become to create new cert for the web if I want.I think its good when Admin can see the the date of expire a cert and next Option become to create new cert for the web if I want.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5124sieve filter files content order / sieve filter management issue2022-08-30T14:17:24ZG.sieve filter files content order / sieve filter management issue### Issue:
adding new mail filters through remote user (or presumably directly in ispconfig cp, however we didn't test the latter yet) puts the new filter at the top of the users' sieve script.
Same happens regarding activating the auto...### Issue:
adding new mail filters through remote user (or presumably directly in ispconfig cp, however we didn't test the latter yet) puts the new filter at the top of the users' sieve script.
Same happens regarding activating the automatic "move spam to junk folder" filter.
Unfortunately sieve requires all *require* statements at the top of the file.
When using a custom filter with a *require* statement (in our case it's ***require "envelope";*** ), current behaviour leads to the sieve compiler failing, hence disabling all filters.
### Solution proposal:
Add new filter snippets behind the custom filter content or at the end of the sieve file instead, keeping the custom filter content at the top right behind the default require statement.
Alternate solution proposal:
Make initial require statement editable
That way one could add more complicated custom rules and keep the user able to add standard filters without breaking mail filtering.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5125Web server config and nginx Directives not working together2023-01-29T21:01:33ZSamWeb server config and nginx Directives not working togetherIf '*Web server config*' is selected, then '*nginx Directives*' are not added to nginx site config, although they are accepted in Options tab.
It would useful if they are both working together - ie. when I want to have some global confi...If '*Web server config*' is selected, then '*nginx Directives*' are not added to nginx site config, although they are accepted in Options tab.
It would useful if they are both working together - ie. when I want to have some global config like Wordpress for test and production domain, but I want to have HSTS enabled only on production and X-Robots-Tag only on testing. This is not possible now, without having 3 separate configs.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5126Remove HHVM PHP-Mode2020-10-06T11:19:44ZTill BrehmRemove HHVM PHP-ModeThe HHVM developers announced to drop PHP support in HHVM. ISPConfig currently offers HHVM as PHP runtime option, this does not make much sense anymore when HHVM stops supporting PHP code, so we should remove the HHVM PHP mode option in ...The HHVM developers announced to drop PHP support in HHVM. ISPConfig currently offers HHVM as PHP runtime option, this does not make much sense anymore when HHVM stops supporting PHP code, so we should remove the HHVM PHP mode option in ISPConfig.
HHVM as PHP mode option was introduced in ISPConfig at a time where HHVM was able to process PHP mode much faster than php 5.x. With PHP 7.x, PHP speed from Zend PHP engine got much faster, so there is no real need for an HHVM PHP moe anymore.
HHVM Team announcement.
https://hhvm.com/blog/2018/09/12/end-of-php-support-future-of-hack.html3.3https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5132Implement Migration mode in DNSSEC plugin2020-07-23T14:12:41ZTill BrehmImplement Migration mode in DNSSEC pluginImplement Migration mode in DNSSEC plugin to avoid that new DNSSEC keys get generated during server migrations.Implement Migration mode in DNSSEC plugin to avoid that new DNSSEC keys get generated during server migrations.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5136E-mail login with alias domain change2020-08-14T14:11:40ZLucas SchatzE-mail login with alias domain changeMay I suggest a option to allow mail users to authenticate using a domain alias too?
So this way, if you have original domain "domain1.com", and a e-mail alias "domain2.com", the users can optionally send e-mails from "domain2.com"
Cha...May I suggest a option to allow mail users to authenticate using a domain alias too?
So this way, if you have original domain "domain1.com", and a e-mail alias "domain2.com", the users can optionally send e-mails from "domain2.com"
Changes suggested in /etc/dovecot-sql.conf:
(it's necessary to add a option in ISPConfig configuration to enable or not!)
```
user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE (login = '%u' OR email = CONCAT ( SUBSTRING_INDEX('%u', '@', 1), (select mail_forwarding.destination FROM mail_forwarding where source = CONCAT ('@', SUBSTRING_INDEX('%u', '@', -1))))) AND `disable%Ls` = 'n' AND server_id = '1'
password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve FROM mail_user WHERE (login = '%u' OR email = CONCAT ( SUBSTRING_INDEX('%u', '@', 1), (select mail_forwarding.destination FROM mail_forwarding where source = CONCAT ('@', SUBSTRING_INDEX('%u', '@', -1))))) AND `disable%Ls` = 'n' AND server_id = '1'
```
Thanks!https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5143sites without https give someone else's content.2020-09-01T19:33:17ZViktorsites without https give someone else's content.If at least one site creates https keys, then all other sites that do not have https begin to give https content to the site where the keys are registered.
HTTP connection is different from HTTPS since HTTP referer is sent after connecti...If at least one site creates https keys, then all other sites that do not have https begin to give https content to the site where the keys are registered.
HTTP connection is different from HTTPS since HTTP referer is sent after connection.
Wherein
HTTP referer is not readable, but by taking the nearest keys, it is the nearest! Those that will be closer alphabetically!
## correct behaviour
Create at least 1 sites with https
environment in any versions of ispconfig!
## proposed fix
`ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/1.conf`
Partial solution of the problem, put the first 1.conf file, since it goes first and when there are no keys, it comes across first, you understand this crooked solution.
The right decision is to create https keys for each site by default, and if the parela is disabled, https then document root "/var/www/html/ssl"
if SSL is enabled, then change document roots to real.
There is no other way!
In any case, the site will be accessible via https!
Or refuse to listen *: 443 obsalyutno in all files, and do dynamic or ports or IP but this is even less preferred option.
![v](/uploads/a724a6d36ca60268550391c81c59235c/v.png)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5145remote api for clients2023-08-07T11:14:28ZJesse Norellremote api for clientsThe remote api should be able to support clients, so they can manage their own dns zone (via acme.sh IPSConfig plugin), email accounts, etc.
As for the implementation, perhaps allow specifying a client for each Remote User (optional), a...The remote api should be able to support clients, so they can manage their own dns zone (via acme.sh IPSConfig plugin), email accounts, etc.
As for the implementation, perhaps allow specifying a client for each Remote User (optional), and do permission checks/query where clauses/etc. as needed.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5151Add hostname check in ispconfig installer to avoid amavis problems2018-10-11T11:51:10ZTill BrehmAdd hostname check in ispconfig installer to avoid amavis problemsMany users are not configuring their hostname correctly which later causes amavis to fail. The installer should show an error when:
hostname = hostname -f plus the result contains no dot.
hostname means the result from hostname command...Many users are not configuring their hostname correctly which later causes amavis to fail. The installer should show an error when:
hostname = hostname -f plus the result contains no dot.
hostname means the result from hostname command here.3.3https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5157Small UI glitch with "Read-only database user" field2020-08-20T20:21:15ZChris GrahamSmall UI glitch with "Read-only database user" fieldIf I'm adding a new database, if I click once to expand the "Read-only database user" drop-down (out of curiosity), and once again to contract, it goes from being a blank default to pre-selecting the first in the list.
Firefox 62.0.3 Mac...If I'm adding a new database, if I click once to expand the "Read-only database user" drop-down (out of curiosity), and once again to contract, it goes from being a blank default to pre-selecting the first in the list.
Firefox 62.0.3 Mac. Also latest Chrome.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5160going to DNS records always add an action2022-12-07T07:57:10Zlaulaugoing to DNS records always add an action## short description
when viewing a DNS zone, not making any modification, switching to the record tab always add an action for ISPConfig cron.
## correct behaviour
if no modification was made, don't add any action
## environment
Serve...## short description
when viewing a DNS zone, not making any modification, switching to the record tab always add an action for ISPConfig cron.
## correct behaviour
if no modification was made, don't add any action
## environment
Server OS: ubuntu
Server OS version: 16.04
ISPConfig version: 3.1.13https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5170SRV record default weight (and port?)2020-03-01T21:19:23ZJesse NorellSRV record default weight (and port?)If a SRV dns record is created without a weight set it should default to 0, or print an error, rather than creating an invalid record. Similarly with the port number it should at least print an error, or default to 0 so the dns record i...If a SRV dns record is created without a weight set it should default to 0, or print an error, rather than creating an invalid record. Similarly with the port number it should at least print an error, or default to 0 so the dns record isn't invalid.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5171software raid status not showing2020-09-25T22:23:37ZIgnacio Garciasoftware raid status not showing## short description
Server has linux sofware traid aka mdraid with 2 volumes but ispconfig shows "No controller found. Make sure appropriate AMCC/3ware device driver(s) are loaded"
## correct behaviour
It should detect software raid en...## short description
Server has linux sofware traid aka mdraid with 2 volumes but ispconfig shows "No controller found. Make sure appropriate AMCC/3ware device driver(s) are loaded"
## correct behaviour
It should detect software raid environment
## environment
Server OS: debian
Server OS version: 9.5
ISPConfig version: 3.1.13
```
root@s0:~# cat /proc/mdstat
Personalities : [linear] [raid0] [raid1] [raid10] [raid6] [raid5] [raid4] [multipath] [faulty]
md2 : active raid1 sdb2[1] sda2[0]
51198912 blocks [2/2] [UU]
md3 : active raid1 sdb3[1] sda3[0]
1885533120 blocks [2/2] [UU]
bitmap: 1/15 pages [4KB], 65536KB chunk
```https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5172Feature Request: Create only new certificate request2018-11-01T18:41:00ZRaffael LuthigerFeature Request: Create only new certificate requestI have a domain where we already have a certificate (and private key). Now I would like to create a new request without changing the key and without changing the certificate and bundle.
For this I would like to have a new "SSL action" w...I have a domain where we already have a certificate (and private key). Now I would like to create a new request without changing the key and without changing the certificate and bundle.
For this I would like to have a new "SSL action" with the name "Create certificate request" which will then only generate a new request.Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5174DNS remoting API doesn't increment SOA serial when $update_serial=true is set2020-08-28T16:46:57ZkobukiDNS remoting API doesn't increment SOA serial when $update_serial=true is setThe DNS remoting API doesn't increment the serial number in the SOA record when `$update_serial=true` is set with a call. It needs to be manually updated in another update call to the SOA record. If it's not done, it can seriously hinder...The DNS remoting API doesn't increment the serial number in the SOA record when `$update_serial=true` is set with a call. It needs to be manually updated in another update call to the SOA record. If it's not done, it can seriously hinder downstream caching servers and slave updates.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/504Proftpd support2023-12-03T20:53:58ZPaoloProftpd supportI'm using ispconfig 3 with proftpd (instead of pure-ftp).
To support it i make the following small hack:
1 - in table ftp_user added two int column nguid and nuid to store numeric uid/gid corresponding to existing uid/gid (user and grou...I'm using ispconfig 3 with proftpd (instead of pure-ftp).
