ispConfig 3.2 Bugfix Security und Feature Update

Das beliebte Multiserver Server Control Panel, ispConfig, erhielt das Update 3.2. Dieses behebt einige Fehler, schließt Sicherheitslücken und bringt viele neue Funktionen.

ispConfig 3.2 Release Notes

What’s new?

The new version comes with a lot of new features and bug fixes. Here are a few highlights:

– Added support for CentOS 8 and Ubuntu 20.04
– Important: We are going to drop support for Courier in the future. Please convert your setup to Dovecot.

Global:
– Terminated TLSv1 and TLSv1.1 support
– Support for requesting a Let’s Encrypt certificate for the panel, Postfix, Dovecot, and Pure-FTPd on install/upgrade
– Dropdowns for domains are not prefilled anymore
– Client protection (also known as admin protection) can now be disabled under System -> Main config
– Almost all strings can now be translated
– Added a lot of translations from several contributors.
– Fixed some visual issues

Sites:
– As the APS project is dead, we removed APS from our panel
– HTTP/2 will be enabled for all websites if your software supports it
– When a directive snippet is changed under System -> Directive Snippets, all sites using the snippet will be updated
– You can view the dependent alias- / subdomains for a website
– A lot of new backup functions:
– New backup formats for web files and database: TAR, RAR, 7z, zip
– Backups can be encrypted
– You can run a backup manually from the interface
– Note: we changed some important things in the vhost.conf.master. If you use a custom one, please update it.
– Added support for GoAccess
– Improved handling of chrooted users
– Update existing Jails automatically via cronjob
– Implemented additional subdomain/alias vhost domains web folder checks
– New configuration option to prohibit hardlinked files in chroot jail

Email:
– The autoresponder start and stop dates are now optional
– You can configure a purge for emails in the junk and trash folders that are older than X days
– Move spam emails to junk is now enabled by default for new mailboxes
– A lot of functions from the mailbox settings are now available for mail users as well
– Dovecot quota-status, lmtp and managesieve support
– Utilizing more postfix features for new forwarding modes, better mail handling and less spam;

DNS:
– Algorithm 13 is the new default for signing zones. To migrate your existing signed zones, see: https://www.faqforge.com/linux/controlpanels/ispconfig3/how-to-change-dnssec-algorithm-in-ispconfig-3/
– The records tab is now the first tab
– You can now use @ and * as hostname for DNS records
– Renamed the CAA record for Comodo to “Sectigo / Comodo CA”
– New record types: SSHFP, NAPTR and DNAME
– CAA, SSHFP, and DNAME records can now be added through the API
– Added a function to hide the BIND version to external users

Monitor:
– The Let’s Encrypt log has been made available in the interface under Monitor -> Let’s Encrypt log

Tools:
– We merged the “Password and Language” and “Interface” tab

System:
– Fixed the layout of the language editor
– Added SSL support for the apps virtual host

Fixed security issues:
– Restricted symlink use to the owner of the webroot (for Nginx users)
– Disabled automatic indexing for Apache sites
– Fixed an issue where resellers were able to create clients with more rights than themself
– Blocked a function which could be used to bypass traffic quota

Plus many smaller changes and improvements under the hood.

You can see the full changelog here:

https://git.ispconfig.org/ispconfig/ispconfig3/-/milestones/68