DirectAdmin 1.63.0 RC

fln

fln

Administrator
Staff member
Joined
Aug 30, 2021
Messages
1,111
Hi everyone!

We're happy to announce the release candidate for 1.63.0.

This version includes a series of bug-fixes and a couple of new features, change-log can be found here:

DirectAdmin 1.63.0

The most notable feature is user web Terminal (Pro Pack feature). The update should be automatically available for all installations subscribed to the beta release channel.

We appreciate all the feedback on forums and issues reported in the ticketing system.

Thanks!
fln
 
Hai @fln, I found that this one issue is really annoying (happens only with nginx or nginx_apache and when hsts is enabled on hostdomain using this method: https://www.directadmin.com/features.php?id=1776)

Here is the discussion about this bug: https://forum.directadmin.com/threa...abled-when-using-nginx-or-nginx_apache.64749/

The hsts header for hostname is missing in nginx and nginx_apache but it appears only on apache standalone server.

Since my root hostdomain server.com is now on chrome preload list, I cannot remove this hsts preload from chrome list and I have to face this issue. Removing hsts preload from chrome list would take many weeks.

many_weeks.JPG

I reinstalled the server with clean install, tested with nginx, nginx_apache the static link is broken. With apache it is working fine (hsts is enabled perfectly). I'm not going to switch to apache. To summarize this issue: hsts header for hostname is not enabled (missing header) when using nginx or nginx_apache. Would this be fixed soon?

Note that hsts for other domains are working fine with both nginx and apache. The issue is only with hsts for hostname that affected webapps like phpmyadmin and roundcube where they have missing static files like js, css.
 

Attachments

  • 1634175003764.png
    1634175003764.png
    31.3 KB · Views: 16
Last edited:
@MaXi32 if you have a DA subscription with support please open a ticket and report this issue. I think this has something to do with your local modifications. HSTS support on DA web UI and HSTS support on the web server like apache/nginx has nothing in common. If HSTS is used on DA interface you need to manually ensure that your web server of choice supports TLS and add HSTS headers manually if needed.
 
@fln Did you try the step that I'm able to reproduce? I mean using auto installation, then you switch to nginx_apache or nginx. Switching to nginx_apache is considered a modification ? I will try to reproduce a video about this. I actually have sent a ticket about this.


fln said:
@MaXi32 If HSTS is used on DA interface you need to manually ensure that your web server of choice supports TLS and add HSTS headers manually if needed.
Click to expand...

Please note that this is related to host hsts not user domain hsts (as mentioned in the link). The host hsts can be enabled through directadmin.conf so it doesn't need to be added manually. I will do another 4th installation. This time I'm registering a new VPS in linode and using a trial directadmin license and the installation will be using this command:

Code: 
bash <(curl -Ss https://www.directadmin.com/setup.sh || wget -O - https://www.directadmin.com/setup.sh) auto

I will update this post.
 
Last edited:
I have a test machine running Debian 10 with nginx. No issues on it with or without HSTS enabled in directadmin.conf. I expected you have modifications in nginx templates. I am still not getting the essence of the issue.

Could you PM me credentials to the server where I could see this issue in action?
 
@fln
could you test my issued ?

[BUG] LINKED-IPS has broken duo nginx-vhost.conf and directadmin-ips.conf has different template

Centos 8 Directadmin 1.62.9 Nginx_Apache this line something went wrong #/usr/local/directadmin/custombuild/build if [ "`/usr/local/directadmin/dataskq h | grep -c '\-\-linked-ips'`" -gt "0" ]; then If I remove this condition, nginx-vhost, and httpd-vhost it linked-ips normally If I run in...
forum.directadmin.com forum.directadmin.com

In my case
there have different between
"nginx-vhost.conf" and "directadmin-ips.conf"(/usr/local/directadmin/data/template/nginx-ips.conf)

If I copy template from "nginx-vhost.conf" to "nginx-ips.conf" , it back to work.
 
@fln I will try to reproduce again. Yesterday I had SSL limit in LE and I want to make sure certificate SLL would not be an issue. Will update this.

EDIT

I was surprised that I think this might be due to my browser cache. Yesterday, when I install DA using auto mode (clean installation) even with apache, I got the ugly interface and it said certificate mismatched. But after I cleared the browser cache I can see phpmyadmin and round site are working. When you say that I might have custom nginx option I don't think I have it when doing clean install. I will keep this updated if I found something. I will try to reproduce this again to request the hostname SSL certificate after the DA auto mode installation is done.
 
Last edited:
@fln The problem is solved I did reinstall DA like 3 times and I haven't found any errors. I'm sure I did not have any custom nginx. This is my conclusion after debugging:

Solved - Hostname hsts header is missing when using nginx or nginx_apache

EDIT: I changed the title for this thread, this issue seems related to nginx or nginx_apache only webserver ORIGINAL TITLE: Cannot access phpmyadmin via hostname The hsts for hostname does not appear (as security header) when using nginx or nginx_apache. The other root domains have no issue...
forum.directadmin.com forum.directadmin.com

Sorry and thanks for concerning.
 
Can this little bug be solved on Debian 11? :)
dnssec-signzone: fatal: The -r options has been deprecated.
 
Anyone have this Directadmin update?
1.63.0 build 6f7ee16b88a4b28517d202f826e7e348de8973d11.63.0 build a8ac330b60c49665f1df6d0e8229fa15127e04c9


I cant install this update :(


directadmin_update.jpg
 
@Migdiradmin, please try upgrading DA directly via dataskq using the following command:

Code: 
echo "action=update&value=program" >> /usr/local/directadmin/data/task.queue && /usr/local/directadmin/dataskq d

And check the output for errors. Starting 6f7ee16b88a4b28517d202f826e7e348de8973d1 version which you currently have we have started strictly validating TLS connections when downloading upgrades. Upgrade will fail if we can not establish a secure connection to our download servers.
 
"Stable Delayed release schedule"
"CHANGE UPDATE CHANNEL"

Should I choose the above? do i have to choose this?
 

Attachments

  • da1.png
    da1.png
    31.3 KB · Views: 13
@agasar, from the screenshot provided it seems that your server is already running the latest DA version 1.63.0 build a8ac330b60c49665f1df6d0e8229fa15127e04c9. I would recommend staying on current release channel.
 
fln said:
@Migdiradmin, please try upgrading DA directly via dataskq using the following command:

Code: 
echo "action=update&value=program" >> /usr/local/directadmin/data/task.queue && /usr/local/directadmin/dataskq d

And check the output for errors. Starting 6f7ee16b88a4b28517d202f826e7e348de8973d1 version which you currently have we have started strictly validating TLS connections when downloading upgrades. Upgrade will fail if we can not establish a secure connection to our download servers.
Click to expand...
Today i tried and already in the last version. fixed.

In another server identical problem but dint show update to a8ac330b60c49665f1df6d0e8229fa15127e04c9, but after to click again in Update DirecAdmin in /admin/license?redirect=yes now its ok.

First time i have this problems with updates.

Lets wait for the next update to see everything is okay.
 
@tristan, output of /usr/local/directadmin/directadmin v and /usr/local/directadmin/directadmin o would be helpful. Also if you would create a ticket in the ticketing system we could request server access and check it out.
 
You must log in or register to reply here.
Back
Top