To support it i make the following small hack:
1 - in table ftp_user added two int column nguid and nuid to store numeric uid/gid corresponding to existing uid/gid (user and group names). I set this fields manually when create a new ftp account (but could be done by a script)
2 - in /etc/proftpd.conf make the very simple config:
<IfModule mod_sql.c>
SQLAuthTypes Crypt
SQLAuthenticate users*
SQLConnectInfo db-ispconfig@127.0.0.1 ispconfig <password>
SQLUserInfo ftp_user username password nuid ngid dir '/bin/false'
SQLUserWhereClause "active = 'y' AND server_id = '1'"
#SQLLog PASS login
#SQLLogFile /var/log/proftpd/mod_sql.log
</IfModule>
You could also track connections count, ul/dl traffic, limit ul/dl rate, etc.
IMHO is a very good idea to store nuid/ngid in table web_domain (corresponding to system_user/system_group) when a new web/user is created: is a very usefull info!
This nuid/ngid can then be copied in table ftp_user when a new ftp account is created/edited.Horst FickelHorst Fickelhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5179Password reset emails not sent using smtp and admin email2020-09-30T12:27:48ZAndreas SpeckPassword reset emails not sent using smtp and admin emailWhen someone requests a password reset, the sent email does not have a from header.
We have configured an admin email via the ISPConfig admin UI, and also I tried to set:
$conf['mail']['admin_mail'] = 'mail@example.com';
$conf['mail'][...When someone requests a password reset, the sent email does not have a from header.
We have configured an admin email via the ISPConfig admin UI, and also I tried to set:
$conf['mail']['admin_mail'] = 'mail@example.com';
$conf['mail']['admin_name'] = 'My Name';
/usr/local/ispconfig/interface/lib/config.inc.local.php
Nevertheless, the emails sent via ISPConfig lack a from header, and the return-path is ispconfig@example.com (using hostname of the server).
The originating script is:
X-PHP-Originating-Script: 1003:ispcmail.inc.php
The message ID actually uses the domain used for the ISPConfig instance:
Message-ID: <pia6rn.g1ni57@controlpaneldomain.com>
Via the admin UI we configured to send emails using smtp, but this does not seem to be honoured.
What config am I missing or what is going wrong here.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5180PHP-FPM might fail to reload config when multiple sites are removed at once2022-02-26T21:12:43ZTill BrehmPHP-FPM might fail to reload config when multiple sites are removed at oncehttps://www.howtoforge.com/community/threads/php-fpm-crashing-when-deleting-multiple-sites-at-once.80635/https://www.howtoforge.com/community/threads/php-fpm-crashing-when-deleting-multiple-sites-at-once.80635/https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5193Add Chroot checkbox in cronjob settings2019-07-04T13:33:03ZTill BrehmAdd Chroot checkbox in cronjob settingsCurrently, the chroot type is set in client settings and the chroot type is applied when the cronjob is created. There is no option to turn off chrooting for an existing cronjob yet.Currently, the chroot type is set in client settings and the chroot type is applied when the cronjob is created. There is no option to turn off chrooting for an existing cronjob yet.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5198Convert tform events from client domain edit to plugin2020-08-28T16:38:12ZHelmoConvert tform events from client domain edit to pluginWhile working on the domains_domain_update api function in !845 I noticed that events didn't trigger like when updating a client domain via the webUI.
@tbrehm mentioned:
> tform actions are not executed by the api. The api executes plug...While working on the domains_domain_update api function in !845 I noticed that events didn't trigger like when updating a client domain via the webUI.
@tbrehm mentioned:
> tform actions are not executed by the api. The api executes plugins but this code was written before the interface plugins were introduced in ispconfig. So basically the code needs to be migrated to a plugin. But we will have to be careful to not break existing API applications which do the changes on their own.
Another related issue:
- #3997 - maildeliver plugin
the code in onAfterUpdate() in interface/web/client/domain_edit.php would have to go to I guess a new file interface/lib/plugins/client_domain_plugin.inc.php
An example for the structure could be in ./interface/lib/plugins/mail_mail_domain_plugin.inc.phphttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/2677Reseller Limit Usage Report2020-07-31T07:15:31ZMichael FürmannReseller Limit Usage ReportThis is a high priority task for me because I shortly had a reseller that messed up my servers
4 Suggestions for Resellers:
- Compairson of defined limits with assigned ressources and actual limits
- Overview of this compairson on r...This is a high priority task for me because I shortly had a reseller that messed up my servers
4 Suggestions for Resellers:
- Compairson of defined limits with assigned ressources and actual limits
- Overview of this compairson on resellers dashboard
- Mail Notifications for exceeded limits
- Lock Resellers on set limits
The customers of my resellers get their invoices from my resellers.
So I only write an invoice to my resellers for the limits I set in the reseller account.
Because there is no overview of assigned / used ressources by reseller I have to trust my resellers not to assign more ressources to their customers than they paid for.
Would be great to have a third tab on reseller form to compare the limits with assigned ressources and actual usage of ressources.
The reseller should also have a compairson of these data on his dashboard.
It would also be great to send an E-Mail notification to the reseller and the admin if the used ressources hit defined marks. Maybe the marks could be configurable in system settings. I'd suggest 75%, 90%, 100%
My last suggestion is an option in resellers profile to lock the reseller to the set limits.
So the reseller can't assign more ressources that set in the limits.Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/2663Add a terminal console in admin-panel2020-10-07T07:02:29ZAlois SchickelAdd a terminal console in admin-panelPlease add a terminal like shell-in-a-box in admin panel.
If something went wrong with the server and the admin did not have a shell, this feature would help to manage the server.Please add a terminal like shell-in-a-box in admin panel.
If something went wrong with the server and the admin did not have a shell, this feature would help to manage the server.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/2658Enable relay recipient list for clients when transports are allowed2021-08-19T16:22:12ZTill BrehmEnable relay recipient list for clients when transports are allowedEnable relay recipient list for clients when transports are allowed and add a limit in client limits for relay recipients.Enable relay recipient list for clients when transports are allowed and add a limit in client limits for relay recipients.Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/2632restore website permissions function2020-09-25T09:51:23Zhelptecrestore website permissions functionIn version 3.0.4.6, each website configuration update do a restore of website files permissions and ownership to the original scheme.
In version 3.0.5.x it have been misused probably to get access to sensitive files under some circumst...In version 3.0.4.6, each website configuration update do a restore of website files permissions and ownership to the original scheme.
In version 3.0.5.x it have been misused probably to get access to sensitive files under some circumstances
Now in case something goes wrong with permissions will be useful to have a "restore website permissions" function in admin panel that could be runned once.Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/1991Add daemon service ISPCONFIG 32020-12-31T20:07:56ZNilton OSAdd daemon service ISPCONFIG 3Hi Falko,
crontab -l
```
* * * * * /usr/local/ispconfig/server/server.sh &> /dev/null
```
I checked the daemon ISPConfig runs on cron, but cron only runs every one minute, it takes too long to change the configs of the hosts.
You cou...Hi Falko,
crontab -l
```
* * * * * /usr/local/ispconfig/server/server.sh &> /dev/null
```
I checked the daemon ISPConfig runs on cron, but cron only runs every one minute, it takes too long to change the configs of the hosts.
You could not put a single daemon in perl done to reduce this time to 20 seconds, here's the script to be placed in /etc/init.d/boot.local
Add script in /etc/init.d/boot.local
`/usr/local/ispconfig/server/start_server.pl --start`
```
/usr/local/ispconfig/server/start_server.pl --start (Start)
/usr/local/ispconfig/server/start_server.pl --stop (Stop)
```
script:
/usr/local/ispconfig/server/start_server.pl
```perl
#!/usr/bin/perl
use Getopt::Long;
use POSIX qw(setsid);
my $start_daemon = 0;
my $stop_daemon = 0;
GetOptions ('start' => \$start_daemon, 'stop' => \$stop_daemon ) or ( &help );
my $work_dir = '/usr/local/ispconfig/server/';
my $child_STDOUT = '/var/log/ispconfig/ispdaemon.log';
my $pid_file = '/var/run/ispdaemon.pid';
my $exec_command = '/usr/bin/php -q /usr/local/ispconfig/server/server.php';
if($start_daemon){
my $PID = &daemonize();
open PID, ">$pid_file" or die "Can't write to $pid_file: $!";
print PID "$PID\n"; close PID;
while (1) {
print "Start Daemon ispconfig\n";
`$exec_command`;
sleep(20);
}
}
if($stop_daemon){
if(-e $child_STDOUT){
unlink $child_STDOUT;
}
if (-e $pid_file){
chomp(my $pid2 = `cat $pid_file`);
`kill -9 $pid2`;
unlink $pid_file;
}
}
sub daemonize {
chdir $work_dir or die "Can't chdir to $work_dir : $!";
umask 0;
open STDIN, '/dev/null' or die "Can't read /dev/null: $!";
#All print statments will now be sent to our log file
open STDOUT, ">>$child_STDOUT" or die "Can't write to $child_STDOUT: $!";
#All error messages will now be sent to our log file
open STDERR, ">>$child_STDOUT" or die "Can't write to $child_STDOUT: $!";
defined(my $pid = fork) or die "Can't fork: $!";
exit if $pid;
setsid() or die "Can't start a new session: $!";
my $PROC = $$;
return $PROC;
}
sub help {
print "Usage $0 --start => start daemon ispconfig\n";
print "Usage $0 --stop => stop daemon ispconfig\n";
}
```https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/1983Change confrmation2018-12-15T18:11:29ZMichaelChange confrmationChange the confirmation question when deleting an entry from
"Do you really want to delete this record?" to
"Do you really want to delete the record <NAME_OF_RECORD>"?
Then it is possible to check again if the right record is se...Change the confirmation question when deleting an entry from
"Do you really want to delete this record?" to
"Do you really want to delete the record <NAME_OF_RECORD>"?
Then it is possible to check again if the right record is selected for deletion.
42mPlanned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/1586Use /etc/skel when creating a new user2023-12-03T20:57:50ZJyri-Petteri PaloposkiUse /etc/skel when creating a new userAttached is a patch to use /etc/skel when creating a new shell user. This is useful for example sharing the same SSH key for hg authentication on a dev server.
It's a suboptimal way to do this (the proper way would be to use the -k opti...Attached is a patch to use /etc/skel when creating a new shell user. This is useful for example sharing the same SSH key for hg authentication on a dev server.
It's a suboptimal way to do this (the proper way would be to use the -k option of useradd, but that's not possible since the same routine isn't creating the directory), but at least it works :)
Index: server/plugins-available/shelluser_base_plugin.inc.php
===================================================================
--- server/plugins-available/shelluser_base_plugin.inc.php (revision 2470)
+++ server/plugins-available/shelluser_base_plugin.inc.php (working copy)
@@ -88,7 +88,11 @@
exec($command);
$app->log("Executed command: ".$command,LOGLEVEL_DEBUG);
$app->log("Added shelluser: ".$data['new']['username'],LOGLEVEL_DEBUG);
-
+
+ $command = 'cp -R -n /etc/skel/. ' . escapeshellcmd($data['new']['dir']);
+ exec($command);
+ $app->log("Executed command: ".$command,LOGLEVEL_DEBUG);
+
// call the ssh-rsa update function
$app->uses("getconf");
$this->data = $data;https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/1465Removing a spamfilter policy in use should be blocked by gui2020-10-22T10:58:54ZbajodelRemoving a spamfilter policy in use should be blocked by guiRemoving a spamfilter policy in use should be blocked by guiRemoving a spamfilter policy in use should be blocked by guihttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/1462Replicate only selected columns from client table2020-07-21T08:26:15ZTill BrehmReplicate only selected columns from client tableReplicate only selected columns from client table to slave servers.Replicate only selected columns from client table to slave servers.Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/1353Domain & Client-Change2022-03-23T16:24:00ZGabriel K.Domain & Client-ChangeI noticed that there is needed several manual attention when updating a site-owner using ispConfig, as most of the configuration will not be updated with correct path-values.
