Changelog

Changes in version 3.2.1 Build 17465 (24.04.2026):

• Frontend: fixed typo leading to error when traffic was >= 1TB (GH-130)
• Frontend: fixed selection of wrong e-mail template when sending login data to customer
• Backend: fixed bug when saving reseller settings in certain cases (old / uninitialized accounts only)
• updated SQLite to 3.53.0

Changes in version 3.2.1 (23.04.2026):

• Frontend: allow editing/changing contact data of customers’ main user
• Backend: supporting “old” encrypted object IDs from LiveConfig 2.x API
• Backend: added LCDefaults option rrd.retention to allow automatic deletion of old RRD data from unlimited archives
• Backend: fixed bug when user is member of a very large group (i.e. lc-sftponly)
• Backend: TLS certificates sometimes were not completely removed from database when deleted with domain
• Backend: expiring TLS certificates marked for deletion won’t be renewed any more
• Backend: fixed bug when reseller creates a new customer while reseller settings have not yet been initialized
• Installer: added dependencies and check for availability of systemd

Changes in version 3.2.0 Build 17417 (17.04.2026):

• Backend: fixed bug when very old (Confixx-imported) databases were still in state “database being added”
• Backend: fixed bug when deleting database while same login is still used with other databases (also affecting Confixx-imported databases)
• Backend: fixed bug when calculating next available account number or customer number
• Backend: fixed bug affecting backups on multi-server deployments (resources on remote server couldn’t be backed up in certain cases)

Changes in version 3.2.0 Build 17401 (15.04.2026):

• Frontend: Server report was limited to 10 rows
• Backend: fixed bug when adding/editing TLSA record (PCRE check failed)
• Backend: fixed bug when checking for resources to be deleted while server is not connected (GH-129)

Changes in version 3.2.0 (14.04.2026):

• Frontend: added reports
• Frontend: added newsletter
• Frontend: allow sending e-mail with login details to users
• Frontend: allow custom CSS (GH-9)
• Frontend: show values for extension/zend_extension when editing php.ini settings
• Frontend: don’t show web terminal if not available (i.e. Basic license or LiveConfig <3.0)
• Frontend: updated Xterm.js to 6.0.0
• Frontend: allow upper-case characters for mailbox name (converted to lower-case automatically)
• Frontend: fixed/improved configuration of web statistics
• Frontend: improved usability of several selectors (TLS certificates, customers, contacts)
• Frontend: fixed Single Sign-On to phpMyAdmin (GH-111)
• Frontend: fixed bug in AppInstaller when WordPress and/or phpMyAdmin were not allowed for installation
• Frontend: fixed missing button to manually create webspace backups
• Frontend: check for forbidden e-mail forwarding targets (LCDefaults mail.forwards.blacklist)
• Frontend: improved usability when error in multi-tab input (i.e. e-mail) has occured in an inactive tab
• Frontend: fixed bug in webspace log viewer
• Backend: improved support for LiveConfig 2.x clients
• Backend: support more TSIG algorithms for external DNS servers
• Backend: e-mail autoresponder wasn’t disabled automatically when an end date was set
• Backend: fixed bug when setting floating-point values for spam filter thresholds (sometimes rejected as “invalid input”)
• Backend: enable sending TLS expiration mails by default for new automated certificates
• Backend: it wasn’t possible to create (manual) TLS certificates with wildcard domain name
• Backend: fixed deletion of accounts when no webserver is assigned any more
• Backend: check for pending account deletion during start
• Backend: fixed bug when deleting MySQL database from LC2 client
• Backend: fixed FTP permission on hosting templates when permission has been added subsequently
• Backend: e-mail password was not updated when saving via self-service
• Backend: SPF records have not been updated when default SPF for a SMTP server has been modified
• Backend: fixed hangup when deleting e-mail alias or forward with SQLite backend
• Backend: allow editing mailboxes when e-mail quota is exceeded but mailbox size not increased
• Backend: proper error handling when sendmail is not available (GH-122)
• Backend: fixed bug when saving TSIG key for external DNS server (GH-119)
• Backend: TSIG keys have not been created automatically for managed secondary DNS servers (GH-121)
• Backend: A/AAAA record was not removed from www subdomain when webspace got disabled for non-www subdomain and “sync with www” option was set
• Backend: added checks to not allow DynDNS while Webspace is enabled
• Backend: fixed license activation during AutoDeploy
• Backend: restricted access for editing crontab files
• added support for SSHFP DNS records
• lcsam (LiveConfig SpamAssassin Milter): supporting configuration file (/etc/liveconfig/lcsam) to set custom reject codes and bounce message
• improved checks for duplicate e-mail aliases or forwarding targets
• allow enabling of TLS (and optionally validate TLS server certificate) when LiveConfig database is on a remote MySQL/MariaDB server (db_options=tls|tls-verify-server)
• updated OpenSSL (3.5.6 LTS), MariaDB Connector/C (3.4.8), SQLite (3.51.3) and cURL (8.19.0)
• --db-check command now also detects gaps in account structure
• --db-repair command now also deletes orphaned customer records
• fixed bug in pam_lac module when /etc/liveconfig/lac.users has not been created yet (GH-116)

