We are pleased to announce the release of InterWorx Version 5.1.0!
See the release announcement here.
Key Features
- Elimination of all dependencies on mysql_old_password authentication
- Simplified customization of SSLCipherSuite and SSLProtocol settings for services, and removal of the less-secure SSLv3 protocol option by default
- Dozens of new API actions that provide access to data inside of InterWorx forms.
- High System Load notifications will now include output from the program “top”, which will provide a snapshot of what is currently utilizing system resources at the time the notification is triggered
- Server administrators can now allow access to custom log files via NodeWorx or SiteWorx.
- Roundcube updated to version 1.1.2
- Spam Assassin upgraded to version 3.4.1
- Apache upgraded to version 2.2.31
- ClamAV upgraded to version 0.98.7
- Support for CentOS 5, 6, and 7. CentOS 4 no longer supported.
Enhancements
- Added SiteWorx and Domain enumeration to Reseller Overview
- Added validation that new nodes are running the same version of InterWorx
- Added ability to select if a SiteWorx backup should be applied to the storage quota from the NodeWorx settings page
- Made Apache restart gracefully when called via the API
- Added API actions to show storage and bandwidth usage in MB
- Added —restart-http option to domain-promoter.pex
- Added option to cascade enabling Remote Assistance from cluster managers to nodes
- Added a usage warning to the domain promoter
- Configured addition of alternate SMTP server to trigger firewall port opening
- Disallowed CNAME records from coexisting with any other data per RFC 1912
- Added whitelist_auth, def_whitelist_auth, and unwhitelist_auth to SpamAssassin settings
- Added a CLI interface for the password generator
- Updated the quick help for smtp greetings to explicitly require a FQDN
- Added a ‘DNS’ category to the plugins page
- Updated iworx init script to provide more useful status information
- Improved error messages for diagnosing DNS Sync issues
- Added events to the system health detectors
- Increased granularity of bandwidth display in NodeWorx and SiteWorx
- Upgraded Recaptcha to v2
- SiteWorx users can now delete the master ftp account if they wish
- NFS rsize and wsize values are now configurable via iworx.ini
- Secondary domain usage now appears in the IP Management page
- Added advisor to subdomain add form for domain creation
- Added directory deletion option to subdomain deletion
- Added configuration option to prevent cross-account subdomain creation
- Command Queue can now skip duplicate commands for faster recovery
- Command Queue now truncates history to prevent load issues when a node is failing to replicate
- Add additional protections against multiple command queue instances
Security Upgrades
- Infrastructure
- Replaced the qmail tlsserverciphers and tlsclientciphers files with more secure defaults
- Updated default Apache ssl.conf configuration to disable SSLv3
- Updated iworx-web server ssl configuration to disable SSLv3
- 3rd Party Apps
- Changed ProFTPd xferlog permissions to more secure 0640
Bug Fixes
- Interface
- Fixed a bug preventing the reseller edit form from displaying the correct billing day
- Fixed issue with array-based columns sorting in the web interface
- Added newest-first viewing to the log viewer
- Fixed unintended wrapping of form descriptions
- Filtered out CLI control characters that were, in some cases, appearing in the browser
- Improved display of long nicknames in SiteWorx Accounts list.
- Infrastructure
- Fixed ownership of generated .license files
- Made Apache module list payload read-only
- Sped up initial access of web based license activation
- Better handling of timeout for storage quota syncing
- Fixed an issue with SiteWorx permissions and downloading archived logs
- Upgrade system
- Fixed an issue where manually running an upgrade step could cause permissions issues
- Added an automatic retry for failed upgrade steps
- Fixed APF untrusted interface detection on upgrade
- Fixed issue which caused failing upgrades to use too much disk space under ~iworx/var/backups/
- Service
- Web
- Added SHA-256 as the default SSL certificate digest algorithm.