So f.e. If you have a site "test.com" in ispConfig created fo...I noticed that there is needed several manual attention when updating a site-owner using ispConfig, as most of the configuration will not be updated with correct path-values.
So f.e. If you have a site "test.com" in ispConfig created for Client "Client1" and Web-User "web2" the whole configuration (incl. open_basedir) will be hard-configured for that site-record by copying the default-values of "system->server config -> web -> open_basedir values".
If you need to do an owner-change (f.e. mistake on creation) will mismatch all these values as all path are corrupt and owner-info in filesystem are wrong. Manual attention is needed while checking the vhost-config (apache), site-records open_basedir path's and of course correcting the user-info for the web-root (chown webx:clientx).
Why is there no automation? I think such an operation should be possible more comfortable. An owner change should correct all path values (vhost; open_basedir) and user-info in filesystem. For values such open_basedir I think it would be recommended to search/replace the old values/new values to keep user-added values untouched. This could be done by re-creating those values from "server-config -> web -> open_basedir", split the path values and do an search/replace on them with the new client-info.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/1284Build a script for amavisd bayes database training2020-06-03T11:25:49ZTill BrehmBuild a script for amavisd bayes database trainingsu amavis -c 'sa-learn --spam < spam_message'su amavis -c 'sa-learn --spam < spam_message'Planned featureshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/482data migration in multiserver environment2024-01-02T15:41:27ZGal Bukidata migration in multiserver environmentThe possibility to move webs, db, email accounts, etc from one server to another.
E.g. If you have several websites on one server and a customer wants to have his site on a more powerful machine to for example to heavy streaming. The pa...The possibility to move webs, db, email accounts, etc from one server to another.
E.g. If you have several websites on one server and a customer wants to have his site on a more powerful machine to for example to heavy streaming. The page would be moved from within ISPConfig from one server to another.
Same for DB or Email accounts.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4276Add support for MLMMJ Mailinglist manager2020-09-07T19:27:16ZTill BrehmAdd support for MLMMJ Mailinglist managerAdd support for MLMMJ Mailinglist manager.Add support for MLMMJ Mailinglist manager.3.3https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5207Update bundled jquery library2019-08-28T15:25:15ZTill BrehmUpdate bundled jquery libraryUpdate bundled jquery libraryUpdate bundled jquery library3.3https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5211API client_delete_everything2020-08-28T16:35:56ZJoseph AbdiAPI client_delete_everythingThe client_delete_everything API command doesn't delete the respective client's **Protected Folders** and **Protected Folder Users**The client_delete_everything API command doesn't delete the respective client's **Protected Folders** and **Protected Folder Users**https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5224InnoDB support2020-03-01T21:47:45ZjosiahInnoDB supportwill ispconfig 3.2 mysql tables support InnoDB? that would be great for galera cluster, i already using it but get a error when updating ispconfig at the moment.will ispconfig 3.2 mysql tables support InnoDB? that would be great for galera cluster, i already using it but get a error when updating ispconfig at the moment.3.3https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5226Add option to remove Let's Encrypt certs when site gets deleted.2023-10-27T14:51:22ZTill BrehmAdd option to remove Let's Encrypt certs when site gets deleted.https://www.howtoforge.com/community/threads/removing-site-does-not-remove-it-from-certbot.81143/https://www.howtoforge.com/community/threads/removing-site-does-not-remove-it-from-certbot.81143/3.2.12ThomThomhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5232Sieve filter when "ends with" is not user friendly2019-06-21T08:11:38ZSteffen NielsenSieve filter when "ends with" is not user friendlyWhen you choose to create a mailfilter under the mailbox within ISPconfig with the settings "From" and "Ends with". The user will most likely fill in for example ".com" which gives the following if in sieve:
`if header :regex ["from"...When you choose to create a mailfilter under the mailbox within ISPconfig with the settings "From" and "Ends with". The user will most likely fill in for example ".com" which gives the following if in sieve:
`if header :regex ["from"] [".*\.com$"]`
This will unfornately not trigger on emails from .com-addresses because sieve sees them as ".com>". The following if would trigger instead.
`if header :regex ["from"] [".*\.com\>$"]`
If this can be confirmed by others. Is it possible to make ISPconfig automatically appending ">" when users are choosing filters with "Ends with"? Most likely "Begins with" must be adjusted too.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5240Subdomains changed when try to change webside-domain without permission2019-02-11T17:12:54ZWHOSubdomains changed when try to change webside-domain without permission## short description
https://www.howtoforge.com/community/threads/subdomain-changed-but-not-the-webside-domain.81293/
If a user try to change the website-domain without permission the domain of the subdomains will changed.
The website-d...## short description
https://www.howtoforge.com/community/threads/subdomain-changed-but-not-the-webside-domain.81293/
If a user try to change the website-domain without permission the domain of the subdomains will changed.
The website-domain is still the old but the subdomains are changed.
** Same problem on your demo.
## correct behaviour
If the user has no permission to change the website-domain the subdomains should not changed too.
## environment
Server OS: debian
Server OS version: stretch
ISPConfig version: 3.1.13
Server version: Apache/2.4.25 (Debian)
Server built: 2018-11-03T18:46:19
PHP 7.3.2-1+0~20190207180136.30+stretch~1.gbp501c1c (cli) (built: Feb 7 2019 18:01:37) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.3.2, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.3.2-1+0~20190207180136.30+stretch~1.gbp501c1c, Copyright (c) 1999-2018, by Zend Technologieshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5243(minor, visual) Backslashes not shown in RegEx preview2020-03-01T21:50:01ZTjeerd(minor, visual) Backslashes not shown in RegEx previewHeya! First of all, thanks for developing ISPconfig! I encountered a minor visual bug in the overview of the "Postfix Header and Body Checks", where backslashes in regular expressions don't show up. If you go to the entry itself it does ...Heya! First of all, thanks for developing ISPconfig! I encountered a minor visual bug in the overview of the "Postfix Header and Body Checks", where backslashes in regular expressions don't show up. If you go to the entry itself it does show them, so I assume everything works as intended.
![regex](/uploads/ed97245346d19afc6fb023d61e5d8d3a/regex.png)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5244DKIM issue on internally-generated bounce messages2020-03-23T22:05:41ZZironda SrlDKIM issue on internally-generated bounce messagesHi, we have noticed a issue on DKIM internally-generated bounce messages.
If a our user have a overquota mailbox the bounce message is not DKIM signed although this is configurated.
For example : user over quota example@example.com, buo...Hi, we have noticed a issue on DKIM internally-generated bounce messages.
If a our user have a overquota mailbox the bounce message is not DKIM signed although this is configurated.
For example : user over quota example@example.com, buone message from support@hostingtek.it (on this domain DKIM is correctly configurated), the bounce message is not DKIM signed. We attach sample emails
We have a standard multiserver ispconfig setup
[example.eml](/uploads/cfb8a2293bdb94a198164877507421fa/example.eml)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5245ErrorDocument + HTTP error can cause: Request exceeded the limit of 10 intern...2020-03-01T21:51:22ZdoekiaErrorDocument + HTTP error can cause: Request exceeded the limit of 10 internal redirects## short description
Error: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.
When using er...## short description
Error: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.
When using error document and redirect/deny with fail 4xx / 5xx
## example
The error document is activated for the vhost
In .htaccess:
```
RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^([0-9]{1,3})\.
RewriteCond %{DOCUMENT_ROOT}/block/%1/%{REMOTE_ADDR}.txt -f
RewriteRule . - [F,L]
```
## correct behaviour
Should return the error document
## environment
Server OS: any
Server OS version: any
ISPConfig version: all version (3.1.13)
## proposed fix
When the error document is activated, it should exists a rewrite rule that lead to error document prior any processing.
```
Alias /error/ "/var/www/domain.tld/web/error/"
ErrorDocument 400 /error/400.html
ErrorDocument 401 /error/401.html
ErrorDocument 403 /error/403.html
ErrorDocument 404 /error/404.html
ErrorDocument 405 /error/405.html
ErrorDocument 500 /error/500.html
ErrorDocument 502 /error/502.html
ErrorDocument 503 /error/503.html
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^/error/ - [L]
</IfModule>
```
==> server/conf/vhost.conf.master (line 55)
```
<tmpl_if name='errordocs'>
Alias /error/ "<tmpl_var name='web_document_root_www'>/error/"
ErrorDocument 400 /error/400.html
ErrorDocument 401 /error/401.html
ErrorDocument 403 /error/403.html
ErrorDocument 404 /error/404.html
ErrorDocument 405 /error/405.html
ErrorDocument 500 /error/500.html
ErrorDocument 502 /error/502.html
ErrorDocument 503 /error/503.html
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^/error/ - [L]
</IfModule>
</tmpl_if>
```https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5256function to create special subdirectories2019-02-26T18:29:10ZKnut Krügerfunction to create special subdirectoriesThere a different console tools to create websites (and maybe other for other purposes ) which are requesting write access to (hidden) directories at webfolder level ( /var/www/clients/clientX/webXYZ/ )
It would be helpful to have the ...There a different console tools to create websites (and maybe other for other purposes ) which are requesting write access to (hidden) directories at webfolder level ( /var/www/clients/clientX/webXYZ/ )
It would be helpful to have the possibility to create (also hidden) subdirectories at the webfolder level.
Example: to use composer with Drupal and sudo -su webxyz composer ... (composer without root user = security issue) you need /var/www/clients/clientX/webXYZ/.composer and subdirectories
The workaround just now is, to create a subdomain (VHOST) with Web folder .composerhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5263Vacation autoreply to ALIAS on same server2020-06-02T21:54:19ZAndreas SpeckVacation autoreply to ALIAS on same server## short description
We have several virtual mail domains on the same server, and some users have configured aliases for their mail addresses. This all works fine.
The problem is related to vacation autoreply, and ONLY in the following c...## short description
We have several virtual mail domains on the same server, and some users have configured aliases for their mail addresses. This all works fine.
The problem is related to vacation autoreply, and ONLY in the following case:
1. A user on our server has enabled autoreply
2. A different user on our server emails to the first user from an alias (not their real mailbox).
In this case the autoreply is triggered via sieve, but then dovecot does not deliver it. The log is the following:
Mar 5 08:53:20 platano dovecot: lda(email1@domaim1.com): sieve: msgid=<d2e92074-a11a-7627-7633-8d560425435a@netuxo.coop>: sent vacation response to <emailalias2@domain2.com>
Mar 5 08:53:20 platano postfix/pipe12074: DB02811C447F: to=<emailalias2@domain2.com>, relay=dovecot, delay=0.05, delays=0.03/0.01/0/0.02, dsn=5.1.1, status=bounced (user unknown)
I tracked it down to the following SQL in /etc/dovecot/dovecot-sql.conf:
user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '6'
As relay is via dovecot, and this SQL query does not check for aliases, the user is unknown (as it is an alias).
