LawsHosting
Verified User
Is it wise to wait for the "fixed" version before upgrading?
Now I know why I don't let custombuild update stuff automatically.
Now I know why I don't let custombuild update stuff automatically.
Automatic SSL Certificate management how to cancel?
/usr/local/directadmin/directadmin set admin_ssl_check_retries 0
service directadmin restart
httpsocket 2.x is EOL, replace it with 3.x: http://files1.directadmin.com/services/all/httpsocket/I'm using ssl_redirect_host your.hostname.com but after update version 1.62, it's not working.
And Every single API call now fails with:
400_Bad_Request:_malformed_Host_header
2021:06:11-10:00:15: pid 1263814 killed by signal 15 (data: {"data":"\u001b[1mUpdating DirectAdmin\u001b(B\u001b[m\n","finished":false}
he
)
- [1mUpdating DirectAdmin(B[m
This appachelog update:
[1m*** MD5 Checksum for patches/mod_suexec_directory.patch Failed. Redownloading...***(B[m
Downloading patches/mod_suexec_directory.patch...
--2021-06-08 16:39:54-- https://files6.directadmin.com/services/custombuild/patches/mod_suexec_directory.patch
Resolving files6.directadmin.com (files6.directadmin.com)... 62.148.174.106, 2001:16e8:1:c:62:148:174:106
Connecting to files6.directadmin.com (files6.directadmin.com)|62.148.174.106|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1305 (1.3K) [text/plain]
Saving to: '/usr/local/directadmin/custombuild/patches/mod_suexec_directory.patch'
0K . 100% 113M=0s
2021-06-08 16:39:54 (113 MB/s) - '/usr/local/directadmin/custombuild/patches/mod_suexec_directory.patch' saved [1305/1305]
MD5 Checksum on patches/mod_suexec_directory.patch passed.
Backing up certificate and key, and turning off httpd for DirectAdmins's check.
Found /usr/local/directadmin/custombuild/httpd-2.4.48.tar.gz
Extracting /usr/local/directadmin/custombuild/httpd-2.4.48.tar.gz...
Found /usr/local/directadmin/custombuild/apr-1.7.0.tar.gz
Extracting /usr/local/directadmin/custombuild/apr-1.7.0.tar.gz...
Found /usr/local/directadmin/custombuild/apr-util-1.6.1.tar.gz
Extracting /usr/local/directadmin/custombuild/apr-util-1.6.1.tar.gz...
[1m*** MD5 Checksum for harden-symlinks-2.4.patch Failed. Redownloading...***(B[m
Downloading harden-symlinks-2.4.patch...
--2021-06-08 16:39:56-- https://files6.directadmin.com/services/custombuild/harden-symlinks-2.4.patch
Resolving files6.directadmin.com (files6.directadmin.com)... 62.148.174.106, 2001:16e8:1:c:62:148:174:106
Connecting to files6.directadmin.com (files6.directadmin.com)|62.148.174.106|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1944 (1.9K) [application/x-troff-man]
Saving to: '/usr/local/directadmin/custombuild/harden-symlinks-2.4.patch'
0K . 100% 161M=0s
2021-06-08 16:39:56 (161 MB/s) - '/usr/local/directadmin/custombuild/harden-symlinks-2.4.patch' saved [1944/1944]
MD5 Checksum on harden-symlinks-2.4.patch passed.
Patching apache for hardened symlinks patch...
patching file include/http_core.h
patching file server/core.c
Hunk #1 succeeded at 153 (offset 14 lines).
Hunk #2 succeeded at 1754 (offset 206 lines).
Hunk #3 succeeded at 2007 (offset 277 lines).
Enabling mod_systemd...
Enabling mod_http2...
Patching srclib/apr-util/dbm/sdbm/sdbm_private.h...
patching file dbm/sdbm/sdbm_private.h
Patching apache to suexec safedir path...
patching file configure.in
Hunk #1 succeeded at 785 with fuzz 2 (offset 45 lines).
patching file support/suexec.c
Hunk #1 succeeded at 339 (offset 25 lines).
Hunk #2 succeeded at 527 (offset 27 lines).
Hunk #3 succeeded at 571 (offset 27 lines).
Hunk #4 succeeded at 638 (offset 27 lines).
Hunk #5 succeeded at 652 (offset 27 lines).
Patching suexec for per-user process grouping
patching file support/suexec.c
Hunk #1 succeeded at 498 (offset 3 lines).
Patching apache to allow SuexecUserGroup in Directory context...
patching file modules/generators/mod_suexec.c
patching file support/suexec.c
Hunk #1 succeeded at 333 (offset 25 lines).
Configuring httpd-2.4.48
aclocal: warning: autoconf input should be named 'configure.ac', not 'configure.in'
checking for chosen layout... Apache
checking for working mkdir -p... yes
checking for grep that handles long lines and -e... /bin/grep
checking for egrep... /bin/grep -E
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking target system type... x86_64-pc-linux-gnu
configure:
configure: Configuring Apache Portable Runtime library...
configure:
configuring package in srclib/apr now
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking target system type... x86_64-pc-linux-gnu
Configuring APR library
Platform: x86_64-pc-linux-gnu
checking for working mkdir -p... yes
APR Version: 1.7.0
checking for chosen layout... apr
checking for gcc... gcc
checking whether the C compiler works... no
sed: can't read conftest.c: No such file or directory
configure: error: in `/usr/local/directadmin/custombuild/httpd-2.4.48/srclib/apr':
configure: error: C compiler cannot create executables
See `config.log' for more details
configure failed for srclib/apr
*** There was an error while trying to configure Apache 2. Check the configure/ap2/configure.apache file
|
It should be already fixed in pre-release.- In User Level: hide options that are not accessible to the users. It only causes confusion and looks unprofessional with users. In this case, Nginx Url rewrites:
It's going to be improved pretty soon.It looks ugly when you notice it.
