Directadmin 1.39.0 - Release Candidate 1

[DirectAdmin Support]

Hello,

DirectAdmin 1.39.0 Release Candidate #1 is now ready for testing.

There are several security enhancements such as:
- Brute Force Log scanner id=1227
- login_pre.sh to prevent session creation, even if the password is correct id=1223

As well as a few minor features and bugfixes.

Full list of changes can be found here:
http://www.directadmin.com/versions.php?version=1.385000

To get this package in pre-release form, login to your Clients Section
Click your license ID, and follow the pre-release download instructions.

Note that the version in the RC1 binaries will remain "1.38.4".
You can tell you've got the new binaries by running directadmin with the "o" option to check the build date.
It should be somewhere around June 19th, or newer:

[root@server directadmin]# ./directadmin o
Compiled on 'Redhat CentOS 4.0'
Compile time: Jun 19 2011 at 18:34:20
Compiled with IPv6
[root@server directadmin]#

John

 

[ISOS6]

Hello John!

I have a feedback to you.

You have not given any class name to form items such checkbox, button, etc. I'm talking about things that are embedded and can not change in the skins. Can you give a name eg, id="formbutton" id="checkbox" etc...

I have to spend so much time using PHP and replace feature, and it does not work optimally.

Thanks in advance!

 

[LawsHosting]

- login_pre.sh to prevent session creation, even if the password is correct

I do like this a lot.

 

[DirectAdmin Support]

Just added:
http://www.directadmin.com/features.php?id=1229
http://www.directadmin.com/features.php?id=1228

Check for ./directadmin o build dates around:

Compile time: Jun 21 2011 at 03:02:35

John

 

[SeLLeRoNe]

Should be added in this release the ability to let user change/remove/readd account assigned domain name?

Should be called user_modify_post.sh when email address is changed in user info?

I would really need those two features asap.

Thanks

 

[Dauser2007]

i hope there will be have some feature for automatic block the attempts ips. such as setting block time, how many attempts times then get block, and have a blocked ip list etc.


Best regards!

Dauser

 

[ju5t]

In what way do these security changes affect CSF/LFD? Why would you want to limit the connection on IP within the DirectAdmin session instead of tightening your firewall?

Similar goes for brute force detection. Why has another option been added while CSF/LFD does a really good job.

 

[LawsHosting]

Similar goes for brute force detection. Why has another option been added while CSF/LFD does a really good job.

Not everyone uses it maybe?

 

[nobaloney]

For example, CSF doesn't work with FreeBSD based servers.

Jeff

 

[Wunk]

Feedback: The Brute Force is really really heavy on servers with big logs (800-ish accounts), after an update I just had 30-40 dataskq processes running, going over the logs, upping the server load to 50..

This needs some smoothing out, I suggest disabling this feature by default for now

 

[RSanders]

New Message: DirectAdmin has been updated

So I come in this morning to find a new version of DA and an 89 load average,

I'll post this here because looks like the most relevant thread for 1.39

0503 EDT
New Message: DirectAdmin has been updated

Immediately following,
0515 EDT
New Message: Warning: The system load average is 10.06
Automatically generated email produced by DirectAdmin 1.39.0

It's fluctuating, but there are now around ~300 dataskq processes. All of the DA logs are 0 length except system and errortaskq, which only had events from before the update. The load average is floating in the 80's with no other noticeable problems i.e. attack or disk failure.

This doesn't seem like it should have been sent to production servers just yet. This server is now down 15 minutes after attempting a reboot. I'm going to head up to the datacenter floor and take a look, I'll post if I see any more related information but I'm guessing it's hung.

 

[Wunk]

And another issue on another server with CentOS5 and MySQL 5.0.51a after I updated:

[root@shared-dedi-3 ~]# /etc/init.d/directadmin restart
Stopping DirectAdmin: [FAILED]
Starting DirectAdmin: /usr/local/directadmin/directadmin: error while loading shared libraries: libmysqlclient.so.16: cannot open shared object file: No such file or directory
[FAILED]

 

[RSanders]

Yeah our production server is stuck running 100% CPU from dataskq tasks since this update. Still not able to find any logged event suggesting a cause. Oh Monday Monday

 

[Wunk]

Yeah our production server is stuck running 100% CPU from dataskq tasks since this update. Still not able to find any logged event suggesting a cause. Oh Monday Monday

Go to the administrator settings, and set the 'Parse service logs for brute force attacks ' to No

Then kill -15 the running dataskq processes, if there's a lot of them, do something along the lines of:

ps aux | grep dataskq | grep -v grep | awk '{print $2}' | xargs kill -15

to kill them all at once (make it kill -9 if they don't want to stop)

Solved it for us

 

[RSanders]

Go to the administrator settings, and set the 'Parse service logs for brute force attacks ' to No

Then kill -15 the running dataskq processes, if there's a lot of them, do something along the lines of:

ps aux | grep dataskq | grep -v grep | awk '{print $2}' | xargs kill -15

to kill them all at once (make it kill -9 if they don't want to stop)

Solved it for us

I was able to get this machine to settle down after turning this off and killing the tasks. I'm going over some of our other servers, seems it's a hit or miss if they are misbehaving but so far they have all auto-updated to this version.

 

[mjm]

i hope there will be have some feature for automatic block the attempts ips. such as setting block time, how many attempts times then get block, and have a blocked ip list etc.


Best regards!

Dauser

I second this request. No sense in notifying me without blocking them...

 

[YMTan]

DirectAdmin died after updated to 1.39.0

After updating DA to 1.39.0, I found the DA is dead.
While checking using
service directadmin status
it shows
directadmin dead but subsys locked

If manually restart directadmin, we got
/usr/local/directadmin/directadmin: error while loading shared libraries: libmysqlclient.so.16: cannot open shared object file: No such file or directory

Need help urgently.

 

[SeLLeRoNe]

search in this forum, has already been discussed.

Regards

 

[DirectAdmin Support]

Hello,

1) I found that the CentOS 5 64-bit binaries were linked to libmysqlclient.so.16 when they might have not been before. I'm going to rebuild them and force them not to link to it (they'll have internal mysql code).
Once I release 1.39.1, use this guide to grab the new version.

2) We had a few reports of the dataskq going crazy after the update, and it was found to be caused by very large logs that take more than 1 minute to parse, causing the dataskq from the next minute to start parsing the same log from the start, slowing down the whole system. A lock file has been added.

I'll be releasing 1.39.1 shortly.

John

 

[Angelokreikamp]

Bruteforce

Hello directadmin,

The brute force banning wont work it says succesfully blocked ip
i look in to the file and its empty still the attacking ip can connect same does
for
etc/host.deny if i add ips still getting trough?

I realley need to block this brute forcer it has over 4200 login attempts