## correct behaviour
Either we should use a different relay, or dovecot should know what to do and expand the alias.
## environment
Server OS: (debian)
Server OS version: (stretch)
ISPConfig version: (3.1.x)
_you can use `grep 'ISPC_APP_VERSION' /usr/local/ispconfig/server/lib/config.inc.php` to get it from the command line_
## proposed fix
I went down the second route (dovdcot) and changed the SQL to:
user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user LEFT OUTER JOIN mail_forwarding ON mail_user.email = mail_forwarding.destination WHERE (login = '%u' OR email = '%u' OR (mail_forwarding.source = '%u' AND mail_forwarding.server_id = '6' AND mail_forwarding.type = 'alias')) AND `disable%Ls` = 'n' AND mail_user.server_id = '6' GROUP BY email
This seems to do the trickhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5283Globalsearch depends on dashboard permission, but visible either way.2020-03-01T21:52:06ZHelmoGlobalsearch depends on dashboard permission, but visible either way.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5295Access Control List-support for dovecot2019-04-23T07:20:46ZMartinAccess Control List-support for dovecotIt would be nice, if ACLs for dovecot are supported out-of-the-box in ISPConfig.It would be nice, if ACLs for dovecot are supported out-of-the-box in ISPConfig.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5300Domain settings validation when adding new email domain2019-05-08T06:03:34ZGreg LadownyDomain settings validation when adding new email domainWhen adding new mail domain can ISPConfig perform some check if the domain is configured correctly, eg checking MX record for it and do not allow or warn if it's not set up correctly.
Some kind of validation of domain ownership would be...When adding new mail domain can ISPConfig perform some check if the domain is configured correctly, eg checking MX record for it and do not allow or warn if it's not set up correctly.
Some kind of validation of domain ownership would be usefull, eg.
- MX record pointing to specific server
- TXT record containing specific value
Server admin could decide whether to allow adding domains without these, warn or require DNS set up beforehand. I understand that sometimes people need to set up domain and mailboxes before switching the MX, but TXT record verification could be an option in this case.
Additionally it would be useful if there was a dashboard showing all mail domains configuration correctness for
MX record - saying eg. "your MX record is not not figured correctly, you will not be able to receive any email for domain here
SPF - if exists, has correct syntax and lists the IP of the server
DKiM public key - if exists for chosen selector, has correct syntax and contains the right public key
DMARC policy record -
Rationale
- People make typos or forget they have to configure DNS.
- Sometimes user adds a domain that belongs to someone else and as a result all email to that domain is treated as local by the server and therefore emails to it cannot be delivered from the server
- Grow knowledge about email authentication to reduce spam volumes and phishinghttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5301Description field for email aliases2019-05-08T06:01:29ZGreg LadownyDescription field for email aliasesOptional description field in "Email aliases" "Email Forward" and "Email Mailbox", so that a comment can be added describing the purpose of this alias/forward/mailbox eg. "this was created for subscribing to Whatever.com support , can be...Optional description field in "Email aliases" "Email Forward" and "Email Mailbox", so that a comment can be added describing the purpose of this alias/forward/mailbox eg. "this was created for subscribing to Whatever.com support , can be removed after ..." or "Temporary email account for testing ...., speak to .... to see if it's still needed"
VARCHAR(100) should be sufficient
Rationale
I'm adding a lot of custom aliases or accounts. When subscribing to unknown service I never give my normal email address, as they often keep spamming for years after I stop using them and very often sell their address databases. Before I started using ISPConfig I was adding comments into aliases file directly, with ISPConfig it's not possible as number of aliases grows they become difficult to manage.
Greghttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5304mimic logrotate dateext2019-05-13T16:09:17ZKoSmimic logrotate dateextAs ISPconfig is not using logrotate for the rotation of the logfiles in /var/log/ispconfig/http and uses the 1,2,3 naming schema, it is not possible to change that easily to a 'dateext' naming style. the benefit of dateext is that the fi...As ISPconfig is not using logrotate for the rotation of the logfiles in /var/log/ispconfig/http and uses the 1,2,3 naming schema, it is not possible to change that easily to a 'dateext' naming style. the benefit of dateext is that the files keep a consistent name and are not messing up the backups -> e.g. every day the data in mylog.1.gz "changes" because it gets replaced by the next new log file. With the dateext option mylog.20190512.gz always stays the way it is and will just get purged when it is old enough (or after X rotations).
It would be nice if ISPconfig would "mimic" the dateext functionality (or even use logrotate).https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5306Mail Backup Recovery to other Account2019-05-16T16:50:53ZAlexMail Backup Recovery to other AccountFeature Request Mail Recovery
Currently, the way for recovering an email mailbox is unsightly since the user can only recover to the current mailbox. A better solution who the user needs to create a recovery mailbox or Ispconfig 3 does...Feature Request Mail Recovery
Currently, the way for recovering an email mailbox is unsightly since the user can only recover to the current mailbox. A better solution who the user needs to create a recovery mailbox or Ispconfig 3 does this even during a recovery. Then the user would have the option to restore mailbox in Life Mail or in a mailbox recovery-Mailname@Domain.tld Mailboxhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5307Monitor HD Quota Invalid Files value2020-09-21T21:04:26ZBrianMonitor HD Quota Invalid Files value## short description
When "grace" value is not empty in user quota (repquota -au) like this:
`web314 +- 188604 81920 82944 6dnů 7938 0 0`
the incorrect "files" value is parsed by 100-monitor_hd_quota.inc.php.
## c...## short description
When "grace" value is not empty in user quota (repquota -au) like this:
`web314 +- 188604 81920 82944 6dnů 7938 0 0`
the incorrect "files" value is parsed by 100-monitor_hd_quota.inc.php.
## correct behaviour
Parse used files value.
## proposed fix
when the "grace" value is set in user quota this works:
```
$data['user'][$username]['files'] += $s[6];
```
but when the "grace" is not set works this correctly:
```
$data['user'][$username]['files'] += $s[5];
```
So, maybe add some condition to the 100-monitor_hd_quota.inc.php ?https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5308Allow to disable monitor crons2019-05-21T15:32:49ZGuillaume SubironAllow to disable monitor cronsI think we should be able to disable monitor crons. All of them at once, or one by one.
We are managing an ISPConfig server with 5 wordpress multisites hosting around 600 websites each. What it means is that we have 5 databases with aro...I think we should be able to disable monitor crons. All of them at once, or one by one.
We are managing an ISPConfig server with 5 wordpress multisites hosting around 600 websites each. What it means is that we have 5 databases with around 20000 tables each. It is working quite well, but it is quite unmanageable for the `monitor_database_size` cron, which calls some long queries.
```
# Time: 190520 12:00:18
# Query_time: 16.847866 Lock_time: 0.000098 Rows_sent: 1 Rows_examined: 15982
SELECT SUM(data_length+index_length) FROM information_schema.TABLES WHERE table_schema='db644287598';
# Time: 190520 12:00:30
# Query_time: 12.230618 Lock_time: 0.000131 Rows_sent: 1 Rows_examined: 11232
SELECT SUM(data_length+index_length) FROM information_schema.TABLES WHERE table_schema='db644287599';
# Time: 190520 12:00:45
# Query_time: 15.151571 Lock_time: 0.000167 Rows_sent: 1 Rows_examined: 14633
SELECT SUM(data_length+index_length) FROM information_schema.TABLES WHERE table_schema='db644287600';
# Time: 190520 12:01:05
# Query_time: 19.879997 Lock_time: 0.000296 Rows_sent: 1 Rows_examined: 19716
SELECT SUM(data_length+index_length) FROM information_schema.TABLES WHERE table_schema='db644287601';
```
You can see above that the request can take 10 to 20 seconds per database. Every 5 minutes…
In worst case, when we have some load, the cron takes more than 5 minutes, crons piles up and it gets worse and worse.
For now, my fix will be to remove `cron.d/100-monitor_database_size.inc.php`, but I think it would be nice to allow this from the ISPConfig webui. And I didn't check but I believe other crons can have significant impacts as well, for a functionnality that is not used by anybody. We have never used the monitor panel.
Thanks.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5310rfe: improve system php updates2020-02-03T18:01:11ZJesse Norellrfe: improve system php updatesUpon new installation, the installer detects correct system php version/settings for the OS and saves them in server config; when the system php is updated (eg. php5 -> php7), the installer does not subsequently detect the change and upd...Upon new installation, the installer detects correct system php version/settings for the OS and saves them in server config; when the system php is updated (eg. php5 -> php7), the installer does not subsequently detect the change and update server config. This change should be easy to detect and update settings correctly. Perhaps have a select list or checkbox PHP Settings to use system default or custom values (which would hide/show the custom fields when changed), and if the "use system defaults" setting is indicated, the installer can simply update the PHP Settings every time it is run, no need to track if the old values were previous defaults.
This issue derives from the discussion at https://www.howtoforge.com/community/threads/error_reporting-not-respected-in-custom-php-ini.82019/#post-388811https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5311PHP directives PHP_INI_SYSTEM not working for PHP-FPM2020-03-01T21:55:08ZJavier pasquinPHP directives PHP_INI_SYSTEM not working for PHP-FPM## short description
You can edit custom directives for php.ini on the ISPConfig Panel.
In php-fpm case when you declare a directive of type PHP_INI_SYSTEM it dosen't apply to system, because you have to edit in the php pool php.ini
The ...## short description
You can edit custom directives for php.ini on the ISPConfig Panel.
In php-fpm case when you declare a directive of type PHP_INI_SYSTEM it dosen't apply to system, because you have to edit in the php pool php.ini
The problem is when you create a phpinfo file.
You can see the value that you configured on the panel, but it's not applying correctly.
The value that is applying is the value on php.ini pool.
## correct behaviour
If you configure a directive type PHP_INI_SYSTEM on a php-fpm hosting, ISPConfig must detect it and not write to fpm conf.
In my case it is happening with 'disable_functions'
Maybe the easiest way for this issue is to create a new field like 'PHP open_basedir:' (PHP disable_functions:) and when is a php-fpm hosting show that is not configurable at least you configure on the general php.ini.
## environment
Server OS: debian
Server OS version: Stretch
ISPConfig version: 3.1.11https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5319Web server config not working for vHost Aliasdomain2020-08-30T16:40:55ZJanThielWeb server config not working for vHost Aliasdomain## short description
Web server configs (nginx / apache) cannot be selected when using vHost Aliasdomains. The dropdown is there but only contains the "-" entry. Using regular websites all expected Web Server Configs are there and select...## short description
Web server configs (nginx / apache) cannot be selected when using vHost Aliasdomains. The dropdown is there but only contains the "-" entry. Using regular websites all expected Web Server Configs are there and selectable.
Currently the nginx (didn't tested with apache) is used from the parent. But the PHP configs ("required php snippets" from the web server config) are not applied.
## correct behaviour
The dropdown should contain the configured Web Server Configs and also apply webserver AND php configs to the aliasdomains config files.
