DirectAdmin v.1.38 is now released. Here is changelog: http://www.directadmin.com/versions.php?version=1.380000
There is a few security improvements described here: "Important Security Changes" http://www.directadmin.com/features.php?id=1177
Question 1: If I add secure_access_group=access to directadmin.conf, what consequence will this have on my server? Is there anything else I need to do in order for this to work correct?
Question 2: About the descriptions under "Also, the script:...", what is the complete commands to make these change on a existing install?
There is a few security improvements described here: "Important Security Changes" http://www.directadmin.com/features.php?id=1177
secure_access_group=access
check_subdomain_owner=1
are now going to be enabled by default for new installs.
These values are set in the data/templates/directadmin.conf.
Existing installs will not be affected. This only applies to new installs using 1.37.1 at install time.
Also, the script:
/usr/local/directadmin/scripts/custombuild.sh
will now run:
chown webapps:apache /var/www
chmod 550 /var/www
chgrp apache /usr/bin/perl
chmod 705 /usr/bin/perl
to increase security.
The scripts/custombuild.sh is also only called at install time, so feel free to make these changes for existing install if you wish.
Question 1: If I add secure_access_group=access to directadmin.conf, what consequence will this have on my server? Is there anything else I need to do in order for this to work correct?
Question 2: About the descriptions under "Also, the script:...", what is the complete commands to make these change on a existing install?