DirectAdmin 1.62.0 has been released

[LawsHosting]

Is it wise to wait for the "fixed" version before upgrading?

Now I know why I don't let custombuild update stuff automatically.

 

[Richpark]

Here's my thread on my API issues, the problems I encountered, and my fixes:

API Completely Broken After Update

I'm using the PHP API script, as we have for the last decade. Every single API call now fails with: 400_Bad_Request:_malformed_Host_header How can you release these breaking changes?! Please advise, this has absolutely crippled our hosting platform. Nothing is working.

forum.directadmin.com

I'm very disappointed that breaking changes have been forced on long-standing customers.

 

[ofisimo]

Automatic SSL Certificate management how to cancel?

 

[ViT]

I'm using ssl_redirect_host your.hostname.com but after update version 1.62, it's not working.
And Every single API call now fails with:
400_Bad_Request:_malformed_Host_header

 

[smtalk]

Automatic SSL Certificate management how to cancel?

/usr/local/directadmin/directadmin set admin_ssl_check_retries 0
service directadmin restart

 

[smtalk]

I'm using ssl_redirect_host your.hostname.com but after update version 1.62, it's not working.
And Every single API call now fails with:
400_Bad_Request:_malformed_Host_header

httpsocket 2.x is EOL, replace it with 3.x: http://files1.directadmin.com/services/all/httpsocket/

Regarding ssl_redirect_host - it's been removed, when you visit domain.com:2222 you automatically get redirected to https://domain.com:2222. If you want to be redirected even further - force_hostname should redirect from https://domain.com:2222 to the desired domain.

 

[ikkeben]

For now it seems after updated vps apache to latest and DA 1-62-0

Seems slower and errors that weren't before not sure about it but DA update did hang vps not reachable then after a while it was.

There the message log update was in gui latest custombuild when update DA itself:
This inlog file directadmin error log.

2021:06:11-10:00:15: pid 1263814 killed by signal 15 (data: {"data":"\u001b[1mUpdating DirectAdmin\u001b(B\u001b[m\n","finished":false}

he

)

• [1mUpdating DirectAdmin(B[m

This appachelog update:
[1m*** MD5 Checksum for patches/mod_suexec_directory.patch Failed. Redownloading...***(B[m

Downloading patches/mod_suexec_directory.patch...
--2021-06-08 16:39:54-- https://files6.directadmin.com/services/custombuild/patches/mod_suexec_directory.patch
Resolving files6.directadmin.com (files6.directadmin.com)... 62.148.174.106, 2001:16e8:1:c:62:148:174:106
Connecting to files6.directadmin.com (files6.directadmin.com)|62.148.174.106|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1305 (1.3K) [text/plain]
Saving to: '/usr/local/directadmin/custombuild/patches/mod_suexec_directory.patch'

0K . 100% 113M=0s

2021-06-08 16:39:54 (113 MB/s) - '/usr/local/directadmin/custombuild/patches/mod_suexec_directory.patch' saved [1305/1305]

MD5 Checksum on patches/mod_suexec_directory.patch passed.
Backing up certificate and key, and turning off httpd for DirectAdmins's check.
Found /usr/local/directadmin/custombuild/httpd-2.4.48.tar.gz
Extracting /usr/local/directadmin/custombuild/httpd-2.4.48.tar.gz...
Found /usr/local/directadmin/custombuild/apr-1.7.0.tar.gz
Extracting /usr/local/directadmin/custombuild/apr-1.7.0.tar.gz...
Found /usr/local/directadmin/custombuild/apr-util-1.6.1.tar.gz
Extracting /usr/local/directadmin/custombuild/apr-util-1.6.1.tar.gz...

