ISPConfig 3 issueshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues2017-07-19T11:47:15Zhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4711Add remote function to query the number of pending jobs in the jobqueue2017-07-19T11:47:15ZTill BrehmAdd remote function to query the number of pending jobs in the jobqueueAdd remote function to query the number of pending jobs in the job queue.Add remote function to query the number of pending jobs in the job queue.3.1.6https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4702Do not renew or create LE certs, when migration mode is active2017-07-13T20:03:42ZTill BrehmDo not renew or create LE certs, when migration mode is activeDo not renew or create LE certs, when migration mode is active.Do not renew or create LE certs, when migration mode is active.3.1.6Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4701Removed workaround that disabled socket for php-fpm2017-11-09T10:24:05ZTill BrehmRemoved workaround that disabled socket for php-fpmRemoved a workaround that disabled sockets for php-fpm on systems that used the apache mod proxy fcgi connector where this apache mdule had a bug. The bug seems to be fixed, so the workaround is not needed anymore.Removed a workaround that disabled sockets for php-fpm on systems that used the apache mod proxy fcgi connector where this apache mdule had a bug. The bug seems to be fixed, so the workaround is not needed anymore.3.1.6https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4700letsencrypt configuration bug2017-07-18T10:41:47ZMarco Colombiniletsencrypt configuration bugAfter upgrate to ISPconfig 3.1.5 i've found a problem with letsencrypt certificate.
When i enable Let's Encrypt checkbox web page automacacally flag on SSL checkbox.
I save that configuration.
ISPconfig create letsencrypt certificate but...After upgrate to ISPconfig 3.1.5 i've found a problem with letsencrypt certificate.
When i enable Let's Encrypt checkbox web page automacacally flag on SSL checkbox.
I save that configuration.
ISPconfig create letsencrypt certificate but do not include correct parameters in /etc/httpd/conf/sites-available/domain.vhost file
so the certificate do not run correctly.
I need to set letsencrypt certificate in two steps.
Enable SSL certificate checkbox, save it and wait to be applied.
Then enable Let's Encrypt checkbox, save it and wait to be applied.
Now the certificate is correctly configured.
thank you in advance
Marco3.1.6https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4699Static AuthName WebDav (Fixes DoS vulnerability)2017-08-12T10:54:55ZTill BrehmStatic AuthName WebDav (Fixes DoS vulnerability)One customer created a webdav user for / and then the apache plugin wrote AuthName "" and that line caused the apache server to stop.One customer created a webdav user for / and then the apache plugin wrote AuthName "" and that line caused the apache server to stop.3.1.6https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4692Sort websites, mailboxes and databases on dashboard (patch)2017-07-08T07:58:26ZMartin SebaldSort websites, mailboxes and databases on dashboard (patch)Hello all,
with a long list of websites, mailboxes and databases on the dashboard it really gets confusing for admins but also power users as the data is not listed and mainly appears in the order as it is seen in the ISPConfig databa...Hello all,
with a long list of websites, mailboxes and databases on the dashboard it really gets confusing for admins but also power users as the data is not listed and mainly appears in the order as it is seen in the ISPConfig database tables.
We looked into it in version 3.1.5 applied a simple patch/change. Out of this we created a patch file and would like to request to add this to ISPConfig future releases.