I believe this might be a regression, as I think it worked before.
## environment
Server OS: Centos
Server OS version: 7.6
ISPConfig version: 3.1.13p1
## screenshots
Aliasdomain (vHost) - Config missing:
![aliasdomain-vhost](/uploads/2c81de15d0f674ee77478c9e826ae693/aliasdomain-vhost.PNG)
Website / Web Domain - Configs available:
![website-webdomain](/uploads/12fb83f241fba86ba1e91da23ea8a661/website-webdomain.PNG)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5324Purge maildrop2020-10-02T16:09:20ZHelmoPurge maildropIn 5827252b7c9e76d18d1bc71cd478ab998cced52e @pixcept 'removed courier support'.
While working on mailfilters I was distracted by the variation between sieve and maildrop in the comments... where it seems that maildrop is no longer an op...In 5827252b7c9e76d18d1bc71cd478ab998cced52e @pixcept 'removed courier support'.
While working on mailfilters I was distracted by the variation between sieve and maildrop in the comments... where it seems that maildrop is no longer an option.
Lets clean up... It's mentioned in the files listed below. I'm preparing a pull request to update a few files I'm confident about. I'd appreciate some guidance, or commits, to get rid of the rest.
- [x] docs/under_development/CHROOTED_DEBIAN_5.0.txt
- [x] helper_scripts/gentoo_setup.sh
- [x] helper_scripts/debian_setup.sh
- [x] install/tpl/opensuse_postfix.conf.master
- [x] install/tpl/fedora_postfix.conf.master
- [x] install/tpl/gentoo_postfix.conf.master
- [x] install/tpl/debian_postfix.conf.master
- [x] install/lib/installer_base.lib.php
- [x] install/dist/lib/gentoo.lib.php
- [x] install/dist/lib/fedora.lib.php
- [x] install/dist/lib/opensuse.lib.php
- [x] interface/lib/plugins/mail_user_filter_plugin.inc.php
- [x] server/plugins-available/mail_plugin.inc.php
- [ ] update manual?https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5328email for mailboxquota to mailbox2019-06-27T17:49:13ZSteffan Noordemail for mailboxquota to mailboxPlease extend the email mailbox quota emails.
Now the options are:
Admin
User.
But when a reseller has a mailbox (and dont setyup clients)
he is getting a email, but the mailbox in question is not getting a email.
Extending lib/classes...Please extend the email mailbox quota emails.
Now the options are:
Admin
User.
But when a reseller has a mailbox (and dont setyup clients)
he is getting a email, but the mailbox in question is not getting a email.
Extending lib/classes/cron.d/300-quota_notify.inc.php
//* Send email to mailbox
if($web_config['overtraffic_notify_mbox'] == 'y') {
$recipients[] = $rec['email'];
}
should work i think (but needs a update of the interface)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5333Additional PHP versions - all FPM sockets are using the same naming causing r...2020-05-29T08:45:10ZThomasAdditional PHP versions - all FPM sockets are using the same naming causing reload problems## short description
What is happening and what is wrong with that?
If you install multiple PHP versions and run the system via FPM, it creates all sockets with a shared 'socket_dir' causing FPM reload problems like
```
[07-Jul-2019 18...## short description
What is happening and what is wrong with that?
If you install multiple PHP versions and run the system via FPM, it creates all sockets with a shared 'socket_dir' causing FPM reload problems like
```
[07-Jul-2019 18:59:02] ERROR: An another FPM instance seems to already listen on /var/lib/php7.0-fpm/web193.sock
[07-Jul-2019 18:59:02] ERROR: FPM initialization failed
```
I believe the site has had the php version changed and the reload / restart failed. Entire FPM pool was down as a result of that.
## correct behaviour
What should happen instead?
This should be dynamic, e.g.
```
listen = /var/lib/php5.6-fpm/web193.sock
listen = /var/lib/php7.2-fpm/web92.sock
```
## environment
```
Server OS: Ubuntu
Server OS version: Xenial
ISPConfig version: 3.1.11
```
## proposed fix
The template creates the socket location like so:
```
$socket_dir = escapeshellcmd($web_config['php_fpm_socket_dir']);
$fpm_socket = $socket_dir.$pool_name.'.sock';
```
(https://git.ispconfig.org/ispconfig/ispconfig3/blob/3.1.14/server/plugins-available/apache2_plugin.inc.php#L1572)
This should be dynamic, e.g.
```
listen = /var/lib/php5.6-fpm/web193.sock
listen = /var/lib/php7.2-fpm/web92.sock
```
which will avoid from sockets being in use by another pool.
I'll look into creating a merge request if solution is confirmed.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5337support DKIM keys2021-04-05T15:24:22ZJesse Norellsupport DKIM keysWhen a domain is added in Email, clients can no longer manage DKIM keys in DNS (except for the single key pair entered under the Email tab).
There are numerous use cases requiring multiple DKIM keys, from simply migrating a domain from ...When a domain is added in Email, clients can no longer manage DKIM keys in DNS (except for the single key pair entered under the Email tab).
There are numerous use cases requiring multiple DKIM keys, from simply migrating a domain from another server which has DKIM enabled (you need to add the old public key to DNS so that checking DKIM signatures on mail sent prior to the migration doesn't fail) to integrating external services which send legitimate mail from an address in your domain (eg. billing services, mail processing services, helpdesks, surveys, zoho, etc.).
Right now an admin can add multiple DKIM records (by adding TXT records), and clients have a workaround to rename the Email domain while managing their DNS records (see https://www.howtoforge.com/community/threads/client-cannot-update-dns-dkim-record.82321/#post-390423) but this should be handled more cleanly/directly in ISPConfig.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5338Feature request: Don't add to Let's Encrypt certificate checkbox on website c...2019-07-13T08:54:50ZRudolf W BykerFeature request: Don't add to Let's Encrypt certificate checkbox on website config pagesIt is currently possible to exclude alias domains from the certificate by ticking this check box on the "Aliasdomain for website" page:
![Don't add to Let's Encrypt certificate checkbox](/uploads/32b08dae5eae2af63ac35428ff3d479a/image.p...It is currently possible to exclude alias domains from the certificate by ticking this check box on the "Aliasdomain for website" page:
![Don't add to Let's Encrypt certificate checkbox](/uploads/32b08dae5eae2af63ac35428ff3d479a/image.png)
*Can we please have that on the "Website" config page, too?*
Our use case:
* A few different versions of a website exist in ISPConfig, under domain names like `alpha.appname`, `beta.appname` and `gamma.appname`.
* An aliasdomain contains the real domain name which users see, e.g. `theappwewrote.com`
* Only the aliasdomain is available via DNS. This allows us to very quickly switch which version of the website is "live".
When enabling HTTPS, it tries to add `alpha.appname` and friends to the certificate, which we don't want. We only want `theappwewrote.com` in the certificate.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5360Secondary accounts for clients2019-08-02T14:21:41ZPatrick ZajdaSecondary accounts for clientsSometimes a client could want to give access to her/his account to another person, for example if this person is the webmaster, someone who would manage e-mail addresses.
Actually, this client should give the login and pass to this perso...Sometimes a client could want to give access to her/his account to another person, for example if this person is the webmaster, someone who would manage e-mail addresses.
Actually, this client should give the login and pass to this person.
Would it be possible to be able to create secondary or sub-account for clients and give them some pricize permissions on the client subscription?https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5361Dovecot mail user deletion requires more actions prior to deleting user2020-06-12T16:03:06ZThe Real KinetixDovecot mail user deletion requires more actions prior to deleting userIf one has single instance storage enabled in dovecot, in particular a separate attachments dir, then if users mail isn't purged appropriately prior to deleting a mail user, their attachments will wind up orphaned in the attachments stor...If one has single instance storage enabled in dovecot, in particular a separate attachments dir, then if users mail isn't purged appropriately prior to deleting a mail user, their attachments will wind up orphaned in the attachments store.
A side discussion on this on the dovecot users lists can be found here: https://dovecot.org/list/dovecot/2015-February/099655.html
What it boils down to is simply running the following 2 commands prior to doing any mail user deletion:
```
doveadm expunge -d -u johndoe mailbox '*' all
doveadm -v purge -u johndoe
```
The single instance storage is a wonderful feature and very simple to enable/utilize - all I did in my dovecot configuration was add in:
```
mail_attachment_dir = /var/vmail/attachments
mail_attachment_min_size = 128k
mail_attachment_fs = sis posix
mail_attachment_hash = %{sha256}
```
I am using mdbox for the rest of the mail storage format.
I have tested the expunge & purge commands above and they do work as advertised, mail and attachments were cleaned up & storage space returned.
I believe that, to implement a fix for this feature appropriately, the deletion portion of user_update would need to be fixed to incorporate this as well.
As an aside - if I were to hack the appropriate commands in locally (in 3.1.14p1 with p2 patch), I presume I might add them near the top of function user_delete in server/plugins-available/mail_plugin.inc.php? I am about to test with inserted lines 452 + 453:
```
exec("su -c 'doveadm expunge -d -u \"".$data["old"]["email"]."\" \'*\' all'");
exec("su -c 'doveadm -v purge -u \"".$data["old"]["email"]."\" '");
```
(This didn't work on my first test... I've added debug logging statements after each exec and those did show, so I have more testing to do...)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5364Migrate config ini from server table to sys_config table2019-08-09T11:36:16ZMarius BurkardMigrate config ini from server table to sys_config tableThe server config storage should be migrated from the current ini form (server table) to a key-value-storage (sys_config table) to make it more failure-safe.
Things to note after the change is done:
* [x] check 3rd-party-autoinstaller i...The server config storage should be migrated from the current ini form (server table) to a key-value-storage (sys_config table) to make it more failure-safe.
Things to note after the change is done:
* [x] check 3rd-party-autoinstaller if it directly writes to the ini column
* [ ] make sure other ini files / contents are not affected by the change
* [ ] migrate the ini values existing in server table to the new storage (patch file in updater)
* [x] add server id to the sys_config value (id 0 will be the current "global" config values)Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5366apache_directive_blocked_error please allow IncludeOptional for /etc/apache2/...2019-08-09T14:42:59ZThCTLoapache_directive_blocked_error please allow IncludeOptional for /etc/apache2/conf-available/ files## short description
What is happening and what is wrong with that?
ISPconfig blocking legit settings.
trying to add the following to my mail vhost.
IncludeOptional /etc/apache2/conf-available/davical.conf
IncludeOptional /etc/apache2...## short description
What is happening and what is wrong with that?
ISPconfig blocking legit settings.
trying to add the following to my mail vhost.
IncludeOptional /etc/apache2/conf-available/davical.conf
IncludeOptional /etc/apache2/conf-available/z-push.conf
IncludeOptional /etc/apache2/conf-available/z-push-autodiscover.conf
## correct behaviour
What should happen instead?
Allow the directives.
## environment
Server OS: debian
Server OS version: buster
ISPConfig version: Lastest stable 3.1.14p2
## proposed fix
As proposed fix im suggesting whitelisting the default apache conf-available folder.
IncludeOptional /etc/apache2/conf-available/(userinput.conf)
By allowing the IncludeOptional for this, if packages are removed apache will skip these configs.