[1m*** MD5 Checksum for harden-symlinks-2.4.patch Failed. Redownloading...***(B[m

Downloading harden-symlinks-2.4.patch...
--2021-06-08 16:39:56-- https://files6.directadmin.com/services/custombuild/harden-symlinks-2.4.patch
Resolving files6.directadmin.com (files6.directadmin.com)... 62.148.174.106, 2001:16e8:1:c:62:148:174:106
Connecting to files6.directadmin.com (files6.directadmin.com)|62.148.174.106|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1944 (1.9K) [application/x-troff-man]
Saving to: '/usr/local/directadmin/custombuild/harden-symlinks-2.4.patch'

0K . 100% 161M=0s

2021-06-08 16:39:56 (161 MB/s) - '/usr/local/directadmin/custombuild/harden-symlinks-2.4.patch' saved [1944/1944]

MD5 Checksum on harden-symlinks-2.4.patch passed.
Patching apache for hardened symlinks patch...
patching file include/http_core.h
patching file server/core.c
Hunk #1 succeeded at 153 (offset 14 lines).
Hunk #2 succeeded at 1754 (offset 206 lines).
Hunk #3 succeeded at 2007 (offset 277 lines).
Enabling mod_systemd...
Enabling mod_http2...
Patching srclib/apr-util/dbm/sdbm/sdbm_private.h...
patching file dbm/sdbm/sdbm_private.h
Patching apache to suexec safedir path...
patching file configure.in
Hunk #1 succeeded at 785 with fuzz 2 (offset 45 lines).
patching file support/suexec.c
Hunk #1 succeeded at 339 (offset 25 lines).
Hunk #2 succeeded at 527 (offset 27 lines).
Hunk #3 succeeded at 571 (offset 27 lines).
Hunk #4 succeeded at 638 (offset 27 lines).
Hunk #5 succeeded at 652 (offset 27 lines).
Patching suexec for per-user process grouping
patching file support/suexec.c
Hunk #1 succeeded at 498 (offset 3 lines).
Patching apache to allow SuexecUserGroup in Directory context...
patching file modules/generators/mod_suexec.c
patching file support/suexec.c
Hunk #1 succeeded at 333 (offset 25 lines).
Configuring httpd-2.4.48
aclocal: warning: autoconf input should be named 'configure.ac', not 'configure.in'
checking for chosen layout... Apache
checking for working mkdir -p... yes
checking for grep that handles long lines and -e... /bin/grep
checking for egrep... /bin/grep -E
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking target system type... x86_64-pc-linux-gnu
configure:
configure: Configuring Apache Portable Runtime library...
configure:
configuring package in srclib/apr now
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking target system type... x86_64-pc-linux-gnu
Configuring APR library
Platform: x86_64-pc-linux-gnu
checking for working mkdir -p... yes
APR Version: 1.7.0
checking for chosen layout... apr
checking for gcc... gcc
checking whether the C compiler works... no
sed: can't read conftest.c: No such file or directory
configure: error: in `/usr/local/directadmin/custombuild/httpd-2.4.48/srclib/apr':
configure: error: C compiler cannot create executables
See `config.log' for more details
configure failed for srclib/apr

*** There was an error while trying to configure Apache 2. Check the configure/ap2/configure.apache file

Then also now this errors and then slow waiting for page comming back with domain on php 5.6 fpm before no problem:

​ [Sat Jun 12 13:47:29.236032 2021] [proxy_fcgi:error] [pid 1305039:tid 139740896802560] (104)Connection reset by peer: [client me] AH01075: Error dispatching request to : , referer:

CENTOS 8x lan setup

 

[Erulezz]

Nice update so far (with a couple of bugs/issues as seen on the forum that needs to be addressed in an update soon). Impressive speed improvements, it is really noticeable. The serverload when browser the UI is also way way less than before, so that's good. A couple suggestions;

- The Server Manager and Extra Features icons are using different (less solid) icons:



It looks ugly when you notice it.

- In User Level: hide options that are not accessible to the users. It only causes confusion and looks unprofessional with users. In this case, Nginx Url rewrites:

 

[smtalk]

- In User Level: hide options that are not accessible to the users. It only causes confusion and looks unprofessional with users. In this case, Nginx Url rewrites:

It should be already fixed in pre-release.

