DirectAdmin 1.49.0 has been released

DirectAdmin Support

Administrator
Staff member
Joined
Feb 27, 2003
Messages
9,158
Hello,

We're pleased to announce the release of DirectAdmin 1.49.0.

Full list of changes:
directadmin.com/versions.php?version=1.49

New Features:

Security:

Bugfixes:


Thanks!

John
 
Before this, when SNI was enabled, any Admin account on the server IP has their "User Level -> SSL Certs" files point to the shared server cert:
/etc/httpd/conf/ssl.cert/server.crt

This change, when SNI is enabled, allows an Admin account on the server IP to instead control the User location of the cert:
/usr/local/directadmin/data/users/admin/domains/domain.com.crt
because SNI knows where to look, so the server IP (which is a shared, name-based hosting IP) can allow a certificate on all domains that want to have one.

The catch of course is that to change the shared server certificate, you'd have to do it manually in ssh.. but it would then only apply to https://1.2.3.4 connections, since at a minimum, all domains should be able to create their own self-signed certs, or purchase their own valid certificates.

John
 
Thanks John I think I wasn't clear, what I meant was that I'm currently having SNI enabled and an certificate on the admin account, I was wondering how this change affects existing installations. Since the certificate right now is still in server.crt, at what point on this box will it be in domain.com.crt? Maybe after I update DA or if I re-save the certificate in DA? It's because I recently saw that the domain.com.cert already exists on that box but it's years old so maybe if I update DA it would then serve my old certificate instead of the new one at server.crt.
 
On the "User Level -> SSL Certs" page, check to see which SSL cert it set:
Shared Server Certificate
or
Pasted Value

If my memory is correct, before, when you clicked pasted value and saved, it would have saved to the server.crt, but reset the option back to "Shared Server Cert".

So now.. it's likely still showing Shared Server Cert, and the bottom part might be blank.
Once you find the cert/key pair again (aka, in ssh), then paste it in, the "pasted value" should now stick after the save is done.

John
 
Thanks you're right :) I've just ran the update. The contents of 'Paste a pre-generated certificate and key' did change, the 'Use the server's certificate' was still selected and being used. And I've put the right key and cert back in the paste now.
 
FTPS restore

Hello,

I used the ftps function from release 1.49. Back-up is no problem, when restoring my files with ftps i get the error message invalid login/password for .......
Restoring without ftps works fine.

Can someone check and conform this?

Gr. Kuipje
 
Hello,

I used the ftps function from release 1.49. Back-up is no problem, when restoring my files with ftps i get the error message invalid login/password for .......
Restoring without ftps works fine.

Can someone check and conform this?

Gr. Kuipje


For 1 of my sites i run the daily backups:

- Full
- Database only
- mail only
- http data only

They all runned without anny issues and upload the backups to the same FTP (Synology @ home)


After the update to version 1.49 i have the issue that the backups that contain any Email data (The full and the email only) will be create succes full but uploading will fail.

The last succesfull backup is 1,29 GB of size.


This is the error i get:

User adsloten has been backed up. <10:43:11>
ftp_upload.php exit code: 1
ftp_upload.php output: Could not fdopen: Invalid argument.
ncftpput: cannot open sstomp.nl: fdopen for writing failed.
ncftpput return code: 1
<10:43:12>

Although a backup error has occurred, the upload of valid backups would have still been attempted to ftp://sstomp.nl/BackupTransIP/Adslotenmaker/email/2015-10-19 <10:43:12>


Any one that can help me out ?
 
Found/fixed the bug.
Will release 1.49.1 in a few moments.

For a manual fix, edit:
/usr/local/directadmin/scripts/ftp_upload.php

change:
TIMEOUT=NEW_TIMEOUT;

to be:
TIMEOUT=${NEW_TIMEOUT};

The bug snuck past our testing.
Sorry about that!

John
 
Back
Top