Changes in version 3.1.4 (12.12.2025):

• Backend: refactored (improved) time-series data handling (RRD) (resolves periodically slow-down/hanging requests since 3.0.5)

Changes in version 3.1.3 (09.12.2025):

• Frontend: display webserver hostname instead of server ID in webspace overview (GH-112)
• Frontend/Backend: fixed bug with wildcard e-mail addresses
• Backend: e-mail aliases and forwarding targets were not properly deleted from virtual_alias file (affected addresses are fixed automatically with this update)
• Backend: fixed bug when deleting a subdomain

Changes in version 3.1.2 (27.11.2025):

• Frontend: fixed various issues with backup plans (GH-75, GH-91)
• Frontend: fixed rounding issue in spam filter thresholds
• Frontend: show name of underlying reseller account when editing an account
• Frontend: optionally accept overprovisioning of existing accounts when reducing resources of a reseller account
• Backend: added --db-repair command to CLI
• Backend: improved detection of AlmaLinux
• Backend: fixed “unresolvable permission problem” in some special cases (nested reseller structure with cross-assigned templates)
• Backend: fixed bug when creating additional user (typo in SQL)
• Backend: fixed configuration issue with Postfix when SRS is enabled and an outbound IPv6 address selected (GH-110)
• Backend: adjusted Postfix service name in lclogparse.conf on Debian 13 (GH-107)
• Backend: fix base directory part in /etc/dovecot/passwd (mailboxes created before 06/2021 might have /var/mail instead of /var/mail/<account>/<id>, this leads to problems with Dovecot 2.4 (Debian 13))
• Backend: when saving ProFTPD configuration, missing DSO modules are added to modules.conf (i.e. after upgrading from Debian 12 to 13)
• changed systemd dependency from network.target to network-online.target
• LAC: PHP extensions from Remi repository were not loaded due to filtered /etc/opt/remi directory
• LAC: fixed removal of user slice drop-in when disabling container
• LAC: terminate running processes when stopping a container

Changes in version 3.1.1 (11.11.2025):

• Frontend: added “early” input validation to DNS editor, improved input of TLSA RRs
• Backend: improved Postfix configuration on RPM systems (CentOS/Rocky/Alma) to support chroot configuration for sendmail by managing files in /var/spool/postfix/etc
• Backend: improved logging when NotFoundException (“Object not found or not permitted”) occurs, contains object name and identifier now
• Backend: updated cURL (8.17.0), PCRE2 (10.47), SQLite (3.51.0) and libunbound (1.24.1)
• Backend: in some cases, DNS A/AAAA/MX records were not created immediately when a new subdomain has been added (on own nameservers)
• Backend: when re-enabling e-mail for a domain/subdomain, the SPF record was not set in DNS
• Backend: fixed Sieve configuration for Dovecot 2.4 on Debian 13

Changes in version 3.1.0 (03.11.2025):

• Frontend: if e-mail autoresponder is disabled via LCDefaults, don’t show autoresponder options when logging in with e-mail account
• Frontend: fixed issue in quick search when search result belongs to a reseller customer
• Frontend: fixed bug when customer changes SPF record of managed domain (new setting wasn’t saved)
• Frontend: automatically calculate/increase account name (number) according to configured account name prefix
• Frontend: show webmail URL in mailbox info (if configured at Servers -> Mailserver -> Dovecot)
• Frontend: it’s now possible to switch into a customer account directly from quick search
• Backend: fixed bug when bulk-adding domains without ‘www’ subdomain and without e-mail
• Backend: fixed issues with managed DNSSEC keys and orphaned .jbk/.signed/.signed.jnl files when deleting zones on Debian 13
• Backend: optimized DNS RR updates (prevent multiple identical updates, avoid removing & adding RR when updating data)
• Backend: removing references to deleted TLS certificates from subdomains
• Backend: fixed mailbox quota configuration with Dovecot 2.4+
• Backend: public keys for DKIM records created with v3.0.x were published in wrong format (PKCS#1 instead of SubjectPublicKeyInfo) - corresponding DNS records are automatically updated
• Backend: trigger pending DNS update jobs when LiveConfig is restarted
• Backend: adjust file owner of BIND zone files (bind instead of root)
• Backend: fixed bug when editing CAA record of a domain (not updated dynamically into zone)
• Backend: limited maximum TTL for DNS records to 86400 seconds (to mitigate problems with DNSSEC)
• Backend: prepared for upcoming license key certificate rollover