It looks ugly when you notice it.

It's going to be improved pretty soon.

Thank you for the feedback! Glad you noticed speed improvement

 

[Erulezz]

I do have an issue now with Nginx headers that don't work anymore after the update:

add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";

On updated servers and after ./build rewrite_confs this doesn't work anymore and with security headers test I receive an F, on old 1.61 servers the exact same config works perfectly. Is there something in the new Nginx templates that conflicts with this?

This is happening with Laravel and Matomo applications Same config on different servers, headers on 1.62 don't work. Is there something new on php-fpm that clears headers?

 

[Erulezz]

Alrighty something is broken with the new php-fpm templates:

Old nginx_php.conf:

# use fastcgi for all php files
    location ~ \.php$
    {

    try_files $uri =404;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    include /etc/nginx/fastcgi_params;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include /etc/nginx/nginx_limits.conf;
    if (-f $request_filename)
    {
    fastcgi_pass unix:/usr/local/php80/sockets/admin.sock;
    }
    }

Headers are working correctly.

New nginx_php.conf with cache stuff:

# use fastcgi for all php files
    location ~ \.php$
    {
    try_files $uri =404;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    include /etc/nginx/fastcgi_params;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    if ( $skip_cache ~ "^$" ) {
    set $skip_cache 1;
    }
    fastcgi_cache_bypass $skip_cache;
    fastcgi_no_cache $skip_cache;
    fastcgi_cache FASTCGICACHE;
    fastcgi_cache_valid 60m;
    add_header X-FastCGI-Cache $upstream_cache_status;
    include /etc/nginx/nginx_limits.conf;
    if (-f $request_filename)
    {
    fastcgi_pass unix:/usr/local/php80/sockets/admin.sock;
    }
    }

Headers do NOT work.

@smtalk @DirectAdmin Support

 

[ikkeben]

Alrighty something is broken with the new php-fpm templates:

Old nginx_php.conf:



Headers do NOT work.

@smtalk @DirectAdmin Support

Maybe not only nginx i have problem to with apache as writen above. ONy i don't know sure it is after DA update or the Apache update both errors in update from within latest Custombuild GUI.

 

[factor]

Did you try rebuilding

./build rewrite_confs this doesn't work anymore

./build clean
./build update
./build nginx
./build php
./build rewrite_confs

 

[Erulezz]

Did you try rebuilding

./build clean
./build update
./build nginx
./build php
./build rewrite_confs

Yep, tried it all. Everything up to date, ./build rewrite_confs done.
Still, Nginx headers don't work. If I use the old nginx_php.conf file it works without any issues.

The only difference between those files is this:

if ( $skip_cache ~ "^$" ) {
    set $skip_cache 1;
    }
    fastcgi_cache_bypass $skip_cache;
    fastcgi_no_cache $skip_cache;
    fastcgi_cache FASTCGICACHE;
    fastcgi_cache_valid 60m;
    add_header X-FastCGI-Cache $upstream_cache_status;

So that needs to be tested more. If that is removed from nginx_php.conf it works. Tried it on 2 servers. Old nginx_php.conf works.

 

[factor]

if ( $skip_cache ~ "^$" ) { set $skip_cache 1; } fastcgi_cache_bypass $skip_cache; fastcgi_no_cache $skip_cache; fastcgi_cache FASTCGICACHE; fastcgi_cache_valid 60m; add_header X-FastCGI-Cache $upstream_cache_status;

this is all that is different. Do you have whatever skip cache is turned on?

maybe remove those lines and test

 

[smtalk]

Alrighty something is broken with the new php-fpm templates:

Old nginx_php.conf:

# use fastcgi for all php files
    location ~ \.php$
    {

    try_files $uri =404;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    include /etc/nginx/fastcgi_params;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include /etc/nginx/nginx_limits.conf;
    if (-f $request_filename)
    {
    fastcgi_pass unix:/usr/local/php80/sockets/admin.sock;
    }
    }

Headers are working correctly.

