Changelog

Changes in version 2.10.1 (09/17/2020):

  • some configuration files where created with wrong permissions (error in v2.10.0)

Changes in version 2.10.0 (09/16/2020):

  • allow wildcard domains (e.g. *.example.org or even *.tld) for e-mail blacklists/whitelists
  • SOAP method HostingMailboxGet() added (returns configuration of an e-mail address)
  • use /var/www/.skel (if existing) as so-called “skeleton directory” when adding new webspace accounts
  • support global configuration overrides for PHP FPM pools (Lua table LC.web.FPMCONFIG)
  • checking expire date of intermediate (chain) SSL/TLS certificates
  • full support for CentOS 8
  • full support for Ubuntu 20.04 LTS
  • IFRAME-API: added toTop() javascript function to scroll to top of page from within IFRAME content
  • supporting openSUSE 15.1
  • SOAP method HostingSubscriptionGet() now also returns a list of all configured e-mail addresses
  • prepared for repository GPG key rollover (key id: D409AC6D65FE6664)
  • supporting domain-specific Apache configuration includes also with proxy destinations
  • updated OpenSSL to v1.1.1g
  • supporting new privilege system on MariaDB 10.4
  • changed default mailbox home directory from /var/mail to /var/mail/%C/%I (fixes problem with repeated mails from autoresponder)
  • improved MySQL authentication to work with MySQL 8.x
  • support auth_socket authentication (without password) for MySQL root user
  • iOS mobileconfig supports multiple mailboxes within same domain on same device
  • iOS mobileconfig supports disabling IMAPS/POP3S (port 993/995)
  • added autocomplete attributes to password fields for better usability
  • minor CSS improvements
  • improved NGINX vHost configuration for web statistics
  • improved NGINX reverse proxy configuration
  • SOAP method HostingSubscriptionGet() now also returns configured PHP version per subdomain as well as usage data of the subscription (UsageStats)
  • increased limit for php.ini settings (text) from 512 to 4096 byte
  • changed default setting for php.ini setting opcache.file_cache from %HOME%/tmp to "” (empty string), effectively disabling file cache by default
  • added %PHP% placeholder in php.ini settings (allows option opcache.file_cache to be set per PHP version, e.g. %HOME%/.cache/opcache.%PHP%)
  • fixed wrong password limit when enabling/modifying OTP configuration
  • fixed minor bug when searching for full mail address in list of mailboxes
  • domain was not removed from Postfix’ recipient_access file when locked subscription was deleted
  • fixed bug when creating additional ftp accounts using HostingFtpAdd() (affected version 2.9.x)
  • fixed bug resetting shell to nologin when reseller has edited an existing hosting plan
  • fixed problem in ACMEv2 client when using e.g. Buypass CA
  • .htpasswd file for web statistics was not generated when using only NGINX
  • disabling TLS1/TLS1.1 was ignored with NGINX
  • SSL cipher selection (default/strong) wasn’t applied to NGINX vHosts
  • fixed bug when changing password on MySQL 8.x

Changes in version 2.9.3 (03/03/2020):

  • fixed problem regarding Let’s Encrypt update when MySQL was being used as backend database

Changes in version 2.9.2 (03/03/2020):

  • allow downloading list of SSL certificates as CSV file
  • added option to disable TLSv1/TLSv1.1 per IP group for web server
  • added SOAP methods HostingDCVCreate()/HostingDCVDelete()
  • improved systemd configuration of liveconfig/lcclient
  • ACMEv2: some fixes to work with Let’s Encrypt Staging API
  • automated renewal of SSL certificates from Let’s Encrypt affected by their “CAA rechecking bug”
  • lcphp: PHP_BINARY environment variable got lost
  • SAN domains were ignored in SSL orders (v2.9.x)

Changes in version 2.9.1 (12/13/2019):

  • SSL certificates: added filter option “only own certificates”
  • salutation (contact data) can now be left empty
  • table search string wasn’t saved during page refresh
  • fixed display of version number in “Servers” report
  • fixed bug (missing permissions) when adding a FTP user as an additional LiveConfig user
  • fixed missing permission check when editing domains at “my hosting” as additional LiveConfig user
  • comparing HC_REFRESHCFG with version number (revision number not available any more)
  • fixed bug in quota check when editing mailboxes

Changes in version 2.9.0 (11/29/2019):

  • Let’s Encrypt: retry domain validation after HTTP errors (eg. timeout with Let’s Encrypt API) every 15 minutes
  • the DNS checks for automated SSL/TLS certificates can now be individually skipped (e.g. when using a CDN)
  • when private IPv4 addresses are used (without corresponding IP_NAT data) then the DNS checks for Let’s Encrypt are automatically skipped
  • it’s now possible to change the PHP CLI used by the Application Installer (using Lua variable LC.web.PHPCLI)
  • automatic configuation of automated SSL certificates can now optionally be disabled (using checkboxes in order form)
  • allow binding Postfix only to localhost (127.0.0.1)
  • when an additional admin user adds a new server, he now automatically gets all permissions for that server
  • when a domain is deleted, optionally all assigned SSL certificates can be deleted too
  • improved detection of matching wildcard SSL certificates when configuring subdomains
  • list of SSL certificates can now be filtered (expired, unassigned, …)
  • mass mails aren’t sent to suspended customers any more (can be enabled via checkbox)
  • overview of SSL jobs (start page) doesn’t show entries of suspended customers any more
  • allow editing e-mail addresses of Let’s Encrypt accounts
  • display HTTPS links in AppInstaller if domain is configured with SSL
  • AppInstaller: uninstall sometimes failed when directory of application didn’t yet exist or was already deleted before uninstall
  • deleting a domain with existing mailboxes as reseller sometimes returned an error (missing permissions)
  • end users with hosting plans created via GUI didn’t have the permission to view the LiveConfig event log
  • fixed display error when editing a subdomain while parent domain has “(+www)” configuration enabled, preferring the “.www” subdomain
  • fixed bug when merging www/non-www subdomains if they were configured as redirect
  • don’t allow to automatically order SSL certificate when adding a new domain if user has no SSL management permissions
  • fixed bug when adding an automated SSL certificate with automatic HTTPS redirect (non-webspace targets where configured incorrectly)
  • fixed bug when configuring FPM with default PHP on CentOS (wrong directory for pool configuration)
  • lcsam: removed duplicate line breaks in X-Spam-Report

Archive