Changes in version 3.0.8 (20.10.2025):

• Frontend: allowing only one KSK for DNSSEC (until KSK rollover available with dnssec-policy)
• Frontend: automatic end date of e-mail autoresponder could not be disabled
• Frontend: hide e-mail autoresponder if disabled via LCDefaults setting mail.autoresponder.enabled
• Frontend: fixed bug with “incompatible” IPv6 log filter settings from LiveConfig 2.x (GH-22)
• Frontend: fixed problem when running zsh as login shell via web terminal
• Frontend: don’t show e-mail MobileConfig link when AutoConfig is not enabled on mail server
• Frontend: fixed various issues when editing php.ini settings for own accounts (GH-73) and customer accounts
• Backend: fixed bug when updating DNSSEC settings of existing domains
• Backend: changed order of Postfix milters to run OpenDKIM milter before SpamAssassin (lcsam), which might rewrite mail subject
• Backend: fixed bug when deleting pure mail forwarding addresses (sometimes blocked deletion of domains/accounts)
• API: relaxed constraints for Dynamic DNS user name (1-40 ASCII characters)
• improved backward compatibility between LiveConfig 3.x server and LiveConfig 2.x clients in multi-server environments

Changes in version 3.0.7 (10.10.2025):

• Frontend: added input field for DNS serial number when adding a domain on managed nameservers
• Frontend: show errors from DNS RRs when submitting invalid data in DNS editor (GH-97)
• Frontend: improved error messages when limits are exceeded while editing an account or a template
• Frontend: allow empty TTL field for custom DNS RRs to use default value from zone (GH-97)
• Backend: updated OpenSSL (3.3.5), Expat (2.7.3) and libunbound (1.24.0)
• Backend: fixed bug when sorting mailbox list by I/O
• Backend: fixed bug when updating RRD data has failed
• Backend: fixed bug when permitting external access from a /24 subnet to MySQL/MariaDB databases
• Backend: fixed bug when adding new domain via API and using wwwSync option
• Backend: fixed bug when revoking SSH/SCP permission (GH-93)
• Backend: fixed broken database record when domain name of a mailbox has been changed
• Backend: added more sanity checks for custom DNS records (i.e. no CNAME with other data, no NS for empty host name)
• Backend: when disabling webspace (HTTP) for a subdomain and the DNS of that domain is managed by LiveConfig, only the A record was removed from DNS, not the AAAA record.
• Backend: check for conflicting A/AAAA/MX record when trying to create a CNAME record
• Backend: check for conflicting CNAME record when enabling webspace or e-mail for a subdomain
• Backend: update all MX records when hostname or MX setting for SMTP server is changed
• LAC: fixed problem with accounts using suexec wrapper when LAC was not enabled

Changes in version 3.0.6 (01.10.2025):

• Frontend: fixed bug when editing any www subdomain (preferred subdomain dropdown contained www.www...)
• Frontend: new Cron jobs are now “active” by default (GH-77)
• Frontend: creating new directories via web file manager with permissions 0755 instead of 0700
• Backend: fixed missing slash in password reset mail (triggered by administrator/reseller)
• Backend: fixed bug when deploying automated TLS certificates (when “sync with www subdomain” was enabled, this could have resulted in broken configurations since 3.0.5)
• Backend: fixed another bug with “sync with www subdomain” when using existing TLS certificates
• Backend: fixed several bugs which prevented account deletion being completed
• Backend: fixed bug which did not retrigger account deletion on restart

Changes in version 3.0.5 (26.09.2025):

• Frontend: sort list of IP addresses in web server page
• Frontend: require password when changing e-mail type from forwarding to mailbox
• Frontend: fixed bug when disabling custom logo which has also been used on login page
• Frontend: fixed display bug with custom logo (GH-85)
• Backend: fixed bug when trying to add new e-mail address while hosting accounts with invalid/orphaned mail servers exist
• Backend: LiveConfig log files were not rotated
• Backend: update SMTP statistics on sent/received mails per mailbox every 15 minutes
• Backend: update disk usage data every 15 minutes
• Backend: added man pages for lclogparse(1) and lclogsplit(1)
• Backend: don’t abort upgrade if /etc/liveconfig/tls-*.json does not exist (any more)
• Backend: fixed bug when changing system password for an account while server default locale is configured to non-english
• Backend: fixed bug when changing template for an account which requires server(s) to be selected for new features