- Added new –sync-default-vhosts function to ~iworx/bin/httpd.pex in order to recreate the vhost_000_defaults.conf file
- Fixed .htaccess generation permissions
- Fixed a bug causing IPs to remain in vhost configs after the IP was deleted
- Fixed a bug where changing a secondary domain’s IP would not consistently update the web server IP configuration
- Fixed a situation where the namevirtualhost file could be out of sync when changing Apache ports
- Mail
- Fixed a bug causing SpamAssassin to delete Spam/Ham folders
- Changed vpopmail logging to ‘errors only’
- Fixed character encoding issues with SpamAssassin migrations
- Fixed an issue where learned spam/ham would not be cleaned up
- Fixed email password changing issues within Horde/IMP
- Removed spam setting duplication error
- IMAP Server: replaced /etc/courier/imapd.dist, imapd-ssl.dist, pop3d.dist and pop3d-ssl.dist files with similarly named files by removing .dist
- Added safeguards to prevent overwriting above config files on imap server package update
- Firewalls
- Fixed a bug where ip6tables could be restored on firewall restart even if not managed by InterWorx
- Database
- Adjusted DB username validator to allow eight characters
- Removed unnecessary database lookups from the Manage DB Users page
- Prevented MySQL service from throwing unrecognized option errors
- Fixed an issue with the iworx-db upgrade which occured when /etc/my.cnf had secure_auth=off set
- Added error handling for remote MySQL GRANT errors
- Fixed a problem where restarting the iworx-web service could stop mysqld
- Web
- Plugins
- Updated IPv6 management calls to the CloudFlare Client API
- Fixed user password initializaton for auto-enable shell users plugins
- Languages
- Fixed several hard-coded language entries
- Install System
- Added quota partition detection to install process
- Added a delay to IP binding in the init script
- Fixed system health detection of yum failures
- IP System
- Fixed issue which caused duplicate entries to appear in the IPv6 Pool selection form
- Fixed bug that pulled IPv6 addresses from pools
- Fixed IPv6 Status disgnostics when IPv6 Gateway is defined dynamically
- Domain System
- Fixed a bug causing domain IP updates to fail when updating pointer domains
- Redirect domain deletion now triggers server alias sync
- Fixed issue that caused httpd slowdowns when /home is over NFS
- Fix DNS permissions for locked-domain SiteWorx accounts
- Clustering
- Fixed a problem with incorrect mail directories on cluster nodes
- Fixed addition of cluster nodes to database
- Added node hostnames in place of IPs on NodeWorx System Graphs and SiteWorx Recent Visitors
- Fixed password column length on cluster nodes for FTP and mail.
- Added Cluster Manager httpd restart to clean up NFS file handles on deactivation
- CLI
- Fixed a stacktrace using the config action for System Health
- Fixed an issue with input of absolute file paths and permissions when using the /usr/bin/nodeworx and /usr/bin/siteworx CLI commands
- Fixed an issue with display of array data in the CLI default output
- Fixed adding SiteWorx accounts in the Interactive CLI without adding a new package
- Fixed subdomain query reports in the CLI
- Fix query* actions where the form would not validate in the CLI.
- Fixes actions that relied on the use of printouts in the CLI.
- Cleaned up some actions that should not appear in interactive CLI.
- Added —no-color option to CLI commands to suppress color codes
- Fixed —help self-documenting feature of interworx-cli
- Fixed an issue triggered when manually invoking the shell.pex —enable function
- Backup-Restore
- Fixed a race condition flaw in SiteWorx backup creation
- Fixed scheduled backups to fail silently if the package option is disabled
- Fixed an issue preventing scheduled backups from being edited
- Improved error reporting when creating database backups
- Fixed a bug that would prevent restoring SiteWorx backups
- API
- Updated API documentation to 5.1.0
- Remove $input as a required API call parameter
- 3rd Party Apps
- Fixed session functions in SquirrelMail’s SASQL plugin
- Fixed Portuguese UI issue in PhpMyAdmin