New nginx_php.conf with cache stuff:

# use fastcgi for all php files
    location ~ \.php$
    {
    try_files $uri =404;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    include /etc/nginx/fastcgi_params;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    if ( $skip_cache ~ "^$" ) {
    set $skip_cache 1;
    }
    fastcgi_cache_bypass $skip_cache;
    fastcgi_no_cache $skip_cache;
    fastcgi_cache FASTCGICACHE;
    fastcgi_cache_valid 60m;
    add_header X-FastCGI-Cache $upstream_cache_status;
    include /etc/nginx/nginx_limits.conf;
    if (-f $request_filename)
    {
    fastcgi_pass unix:/usr/local/php80/sockets/admin.sock;
    }
    }

Headers do NOT work.

@smtalk @DirectAdmin Support

I do not see a reason why wouldn’t new headers work. Feel free to create a DA ticket for this, if license has no support - I may check it for you (free of charge), just PM me.

 

[Scott-HM]

Anyone else having an issue with renaming domains when using the Refreshed layout?

Clicking "Rename domain" does nothing.

 

[Erulezz]

I do not see a reason why wouldn’t new headers work. Feel free to create a DA ticket for this, if license has no support - I may check it for you (free of charge), just PM me.

Opening a ticket soon Really weird issue

Tested it on another up to date server. With the new nginx_conf.php file the headers don't work. If I comment out the nginx_php.conf file and insert the old nginx_php.conf file, it works without any issues?

Edit

This line is the issue for some reason:

add_header X-FastCGI-Cache $upstream_cache_status;

If I comment this out it works, if I leave it in the headers don't work Tested with Securityheaders, SSLLabs and HSTS preload
Nginx only, PHP 8

Edit 2

I created a custom template for now and commented this out (the part that is new and different with the old nginx_php.conf):

#    if ( $skip_cache ~ "^$" ) {
#    set $skip_cache 1;
#    }
#    fastcgi_cache_bypass $skip_cache;
#    fastcgi_no_cache $skip_cache;
#    fastcgi_cache FASTCGICACHE;
#    fastcgi_cache_valid 60m;
#    add_header X-FastCGI-Cache $upstream_cache_status;

and it works. This is the only difference, only updated DirectAdmin and did a ./build rewrite_confs and then it didn't work anymore. I don't have any fancy configs, just this in CUSTOM4:

add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";

 

[smtalk]

Anyone else having an issue with renaming domains when using the Refreshed layout?

Clicking "Rename domain" does nothing.

Yes, it's a known issue in refreshed layout, already fixed in pre-release.

 

[smtalk]

Opening a ticket soon Really weird issue

Tested it on another up to date server. With the new nginx_conf.php file the headers don't work. If I comment out the nginx_php.conf file and insert the old nginx_php.conf file, it works without any issues?

Edit

This line is the issue for some reason:

add_header X-FastCGI-Cache $upstream_cache_status;

If I comment this out it works, if I leave it in the headers don't work Tested with Securityheaders, SSLLabs and HSTS preload
Nginx only, PHP 8

Edit 2

I created a custom template for now and commented this out (the part that is new and different with the old nginx_php.conf):

#    if ( $skip_cache ~ "^$" ) {
#    set $skip_cache 1;
#    }
#    fastcgi_cache_bypass $skip_cache;
#    fastcgi_no_cache $skip_cache;
#    fastcgi_cache FASTCGICACHE;
#    fastcgi_cache_valid 60m;
#    add_header X-FastCGI-Cache $upstream_cache_status;

and it works. This is the only difference, only updated DirectAdmin and did a ./build rewrite_confs and then it didn't work anymore. I don't have any fancy configs, just this in CUSTOM4:

add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";

There is no CUSTOM4 block in location ~ \.php$ block If you want it to be server-wide, you may try adding it to /etc/nginx/nginx_limits.conf.