Changes in version 3.0.4 (22.09.2025):

• Frontend: e-mail isn’t required for cron jobs any more (GH-76)
• Frontend: fixed bug when editing number of parallel jobs for backup (GH-70)
• Frontend: fixed enabling/disabling of allowlists/denylists (GH-62)
• Frontend: preselecting “redirect to HTTPS” by default when enabling HTTPS
• Frontend: error wasn’t displayed when selected default backup storage hasn’t been initialized (GH-69)
• Frontend: it was possible to define non-mailbox e-mail addresses without forwarding addresses
• Frontend: added “open in new tab” icon to domain/subdomain list
• Backend: prefix wasn’t considered when checking syntax of FTP account names (GH-66)
• Backend: fixed bug when adding new subdomain in account without mail server while AutoConfig was enabled by default (GH-72)
• Backend: http_proxy_url was not used when building links e.g. for password reset e-mail (GH-68)
• Backend: updated SQLite to 3.50.4
• Backend: updated Expat to 2.7.2
• Backend: updated cURL to 3.16.0
• Backend: updated PCRE2 to 10.46
• Backend: deleted TLS certificates were counted in some statistics
• Backend: when editing a subdomain and enabling HTTPS (to order a Let’s Encrypt certificate), the certificate didn’t contain the “www” subdomain in SAN even if corresponding checkbox was set.
• Backend: when adding a new domain, in some cases the non-www and www subdomains had different default settings
• Backend: fixed bug when requesting MobileConfig (e-mail settings for iOS/iPadOS)
• Backend: fixed bug when deleting mailboxes when outbound limit was configured but LCPolicyd not enabled any more
• Backend: fixed bug when using external DNS resolvers

Changes in version 3.0.3 (25.08.2025):

• Frontend: DNS servers (non-external) were not selected when editing DNS template in some cases (GH-47)
• Frontend: fixed broken limit check when adding external domain (GH-49)
• Frontend: fixed display error in mailbox size when mailbox usage was >4095 MB (GH-29)
• Backend: fixed bug when editing reseller account and multiple hosting templates with same name exist
• Backend: fixed bug in check for over-provisioning of apps and website builder sites in reseller accounts
• Backend: fixed bug in SQL when deleting TLS certificates with an account (GH-38)
• Backend: fixed configuration of HTTP/2 on NGINX >=1.25.1
• Backend: removed deprecated setting smtpd_tls_dh1024_param_file on Postfix 3.9+
• Backend: fixed Dovecot 2.4 configuration issue with auth_allow_cleartext (GH-42)
• Backend: removing orphaned records from TSIGKEYS and NAMESERVERS (when server has been deleted manually)
• Backend: fixed bug when editing permissions of existing users (GH-52)
• Backend: TLS accounts created with LiveConfig 2.x couldn’t be used in some cases
• Backend: LCDefaults setting dns.externalResolver was ignored
• moving contents of /var/mail/<account>/<id>/Maildir/ one level up (affecting only Debian 13 / Dovecot 2.4)

Changes in version 3.0.2 (15.08.2025):

• Frontend: save setting of dark mode / light mode per device
• Frontend: several minor color/CSS improvements and bugfixes
• Frontend: disabling “First Steps” box wasn’t possible in some cases
• Backend: added support for Debian 13 (“Trixie”)
• Backend: automatically updating configuration files when version of SMTP or IMAP software has changed (i.e. during dist-upgrade)
• Backend: fixed bug when updating reseller account settings
• Backend: fixed process leak when web terminal was closed unexpectedly
• Backend: fixed bug on certain data conditions when saving subdomain settings with SQLite
• CLI: added some diagnostic helper functions

Changes in version 3.0.1 (05.08.2025):

• Backend: don’t skip network interfaces with veth driver
• Backend: allow also using host name for network socket interfaces (e.g. http_ssl_socket)
• Backend: update DNSSEC settings of all domains migrated with v2.18.0 which have a 4096 bit RSA key
• Installer: when upgrading from LiveConfig v2, some services where masked and disabled (lclogparse/lcpolicyd/lcsam/etc.)
• Tools: added lcdns tool to remove orphaned DNSKEY RRs from domains

Changes in version 3.0.0 (01.08.2025):