```
--- quota_lib.inc.php.org 2017-06-30 15:27:25.000000000 +0200
+++ quota_lib.inc.php.new 2017-07-07 01:09:17.000000000 +0200
@@ -14,7 +14,7 @@ class quota_lib {
//print_r($monitor_data);
// select all websites or websites belonging to client
- $sites = $app->db->queryAllRecords("SELECT * FROM web_domain WHERE active = 'y' AND type = 'vhost'".(($clientid != null)?" AND sys_groupid = (SELECT default_group FROM sys_user WHERE client_id=?)":''), $clientid);
+ $sites = $app->db->queryAllRecords("SELECT * FROM web_domain WHERE active = 'y' AND type = 'vhost'".(($clientid != null)?" AND sys_groupid = (SELECT default_group FROM sys_user WHERE client_id=?)":'')." ORDER BY domain", $clientid);
//print_r($sites);
if(is_array($sites) && !empty($sites)){
@@ -237,7 +237,7 @@ class quota_lib {
//print_r($monitor_data);
// select all email accounts or email accounts belonging to client
- $emails = $app->db->queryAllRecords("SELECT * FROM mail_user".(($clientid != null)? " WHERE sys_groupid = (SELECT default_group FROM sys_user WHERE client_id=?)" : ''), $clientid);
+ $emails = $app->db->queryAllRecords("SELECT * FROM mail_user".(($clientid != null)? " WHERE sys_groupid = (SELECT default_group FROM sys_user WHERE client_id=?)" : '')." ORDER BY email", $clientid);
//print_r($emails);
if(is_array($emails) && !empty($emails)){
@@ -301,7 +301,7 @@ class quota_lib {
//print_r($monitor_data);
// select all databases belonging to client
- $databases = $app->db->queryAllRecords("SELECT * FROM web_database".(($clientid != null)? " WHERE sys_groupid = (SELECT default_group FROM sys_user WHERE client_id=?)" : ''), $clientid);
+ $databases = $app->db->queryAllRecords("SELECT * FROM web_database".(($clientid != null)? " WHERE sys_groupid = (SELECT default_group FROM sys_user WHERE client_id=?)" : '')." ORDER BY database_name", $clientid);
//print_r($databases);
if(is_array($databases) && !empty($databases)){
```
Cheers,
Martin3.1.6Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4691Letsencypt on alias: Challenge works OK but written Apache config has no SSL ...2017-07-11T14:58:58ZSimon BlandfordLetsencypt on alias: Challenge works OK but written Apache config has no SSL virtualhost```
ISPConfig version : 3.1.5
Platform : Centos 7.3.1611
Web server : httpd-2.4.6-45.el7.centos.4.x86_64
Letsencrypt : certbot-0.14.1-3.el7.noarch
```
**Steps to reproduce:**
1. Create a web domain that doesn't exist e.g. goes....```
ISPConfig version : 3.1.5
Platform : Centos 7.3.1611
Web server : httpd-2.4.6-45.el7.centos.4.x86_64
Letsencrypt : certbot-0.14.1-3.el7.noarch
```
**Steps to reproduce:**
1. Create a web domain that doesn't exist e.g. goes.nowhere.com
1. Create an alias that does exist and resolves to the ISPConfig host
1. Enabled Letsencypt
**Expected result:**
The goes.nowhere.com is excluded and the certificate is issued to the alias domain. The site is now accessible using https.
**Actual result:**
The log file shows that the goes.nowhere.com is excluded and the certificate is issued to the alias domain however there is no SSL version of the website. There is no SSL virtualhost section written to /etc/httpd/conf/sites-enabled/100-goes.nowhere.com.vhost.
The Letsencrypt and SSL checkboxes remain checked on UI. Normally if something goes wrong these are unchecked after cron.
/var/log/ispconfig/cron.log output after applying Letsencrypt option in web UI:
```
Thu 6 Jul 15:26:01 BST 2017
Thu 6 Jul 15:26:02 BST 2017 06.07.2017-15:26 - WARNING - Could not verify domain goes.nowhere.com, so excluding it from letsencrypt request.
Thu 6 Jul 15:26:04 BST 2017 Saving debug log to /var/log/letsencrypt/letsencrypt.log
Thu 6 Jul 15:26:05 BST 2017 Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Thu 6 Jul 15:26:05 BST 2017 Obtaining a new certificate
Thu 6 Jul 15:26:06 BST 2017 Performing the following challenges:
Thu 6 Jul 15:26:06 BST 2017 http-01 challenge for aliastest.onepointiq.com
Thu 6 Jul 15:26:06 BST 2017 Using the webroot path /usr/local/ispconfig/interface/acme for all unmatched domains.
Thu 6 Jul 15:26:06 BST 2017 Waiting for verification...