Im against adding these settings directly into the config, because of the content of these files changes in the backgroup, its not pickup by ISPconfig, while using IncludeOptional is always correcthttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5370Web server config cannot be deselected as client2023-08-29T17:05:16ZWHOWeb server config cannot be deselected as client## short description
As a client, if you have activated a Web server config (Apache) for a website, the directive snippet cannot be deselected.
The change to "-" is not saved.
As Admin however it is possible to deselect the directive s...## short description
As a client, if you have activated a Web server config (Apache) for a website, the directive snippet cannot be deselected.
The change to "-" is not saved.
As Admin however it is possible to deselect the directive snippet at *Sites* => *Websites*.
## correct behaviour
Web server config should be deselected and entry in apache2.conf should be removed.
## environment
Server OS: Debian
Server OS version: Stretch
ISPConfig version: 3.1.13p1https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5372Re-use dashboard dashlets as tab on client2023-07-30T13:43:47ZHelmoRe-use dashboard dashlets as tab on clientAs admin you see data for all clients on your dashboard.
And as client you see your own usage.
But how can I as an admin see the overview of what a specific client is using?
Just an idea ... Can't we add an extra tab when viewing a cli...As admin you see data for all clients on your dashboard.
And as client you see your own usage.
But how can I as an admin see the overview of what a specific client is using?
Just an idea ... Can't we add an extra tab when viewing a client. Besides 'Address' and 'Limits' I'd like to have an overview or 'dashboard'.
Additionally it might then be nice to make the make the statistics rows clickable to directly navigate to a certain mail account.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5374Store last access information for mail users2024-03-13T17:14:18ZHelmoStore last access information for mail usersIn one legacy system I have a daily cronjob that gathers all imap/pop3/smtp logins and updates a last_access date in the user table.
I'm missing that in ISPconfig and would suggest adding something like that.
I've started hacking this t...In one legacy system I have a daily cronjob that gathers all imap/pop3/smtp logins and updates a last_access date in the user table.
I'm missing that in ISPconfig and would suggest adding something like that.
I've started hacking this together and with the patch below it's shown as a tooltip in the mail user listing.
I'm open to any suggestions on how to properly implement this here.
The cron script, run just before log rotation (e.g. as /etc/cron.daily/ispconfig_log_parser):
```bash
#!/bin/bash
# Parse the mailserver's logs to update the last_access date for all mail accounts.
NOW=`date +%Y-%m-%d`
#NOW=$1
# Filter imap/pop/smtp logins
# prefix cat with 'ssh <slaveserver>' when mail is on a slave server (use command="cat /var/log/mail.log" in the authorized_keys file to restrict access).
cat /var/log/mail.log \
| perl -n -e "if (\$_ =~ s/(.*) dovecot: (imap|pop3)-login: Login: user=\<([\w\.@-]+)\>.*/\$3/ or \$_ =~ s/(.*) sasl_method=PLAIN, sasl_username=([\w\.@-]+)/\$2/) { print \$_}" \
| sort \
| uniq \
| perl -n -e "\$_ =~ s/([\w\.@-]+)/UPDATE mail_user SET last_access='$NOW' WHERE email='\$1';/; print \$_" \
| tee /tmp/mail_stat_access.sql \
| mysql dbispconfig
```
Adding a column:
```sql
ALTER TABLE `mail_user` ADD `last_access` DATE NULL after `disabledoveadm`;
```
The code:
```diff
diff --git a/interface/web/mail/list/mail_user.list.php b/interface/web/mail/list/mail_user.list.php
index 4513a516c..7f4253c82 100755
--- a/interface/web/mail/list/mail_user.list.php
+++ b/interface/web/mail/list/mail_user.list.php
@@ -124,5 +124,13 @@ $liste["item"][] = array( 'field' => "disablepop3",
'suffix' => "",
'width' => "",
'value' => array('n' => $app->lng('yes_txt'), 'y' => $app->lng('no_txt')));
+$liste["item"][] = array( 'field' => "last_access",
+ 'datatype' => "DATE",
+ 'formtype' => "TEXT",
+ 'op' => "=",
+ 'prefix' => "",
+ 'suffix' => "",
+ 'width' => "",
+ 'value' => "");
?>
diff --git a/interface/web/mail/templates/mail_user_list.htm b/interface/web/mail/templates/mail_user_list.htm
index 4e2fedd50..d73850923 100755
--- a/interface/web/mail/templates/mail_user_list.htm
+++ b/interface/web/mail/templates/mail_user_list.htm
@@ -59,7 +59,7 @@
<tbody>
<tmpl_loop name="records">
<tr>
- <td><a href="#" data-load-content="mail/mail_user_edit.php?id={tmpl_var name='id'}" data-toggle="tooltip" data-placement="bottom" title="{tmpl_var name='email'}">{tmpl_var name="email"}</a></td>
+ <td><a href="#" data-load-content="mail/mail_user_edit.php?id={tmpl_var name='id'}" data-toggle="tooltip" data-placement="bottom" title="Last access: {tmpl_var name='last_access'}">{tmpl_var name="email"}</a></td>
<tmpl_if name="enable_custom_login">
<td>
<a href="#" data-load-content="mail/mail_user_edit.php?id={tmpl_var name='id'}">{tmpl_var name="login"}</a>
```https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5376New field to DNS CAA iodef ...2023-08-08T07:21:44ZMarek AdamskiNew field to DNS CAA iodef ...I need new field in to DNS.\
example.com. IN CAA 0 iodef "mailto:security@example.com" #where to send info about try generate cert by not authorized center\
example.com. IN CAA 0 issue ";" #Disallow to generate cert.\
example.com. IN CAA...I need new field in to DNS.\
example.com. IN CAA 0 iodef "mailto:security@example.com" #where to send info about try generate cert by not authorized center\
example.com. IN CAA 0 issue ";" #Disallow to generate cert.\
example.com. IN CAA 0 issuewild ";" #Disallow to generate wild cert.\
Can you add option to add CAA entries without template? \
Sources of info: https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization\
My ISPConfig version: 3.1.14p23.2.12https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5384enable DKIM for relay-domains2020-07-08T21:00:23ZMartin Schönbeckenable DKIM for relay-domainswhen a complete domain is relayed there is no way to activate DKIM because a domain record may be created but must not be activated. To work around this I added a "and not exists (select 1 from mail_transport where mail_domain.domain = m...when a complete domain is relayed there is no way to activate DKIM because a domain record may be created but must not be activated. To work around this I added a "and not exists (select 1 from mail_transport where mail_domain.domain = mail_transport.domain and active = 'y' and server_id = 1)" to the mysql-virtual_domains.cf. This works for me, because I only have entries of type @example.com in the relay recipients but must be probably check for the @ in the first place to work with single relay recipients.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5385Statistics could not be opend2020-03-01T21:57:06ZWHOStatistics could not be opend## short description
Enabled Statistics for my website. Website is configerd to the folder /web/mysite
But Stats are at /web/stats - so they never could be opend.
## correct behaviour
If the start folder is changed the stats folder has ...## short description
Enabled Statistics for my website. Website is configerd to the folder /web/mysite
But Stats are at /web/stats - so they never could be opend.
## correct behaviour
If the start folder is changed the stats folder has to be changed also or there have to be an correct virtual host entry.
## environment
Server OS: debian
ISPConfig version: 3.1.13p1https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5397Simple warning when bind is misconfigured2021-08-22T09:29:30ZJavier AlonsoSimple warning when bind is misconfiguredHi there!
Firstable I want to thank you guys for your work, ispconfig3 is the best in it´s class.
Being using it during years, I´ve realized that if you make a mistake setting bind sometimes you get a warning and can´ t apply any changes...Hi there!
Firstable I want to thank you guys for your work, ispconfig3 is the best in it´s class.
Being using it during years, I´ve realized that if you make a mistake setting bind sometimes you get a warning and can´ t apply any changes. But sometimes the mistake goes through and you are not warned at all.
When this happens new .err files appear in /etc/bind directory.
Problem is that you don´t realize there is anything wrong until you check that directory, and I guess that it should not be difficult to just show a warning somewhere in the control panel.
Probably you already thought about this, in any case I will be happy if you read this email.
Regards
Javier Alonsohttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5413Suggestion: Renaming of ssl field in web_domain table2020-03-01T22:01:38ZChrisSuggestion: Renaming of ssl field in web_domain tableMinor bug in the structure of dbispconfig.web_domain
One of the columns is named ssl which is a reserved work in mysql. This results in a query using it needing backticks.
While this is what's being done in the project, if you are unaw...Minor bug in the structure of dbispconfig.web_domain
One of the columns is named ssl which is a reserved work in mysql. This results in a query using it needing backticks.
While this is what's being done in the project, if you are unaware of the reserved keyword and make an attempt to say, attach a slave to a new master because of a dead host or just because you want to then you may come up against this.
I intend on writing a guide for how to do this task soon, and though I could just make sure backticks are used it may be better to rename the column in a future release to avoid this keyword altogether.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5419white/blacklist using rspamd matches against "smtp from" only2021-08-06T22:55:53ZZakwhite/blacklist using rspamd matches against "smtp from" onlyI'am not sure how this is handled when using amavis, but in rspamd the generated config matches against the "smtp from" - instead of the "header from".\
Althought this might be more precise, a lot of end users don't even have knowledge o...I'am not sure how this is handled when using amavis, but in rspamd the generated config matches against the "smtp from" - instead of the "header from".\
Althought this might be more precise, a lot of end users don't even have knowledge of the smtp from/return-path header and in times of SRS it's pretty much impossible to get a match when not using regex matching anyway.\
Furthermore there is no guarantee that "smtp from" and the "header from" are equal or even using the same domain. Hence the black/whitelisting might not have the desired effect from the end user perspective.
## proposed fix
Since no "or" matching is available in rspamd (at least not between different attributes), a second stanza matching the from header could be introduced:
`header = { "From" = "sender@domain.tld"; }`Jesse NorellJesse Norellhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5421Client -> Templates -> Custom -> hide limit screens2019-10-09T09:05:32ZRichard FoleyClient -> Templates -> Custom -> hide limit screensWhen editing any client/reseller limits, if you select a custom-made template (so any template that has been created and/or customized, that is NOT the custom template...), to reduce confusion I suggest to hide the limit screens.
This c...When editing any client/reseller limits, if you select a custom-made template (so any template that has been created and/or customized, that is NOT the custom template...), to reduce confusion I suggest to hide the limit screens.
This could perhaps be achieved even with a simple CSS rule: **.panel-group#accordion { display:none; }**, or similar applied to the correct page.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5428Ignore custom Apache Directives in http vhost if it just redirects2021-05-15T21:15:51ZJustinIgnore custom Apache Directives in http vhost if it just redirectsBit similar to https://git.ispconfig.org/ispconfig/ispconfig3/issues/1391
I define WSGI directives. But when I enable SSL I get:
Name duplicates previous WSGI daemon
As I have "Rewrite HTTP to HTTPS" enabled in the rewrite tab, there ...Bit similar to https://git.ispconfig.org/ispconfig/ispconfig3/issues/1391
I define WSGI directives. But when I enable SSL I get:
Name duplicates previous WSGI daemon
As I have "Rewrite HTTP to HTTPS" enabled in the rewrite tab, there is no need for custom Apache Directives in the http vhost.