• Frontend: fixed bug when copying DKIM key to clipboard
• Frontend: fixed bug when redirecting to external website builder URL
• Frontend: added link to privacy statement for crash reports and server statistics
• Frontend: added support to select managed TLS certificate for LiveConfig HTTPS interface
• Frontend: fixed displaying usage stats in account overview boxes
• Frontend: show lock/suspend status in account overview box (GH-15)
• Backend: fixed bug when adding site builder website
• Backend: added database integrity check for accounts with invalid mail server
• Backend: used mailbox size was returned in kB instead of MB
• Backend: license not loaded in client process when activated during onboarding
• Backend: link in password reset e-mail didn’t contain http_url_prefix
• Backend: fixed bug when automated TLS certificate has been renewed and another identical certificate already exists
• Backend: TLS certificate job wasn’t started when adding a new subdomain with automated TLS certificate
• API: configure SSO login via LCDefaults setting login.sso.mode (GH-28)
• Installer: adjust permissions for sslcert.pem

Changes in version 3.0.0-rc12 (18.07.2025):

• Frontend: added extension management
• Frontend: added Site.pro extension
• Frontend: allow modification of php.ini settings in customer accounts (GH-32)
• Frontend: numerous minor bugs and glitches fixed
• Backend: added extension API
• Backend: allow longer names for MySQL/MariaDB databases (32 instead of 16 characters)
• Backend: fixed minor issues and adjusted API for IP group management
• Backend: immediately deploy changed quota settings to server
• Backend: don’t delete admin (reseller) settings if deleting a reseller account on admin level
• Backend: improved AppInstaller (better logging on errors, limit domain selection to current account, fixed possible erroneous domain configuration)
• Backend: fixed bug when bulk-adding domains to an account
• updated libraries (OpenSSL, cURL, SQLite)

Changes in version 3.0.0-rc11 (03.07.2025):

• Frontend: fixed display bug in web traffic table
• Frontend: fixed bug in phpMyAdmin SSO feature
• Backend: improved error reporting when creation of customer fails
• Backend: support custom “htdocs” directory (as in LC 2.x) via LC.web.HTDOCS_PATH (GH-35)
• Backend: support custom webspace root path (as in LC 2.x) (GH-36)
• Backend: allow restricting server access via web terminal (new configuration file setting terminal=no|users|root|all)
• Backend: fixed bug when deleting a mail forward address
• Backend: added “old” uploadscan.sh script to not break existing installations with PHP 5.x and suhosin
• Backend: improved and accelerated automated TLS orders (Let’s Encrypt) (GH-33)
• Backend: finished Extension API, migrating existing websites from Site.Pro extension (GH-5)
• Installer: LiveConfig not restarted after upgrade in some cases (only when some early v3 test version has been installed)

Changes in version 3.0.0-rc10 (16.06.2025):

• Frontend: when expanding domain to show subdomain list, only the first 10 subdomains where displayed
• Backend: fixed error “Failed to load dbserver id from database”
• Backend: order process for new automated TLS certificates wasn’t triggered in some cases
• Backend: migrate Let’s Encrypt accounts from LiveConfig 2.x to fix renewal of existing TLS certificates
• Backend: re-enabled endpoint for simple Nagios check (/liveconfig/nagios-check)
• API: return DNSSEC key digest (for DS record) with domain details
• API: returned no webapp name in subdomain list in some cases

Changes in version 3.0.0-rc9 (06.06.2025):

• Backend: peer IPv6 addresses were shortened unintentionally
• Backend: fixed problem with decryption of “old” passwords (early LiveConfig 2.x versions) due do extra data after alignment
• Backend: fixed bug when transferring data from/to remote LCCP servers (connection was reset under some circumstances)
• Backend: LiveConfig Client wasn’t able to submit crash reports
• Backend: fixed bug when receiving web traffic statistics for unknown (sub)domain
• Backend: fixed bug when editing any property on accounts where web statistics were enabled (rejected with “missing input”)
• Backend: fixed issue when network connection got congested during large database dump download from LCCP remote server

Changes in version 3.0.0-rc8-2 (04.06.2025):

• Backend: fixed issue when reporting detected PHP versions to LiveConfig 2.x server
• Installer: fixed bug when lclogparse.status file existed from LiveConfig 1.x installation

Changes in version 3.0.0-rc8 (03.06.2025):

• Frontend: fixed bug when trying to add contact data for a new user
• Frontend: renamed “SOAP API” permission to “REST API”
• Frontend: sort PHP settings by name (within webspace settings)
• Backend: fixed and improved checks for editing user object
• Backend: check limits when adding a new user
• Backend: improved error logging when sending e-mail fails
• Backend: fixed crash (in very rare cases) after execution of external commands through Lua
• Backend: admin user may add unlimited users
• API: adjusted check for valid user names
• Installer: LiveConfig service wasn’t restarted after upgrade