Thu 6 Jul 15:26:09 BST 2017 Cleaning up challenges
Thu 6 Jul 15:26:15 BST 2017 finished.
Thu 6 Jul 15:27:02 BST 2017
Thu 6 Jul 15:27:02 BST 2017
Thu 6 Jul 15:27:02 BST 2017 finished.
Thu 6 Jul 15:28:01 BST 2017
Thu 6 Jul 15:28:01 BST 2017
Thu 6 Jul 15:28:02 BST 2017 finished.
Thu 6 Jul 15:29:02 BST 2017
Thu 6 Jul 15:29:02 BST 2017
Thu 6 Jul 15:29:02 BST 2017 finished.
```3.1.6Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4686Optimize postfix configuration2017-07-18T16:55:01ZCostinOptimize postfix configuration**install/tpl/*_postfix.conf.master**
Right now (v3.1.5) this is the order of checks for "smtpd_recipient_restrictions":
>>>
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
check_recipient_access mysql:{config_d...**install/tpl/*_postfix.conf.master**
Right now (v3.1.5) this is the order of checks for "smtpd_recipient_restrictions":
>>>
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf
{rbl_list}
{greylisting}
>>>
But SQL requests are expensive and resource consuming. Isn't better to move the RBL checks before check_recipient_access?
This way if the sender IP is blacklisted then we save extra database checks.3.1.6https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4683Make sidebar links easier to click2017-07-08T07:42:10ZFB GeorgeMake sidebar links easier to clickRemove padding from `#sidebar li` and add it to `#sidebar li a div`, also add a background color on hover.
`#sidebar li a div {
padding: 10px;
}
#sidebar li a div:hover {
background: #08c;
color: #fff;
}
#sidebar li {
/*...Remove padding from `#sidebar li` and add it to `#sidebar li a div`, also add a background color on hover.
`#sidebar li a div {
padding: 10px;
}
#sidebar li a div:hover {
background: #08c;
color: #fff;
}
#sidebar li {
/* padding: 10px; */
border-top-style: solid;
border-top-width: 1px;
font-size: 12px;
}
`
![sbbarlinks](/uploads/01b1552033fe6e859996043f19beaebc/sbbarlinks.gif)3.1.6Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4612Add search routine for LE SSL certs2017-11-10T15:26:41ZTill BrehmAdd search routine for LE SSL certsLE sometimes renames the SSL cert files or stores them with a number suffix. We will have to write a routine that troes to find the best matching (latest) ssl cert for a given website. Related to #4589LE sometimes renames the SSL cert files or stores them with a number suffix. We will have to write a routine that troes to find the best matching (latest) ssl cert for a given website. Related to #45893.1.6https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4610Backup for Vhost2017-08-10T20:10:33ZrubenzsoltBackup for VhostIf I set an vhost subdomain not appear the backup option, just for website, but if I access Backup stats and for there I click for vhost there it appear the backup option, if I set the backup interval, it chage the website from vhostsubd...If I set an vhost subdomain not appear the backup option, just for website, but if I access Backup stats and for there I click for vhost there it appear the backup option, if I set the backup interval, it chage the website from vhostsubdomain to website.3.1.6https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4589LetsEncrypt symlink to wrong folder2020-02-06T00:06:21ZNinosLetsEncrypt symlink to wrong folderHey there,
if you create and delete some aliasses for different domains, letsencrypt creates a new folder `/etc/letsencrypt/live/domain.tld-0001/` instead of `/etc/letsencrypt/live/domain.tld/`, but ISPConfig is always using the folder ...Hey there,
if you create and delete some aliasses for different domains, letsencrypt creates a new folder `/etc/letsencrypt/live/domain.tld-0001/` instead of `/etc/letsencrypt/live/domain.tld/`, but ISPConfig is always using the folder `/etc/letsencrypt/live/domain.tld/`.
You can solve this problem by requesting the correct folder path with following command (please use latest certbot script):
`certbot certificates`
See also:
https://github.com/certbot/certbot/issues/33953.1.6Marius BurkardMarius Burkard