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";
# use fastcgi for all php files
location ~ \.php$
{
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/nginx_limits.conf;
if (-f $request_filename)
{
fastcgi_pass unix:/usr/local/php80/sockets/admin.sock;
}
}
# use fastcgi for all php files
location ~ \.php$
{
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if ( $skip_cache ~ "^$" ) {
set $skip_cache 1;
}
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache FASTCGICACHE;
fastcgi_cache_valid 60m;
add_header X-FastCGI-Cache $upstream_cache_status;
include /etc/nginx/nginx_limits.conf;
if (-f $request_filename)
{
fastcgi_pass unix:/usr/local/php80/sockets/admin.sock;
}
}
Maybe not only nginx i have problem to with apache as writen above. ONy i don't know sure it is after DA update or the Apache update both errors in update from within latest Custombuild GUI.Alrighty something is broken with the new php-fpm templates:
Old nginx_php.conf:
Headers do NOT work.
@smtalk @DirectAdmin Support
./build rewrite_confs this doesn't work anymore
./build clean
./build update
./build nginx
./build php
./build rewrite_confs
Did you try rebuilding
Code:./build clean ./build update ./build nginx ./build php ./build rewrite_confs
if ( $skip_cache ~ "^$" ) {
set $skip_cache 1;
}
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache FASTCGICACHE;
fastcgi_cache_valid 60m;
add_header X-FastCGI-Cache $upstream_cache_status;
this is all that is different. Do you have whatever skip cache is turned on?if ( $skip_cache ~ "^$" ) { set $skip_cache 1; } fastcgi_cache_bypass $skip_cache; fastcgi_no_cache $skip_cache; fastcgi_cache FASTCGICACHE; fastcgi_cache_valid 60m; add_header X-FastCGI-Cache $upstream_cache_status;
I do not see a reason why wouldn’t new headers work. Feel free to create a DA ticket for this, if license has no support - I may check it for you (free of charge), just PM me.Alrighty something is broken with the new php-fpm templates:
Old nginx_php.conf:
Code:# use fastcgi for all php files location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; include /etc/nginx/fastcgi_params; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include /etc/nginx/nginx_limits.conf; if (-f $request_filename) { fastcgi_pass unix:/usr/local/php80/sockets/admin.sock; } }
Headers are working correctly.
New nginx_php.conf with cache stuff:
Code:# use fastcgi for all php files location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; include /etc/nginx/fastcgi_params; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; if ( $skip_cache ~ "^$" ) { set $skip_cache 1; } fastcgi_cache_bypass $skip_cache; fastcgi_no_cache $skip_cache; fastcgi_cache FASTCGICACHE; fastcgi_cache_valid 60m; add_header X-FastCGI-Cache $upstream_cache_status; include /etc/nginx/nginx_limits.conf; if (-f $request_filename) { fastcgi_pass unix:/usr/local/php80/sockets/admin.sock; } }
Headers do NOT work.
@smtalk @DirectAdmin Support
Opening a ticket soon Really weird issueI do not see a reason why wouldn’t new headers work. Feel free to create a DA ticket for this, if license has no support - I may check it for you (free of charge), just PM me.
add_header X-FastCGI-Cache $upstream_cache_status;
# if ( $skip_cache ~ "^$" ) {
# set $skip_cache 1;
# }
# fastcgi_cache_bypass $skip_cache;
# fastcgi_no_cache $skip_cache;
# fastcgi_cache FASTCGICACHE;
# fastcgi_cache_valid 60m;
# add_header X-FastCGI-Cache $upstream_cache_status;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";
Yes, it's a known issue in refreshed layout, already fixed in pre-release.Anyone else having an issue with renaming domains when using the Refreshed layout?
Clicking "Rename domain" does nothing.
There is no CUSTOM4 block inOpening a ticket soon Really weird issue
Tested it on another up to date server. With the new nginx_conf.php file the headers don't work. If I comment out the nginx_php.conf file and insert the old nginx_php.conf file, it works without any issues?
Edit
This line is the issue for some reason:
Code:add_header X-FastCGI-Cache $upstream_cache_status;
If I comment this out it works, if I leave it in the headers don't work ? Tested with Securityheaders, SSLLabs and HSTS preload
Nginx only, PHP 8
Edit 2
I created a custom template for now and commented this out (the part that is new and different with the old nginx_php.conf):
Code:# if ( $skip_cache ~ "^$" ) { # set $skip_cache 1; # } # fastcgi_cache_bypass $skip_cache; # fastcgi_no_cache $skip_cache; # fastcgi_cache FASTCGICACHE; # fastcgi_cache_valid 60m; # add_header X-FastCGI-Cache $upstream_cache_status;
and it works. This is the only difference, only updated DirectAdmin and did a ./build rewrite_confs and then it didn't work anymore. I don't have any fancy configs, just this in CUSTOM4:
Code:add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; add_header X-Frame-Options "SAMEORIGIN"; add_header X-Content-Type-Options "nosniff"; add_header X-XSS-Protection "1; mode=block";
location ~ \.php$
block If you want it to be server-wide, you may try adding it to /etc/nginx/nginx_limits.conf.