This works for me, would it be a general improvement?
```
--- conf/vhost.conf.master 2018-08-27 15:51:28.161620462 +0200
+++ conf-custom/vhost.conf.master 2019-10-16 11:14:22.748113295 +0200
@@ -522,7 +522,16 @@
# WEBDAV END
</IfModule>
+<tmpl_if name='ssl_enabled'>
+<tmpl_var name='apache_directives'>
+<tmpl_else>
+<tmpl_if name='rewrite_to_https' op='==' value='y'>
+# skipping apache_directives, as that will be handled by the ssl vhost
+<tmpl_else>
<tmpl_var name='apache_directives'>
+</tmpl_if>
+</tmpl_if>
+
<tmpl_hook name='apache2_vhost:vhost_footer'>
</VirtualHost>
```https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5430Possibility to choose PHP binaries for server.sh/cron.sh without editing them2019-10-17T10:08:42ZManoa RatefiarisonPossibility to choose PHP binaries for server.sh/cron.sh without editing themUsually, each website has its own requirement on PHP version. We usually put multiple PHP binaries (ex: php, php70, php71, php72 & php73) on /usr/bin to provide multiple PHP version on CLI.
However, sometimes, it is required to set the ...Usually, each website has its own requirement on PHP version. We usually put multiple PHP binaries (ex: php, php70, php71, php72 & php73) on /usr/bin to provide multiple PHP version on CLI.
However, sometimes, it is required to set the default version (when doing simply "php myscript.php" on SSH, when using commands such as composer or wp-cli which immediately use /usr/bin/php). And if we edit the default version, ISPConfig cron jobs server.sh/cron.sh are impacted.
Is there a way to set up custom PHP CLI binary path for ISPConfig cron jobs (server.sh/cron.sh) without editing ISPConfig script?https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5432Add Support for Grafana2020-02-28T13:47:25ZTorsten WidmannAdd Support for GrafanaIt would be nice, when ispconfig3 will Support Grafana
See: https://grafana.com/It would be nice, when ispconfig3 will Support Grafana
See: https://grafana.com/https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5436Add Graylog Logging tool for webservers looking at /var/log2019-10-23T05:55:48ZDaniel FanicaAdd Graylog Logging tool for webservers looking at /var/logThis would be really helpful and easy to implement since ISPConfig already has all logs in /var/log
A good tutorial is found here https://www.linode.com/docs/uptime/monitoring/how-to-install-and-configure-graylog2-on-debian-9/This would be really helpful and easy to implement since ISPConfig already has all logs in /var/log
A good tutorial is found here https://www.linode.com/docs/uptime/monitoring/how-to-install-and-configure-graylog2-on-debian-9/https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5439Greylist alias domain2020-03-01T22:04:41ZMickael MonsieurGreylist alias domainHi,
The greylist only works for the main domain and does not work on domain aliases.
Ideally, there should be an "Enable greylisting" check box in Domain Alias, as in Mail Forward.
MickaelHi,
The greylist only works for the main domain and does not work on domain aliases.
Ideally, there should be an "Enable greylisting" check box in Domain Alias, as in Mail Forward.
Mickaelhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5441spamfilter policy sync mailbox to alias2019-10-28T10:18:00ZSteffan Noordspamfilter policy sync mailbox to aliasfuture request:
**Default behaviour:**
When creating a alias, the spamfilter policy of the maildomain is set.
**Request behaviour:**
use the mailbox settings of the destination mailbox as default setting of the alias.
if not set then u...future request:
**Default behaviour:**
When creating a alias, the spamfilter policy of the maildomain is set.
**Request behaviour:**
use the mailbox settings of the destination mailbox as default setting of the alias.
if not set then use the maildomain settings.
**Why:**
if a mailbox has set his mailbox on uncensored, but the maildomain is set to filter email.
Alias adresses are getting filtered.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5442SFTPGo2020-06-30T13:50:35ZTill BrehmSFTPGoNice new sftp server which might suit ISPConfig. The project is still a bit too young though, but might be useful to check from time to time to see how it evolves:
https://github.com/drakkan/sftpgoNice new sftp server which might suit ISPConfig. The project is still a bit too young though, but might be useful to check from time to time to see how it evolves:
https://github.com/drakkan/sftpgohttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5444per user directive snippets2020-07-10T11:20:03ZTommaso Basiliciper user directive snippetsIt would be very nice to create and then restrict the use for a set of directive snippets for a particular user or group.
Eg. let's say a client of mine wants a specific set of directive on his site and would also like the ability to tu...It would be very nice to create and then restrict the use for a set of directive snippets for a particular user or group.
Eg. let's say a client of mine wants a specific set of directive on his site and would also like the ability to turn them on or off or even tweak them a little (or choose among some directives), I would create few directives just for him so that others don't see them and can't use them.
At the moment if I cannot create a snippet for a user that I'm confident to let other users see as well, my only option is to use the nginx or apache directives on the option tab, which client obviously don't see meaning the admin is the only one who can intervenhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5447php-fpm socket/config not removed on change of php version2020-10-09T09:33:38ZZakphp-fpm socket/config not removed on change of php version## short description
When changing from one version of php-fpm to another, the corresponding config of the website is not removed. This always happens from one "direction" to another, but not the other way around. \
I've posted a similar...## short description
When changing from one version of php-fpm to another, the corresponding config of the website is not removed. This always happens from one "direction" to another, but not the other way around. \
I've posted a similar issue three months ago in another thread - regarding a different server and in context to a servers default php setting. I don't remembers hitting this issue when not changing the servers php default setting, as well as a websites php version - however I don't recall changing the php default on that server... Please see https://git.ispconfig.org/ispconfig/ispconfig3/issues/5333#note_68059 for reference as well.
## correct behaviour
php-fpm config should be removed and the daemon should be reloaded.
## environment
Server OS: ubuntu \
Server OS version: bionic / 18.04.3 LTS \
ISPConfig version: 3.1.15 (checked changelogs of p1 and p2 but couldn't see any relevant fixes)
## log entries
### From php5.6 -> 7.3
This is where the error ouccurs!
There should be a line "Removed PHP-FPM config file: /etc/php/5.6/fpm/pool.d/web3363.conf", as well as a reload of the daemon itself.
```
08.11.2019-10:32 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
08.11.2019-10:32 - DEBUG - Found 1 changes, starting update process.
08.11.2019-10:32 - DEBUG - Replicated from master: REPLACE INTO `web_domain` (`domain_id`,`sys_userid`,`sys_groupid`,`sys_perm_user`,`sys_perm_group`,`sys_perm_other`,`server_id`,`ip_address`,`ipv6_address`,`domain`,`type`,`parent_domain_id`,`vhost_type`,`document_root`,`web_folder`,`system_user`,`system_group`,`hd_quota`,`traffic_quota`,`cgi`,`ssi`,`suexec`,`errordocs`,`is_subdomainwww`,`subdomain`,`php`,`ruby`,`python`,`perl`,`redirect_type`,`redirect_path`,`seo_redirect`,`rewrite_to_https`,`ssl`,`ssl_letsencrypt`,`ssl_letsencrypt_exclude`,`ssl_state`,`ssl_locality`,`ssl_organisation`,`ssl_organisation_unit`,`ssl_country`,`ssl_domain`,`ssl_request`,`ssl_cert`,`ssl_bundle`,`ssl_key`,`ssl_action`,`stats_password`,`stats_type`,`allow_override`,`apache_directives`,`nginx_directives`,`php_fpm_use_socket`,`php_fpm_chroot`,`pm`,`pm_max_children`,`pm_start_servers`,`pm_min_spare_servers`,`pm_max_spare_servers`,`pm_process_idle_timeout`,`pm_max_requests`,`php_open_basedir`,`custom_php_ini`,`backup_interval`,`backup_copies`,`backup_excludes`,`active`,`traffic_quota_lock`,`fastcgi_php_version`,`proxy_directives`,`enable_spdy`,`last_quota_notification`,`rewrite_rules`,`added_date`,`added_by`,`directive_snippets_id`,`enable_pagespeed`,`http_port`,`https_port`,`log_retention`,`folder_directive_snippets`) VALUES ('3363','526','525','riud','ru','','31','*','','domain.tld','vhost','0','name','/var/www/clients/client524/web3363','','web3363','client524','1000','100000','n','n','y','0','1','none','php-fpm','n','n','n',NULL,NULL,NULL,'n','n','n','n',NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,'$6$rounds=5000$48b2e56734a9d55b$XNfG0T8n/Y7ZQA.7NbzVFTJ8DInMBGGGwoKApbZQmjnSM9ytK2OUdYCbnp8dZBjcrz24mvw0j2hy9FqojTcXp.','awstats','All','','','y','n','dynamic','10','2','1','5','10','0','/var/www/clients/client524/web3363/web:/var/www/clients/client524/web3363/private:/var/www/clients/client524/web3363/tmp:/var/www/domain.tld/web:/srv/www/domain.tld/web:/usr/share/php5:/usr/share/php:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/dev/random:/dev/urandom','\r\nmemory_limit = 256M\r\npost_max_size = 64M\r\nupload_max_filesize = 64M\r\nmax_input_time = -1\r\nmax_execution_time = 180\r\nmax_input_vars = 1580\r\n','none','1','','y','n','','','n',NULL,NULL,'2019-11-08','113548','0','n','80','443','10',NULL)
08.11.2019-10:32 - DEBUG - Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
08.11.2019-10:32 - DEBUG - Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
08.11.2019-10:32 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client524/web3363' - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: chattr +i '/var/www/clients/client524/web3363' - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: df -T '/var/www/clients/client524/web3363'|awk 'END{print $2,$NF}' - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: which 'setquota' 2> /dev/null - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: setquota -u 'web3363' '1024000' '1025024' 0 0 -a &> /dev/null - return code: 0
setquota: Not setting block grace time on /dev/zd16p1 because softlimit is not exceeded.
setquota: Not setting inode grace time on /dev/zd16p1 because softlimit is not exceeded.
08.11.2019-10:32 - DEBUG - safe_exec cmd: setquota -T -u 'web3363' 604800 604800 -a &> /dev/null - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: chattr +i '/var/www/clients/client524/web3363' - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
08.11.2019-10:32 - DEBUG - Writing the vhost file: /etc/apache2/sites-available/domain.tld.vhost
08.11.2019-10:32 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
08.11.2019-10:32 - DEBUG - Writing the PHP-FPM config file: /etc/php/7.3/fpm/pool.d/web3363.conf
08.11.2019-10:32 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.11.2019-10:32 - DEBUG - Restarting php-fpm: systemctl reload php7.3-fpm.service
08.11.2019-10:32 - DEBUG - Apache status is: running
08.11.2019-10:32 - DEBUG - Calling function 'restartHttpd' from module 'web_module'.
08.11.2019-10:32 - DEBUG - Restarting httpd: systemctl restart apache2.service
08.11.2019-10:32 - DEBUG - Apache restart return value is: 0
08.11.2019-10:32 - DEBUG - Apache online status after restart is: running
08.11.2019-10:32 - DEBUG - Processed datalog_id 30661
08.11.2019-10:32 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
finished.
```
### From php7.3 -> 5.6
All good here...
```
08.11.2019-10:32 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
08.11.2019-10:32 - DEBUG - Found 1 changes, starting update process.
08.11.2019-10:32 - DEBUG - Replicated from master: REPLACE INTO `web_domain` (`domain_id`,`sys_userid`,`sys_groupid`,`sys_perm_user`,`sys_perm_group`,`sys_perm_other`,`server_id`,`ip_address`,`ipv6_address`,`domain`,`type`,`parent_domain_id`,`vhost_type`,`document_root`,`web_folder`,`system_user`,`system_group`,`hd_quota`,`traffic_quota`,`cgi`,`ssi`,`suexec`,`errordocs`,`is_subdomainwww`,`subdomain`,`php`,`ruby`,`python`,`perl`,`redirect_type`,`redirect_path`,`seo_redirect`,`rewrite_to_https`,`ssl`,`ssl_letsencrypt`,`ssl_letsencrypt_exclude`,`ssl_state`,`ssl_locality`,`ssl_organisation`,`ssl_organisation_unit`,`ssl_country`,`ssl_domain`,`ssl_request`,`ssl_cert`,`ssl_bundle`,`ssl_key`,`ssl_action`,`stats_password`,`stats_type`,`allow_override`,`apache_directives`,`nginx_directives`,`php_fpm_use_socket`,`php_fpm_chroot`,`pm`,`pm_max_children`,`pm_start_servers`,`pm_min_spare_servers`,`pm_max_spare_servers`,`pm_process_idle_timeout`,`pm_max_requests`,`php_open_basedir`,`custom_php_ini`,`backup_interval`,`backup_copies`,`backup_excludes`,`active`,`traffic_quota_lock`,`fastcgi_php_version`,`proxy_directives`,`enable_spdy`,`last_quota_notification`,`rewrite_rules`,`added_date`,`added_by`,`directive_snippets_id`,`enable_pagespeed`,`http_port`,`https_port`,`log_retention`,`folder_directive_snippets`) VALUES ('3363','526','525','riud','ru','','31','*','','domain.tld','vhost','0','name','/var/www/clients/client524/web3363','','web3363','client524','1000','100000','n','n','y','0','1','none','php-fpm','n','n','n',NULL,NULL,NULL,'n','n','n','n',NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,'$6$rounds=5000$48b2e56734a9d55b$XNfG0T8n/Y7ZQA.7NbzVFTJ8DInMBGGGwoKApbZQmjnSM9ytK2OUdYCbnp8dZBjcrz24mvw0j2hy9FqojTcXp.','awstats','All','','','y','n','dynamic','10','2','1','5','10','0','/var/www/clients/client524/web3363/web:/var/www/clients/client524/web3363/private:/var/www/clients/client524/web3363/tmp:/var/www/domain.tld/web:/srv/www/domain.tld/web:/usr/share/php5:/usr/share/php:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/dev/random:/dev/urandom','\r\nmemory_limit = 256M\r\npost_max_size = 64M\r\nupload_max_filesize = 64M\r\nmax_input_time = -1\r\nmax_execution_time = 180\r\nmax_input_vars = 1580\r\n','none','1','','y','n','php5.6:/etc/init.d/php5.6-fpm:/etc/php/5.6/fpm/:/etc/php/5.6/fpm/pool.d','','n',NULL,NULL,'2019-11-08','113548','0','n','80','443','10',NULL)
08.11.2019-10:32 - DEBUG - Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
08.11.2019-10:32 - DEBUG - Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
08.11.2019-10:32 - DEBUG - safe_exec cmd: chattr -i '/var/www/clients/client524/web3363' - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: chattr +i '/var/www/clients/client524/web3363' - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: df -T '/var/www/clients/client524/web3363'|awk 'END{print $2,$NF}' - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: which 'setquota' 2> /dev/null - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: setquota -u 'web3363' '1024000' '1025024' 0 0 -a &> /dev/null - return code: 0
setquota: Not setting block grace time on /dev/zd16p1 because softlimit is not exceeded.
setquota: Not setting inode grace time on /dev/zd16p1 because softlimit is not exceeded.
08.11.2019-10:32 - DEBUG - safe_exec cmd: setquota -T -u 'web3363' 604800 604800 -a &> /dev/null - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: chattr +i '/var/www/clients/client524/web3363' - return code: 0
08.11.2019-10:32 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
08.11.2019-10:32 - DEBUG - Writing the vhost file: /etc/apache2/sites-available/domain.tld.vhost
08.11.2019-10:32 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
08.11.2019-10:32 - DEBUG - Writing the PHP-FPM config file: /etc/php/5.6/fpm/pool.d/web3363.conf
08.11.2019-10:32 - DEBUG - Removed PHP-FPM config file: /etc/php/7.3/fpm/pool.d/web3363.conf
08.11.2019-10:32 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.11.2019-10:32 - DEBUG - Restarting php-fpm: systemctl reload php7.3-fpm.service
08.11.2019-10:32 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
08.11.2019-10:32 - DEBUG - Restarting php-fpm: systemctl reload php5.6-fpm.service
08.11.2019-10:32 - DEBUG - Apache status is: running
08.11.2019-10:32 - DEBUG - Calling function 'restartHttpd' from module 'web_module'.
08.11.2019-10:32 - DEBUG - Restarting httpd: systemctl restart apache2.service
08.11.2019-10:32 - DEBUG - Apache restart return value is: 0
08.11.2019-10:32 - DEBUG - Apache online status after restart is: running
08.11.2019-10:32 - DEBUG - Processed datalog_id 30660
08.11.2019-10:32 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
finished.
```https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5449Why the firewall is always seen inactive during the update process2021-01-09T22:12:26ZOlivier BOUMATIWhy the firewall is always seen inactive during the update processHello,
I use ISPConfig for several years on 6 different Debian servers. So I proceeded regularly updates ISPConfig and systems packages.
I noticed during each update, that the process detects that the firewall is inactive while I answer ...Hello,
I use ISPConfig for several years on 6 different Debian servers. So I proceeded regularly updates ISPConfig and systems packages.
I noticed during each update, that the process detects that the firewall is inactive while I answer always need to activate it. Why does not he retains this choice as he does very well for all other matters relating to the installation?
Thank you
Regards,
Olivier
## environment
Server OS: (Debian)
Server OS version: (Stretch)
ISPConfig version: (3.1.15p2 and other)
## Apache version
root:~# apachectl -v
Server version: Apache/2.4.25 (Debian)
Server built: 2019-10-13T15:43:54
## PHP version
root:~# php -v
PHP 5.6.40-13+0~20191026.23+debian9~1.gbp37e45b (cli)
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologieshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5454Web server reload instead of restart | Релоад веб-сервера вместо рестарт2019-11-15T08:24:16ZMukowozinfo@settin.ruWeb server reload instead of restart | Релоад веб-сервера вместо рестартGoodnight. I often need to change the Nginix settings for sites and it’s very bad that every time you apply the settings, it restarts, I corrected the web server restart function in the /usr/local/ispconfig/server/mods-enabled/web_module...Goodnight. I often need to change the Nginix settings for sites and it’s very bad that every time you apply the settings, it restarts, I corrected the web server restart function in the /usr/local/ispconfig/server/mods-enabled/web_module.inc.php file and replaced it on reload. Is it possible to make such a change so that it will be fixed in future releases?
Доброй ночи. У меня часто возникает необходимость изменять настройки Nginx для сайтов и очень плохо что при каждом применении настроек идёт рестарт, я подправил в файле /usr/local/ispconfig/server/mods-enabled/web_module.inc.php функцию рестарта веб-сервера и заменил на релоад. Возможно ли внести такое изменение чтобы в следующих релизах это уже было исправлено?https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5469Add slow requests log for php-fpm2019-11-26T13:15:27ZMukowozinfo@settin.ruAdd slow requests log for php-fpmPhp-fpm has the ability to write a log of slow requests, so why not add the ability to log such requests directly through the site settings in the control panel.
https://www.php.net/manual/en/install.fpm.configuration.php#slowlog
Direc...Php-fpm has the ability to write a log of slow requests, so why not add the ability to log such requests directly through the site settings in the control panel.
https://www.php.net/manual/en/install.fpm.configuration.php#slowlog
Directives
slowlog
request_slowlog_timeout
У php-fpm есть возможность писать лог медленных запросов, так почему бы не добавить возможность логировать такие запросы прямо через настройки сайта в панели управления.
https://www.php.net/manual/ru/install.fpm.configuration.php#slowlog
Директивы
slowlog
request_slowlog_timeouthttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5470DNS RECORDS - Add DANE Bindings for OpenPGP : OPENPGPKEY (TYPE 61)2023-09-18T17:53:11ZTomasz kapiasDNS RECORDS - Add DANE Bindings for OpenPGP : OPENPGPKEY (TYPE 61)Now that DNSSEC is implemented in a functional way, I would like to use a very promising new feature for OpenPGP public key exchange.
This is a new type of DNS record TYPE (TYPE number 61) : OPENPGPKEY.
The RFC is here: [RFC7929](https...Now that DNSSEC is implemented in a functional way, I would like to use a very promising new feature for OpenPGP public key exchange.
This is a new type of DNS record TYPE (TYPE number 61) : OPENPGPKEY.
The RFC is here: [RFC7929](https://tools.ietf.org/html/rfc7929)
An article on its use is here: [pgp-key-distribution-via-dnssec-openpgpkey](https://blog.webernetz.net/pgp-key-distribution-via-dnssec-openpgpkey/)
I am not in a position to help write the modification and I hope that my request will attract your interest.
Thank you.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5473Updater is not taking custom Apache configuration paths or init script into a...2020-08-17T17:00:22ZWebsliceUpdater is not taking custom Apache configuration paths or init script into accountOriginates from https://git.ispconfig.org/ispconfig/ispconfig3/merge_requests/926
The `update.php` script is not looking at the values which are configured in `System`->`Server Config`->`Web`, specifically the variables:
- vhost_conf_d...Originates from https://git.ispconfig.org/ispconfig/ispconfig3/merge_requests/926
The `update.php` script is not looking at the values which are configured in `System`->`Server Config`->`Web`, specifically the variables:
- vhost_conf_dir
- vhost_conf_enabled_dir
- apache_init_script
I think that this information is not relevant for `install.php`, as these values will be the default for a fresh server anyway. We could pull the server config in `update.php` and override the variables in `$conf` as needed. So roughly something like:
```
require_once "/usr/local/ispconfig/server/lib/app.inc.php";
$app->uses('getconf');
$web_conf = $app->getconf->get_server_config($conf['server_id'] ,'web');
if (!empty($web_conf['vhost_conf_dir']) {
$conf['apache']['vhost_conf_dir'] = $web_conf['vhost_conf_dir'];
}
... etc
```
But I am having difficulty overseeing if this would be a good idea.
Could you confirm if this sounds like a potential solution to you guys? If so, I will create a PR. Also open to better places to do this.
Thank you