What's new in ISPConfig 3.0.5.4p4 This release introduces support for CentOS 7, adds some interesting new security features and fixes several bugs in the remote API. Intrusion Detection System The ISPConfig interface now contains a IDS System to protect it against unknown threats and vulnerabilitys. The IDS System consists of a scan engine for POST, GET and COOKIE variables based on PHPIDS and a SQL query scanner to detect SQL injection attacks. The IDS system does not replace any of the input and variable checks that are implemented in ISPConfig, the IDS adds a more generic check for all incoming variables in ISPConfig to build a second defense line. For now, the IDS system is configured to add warnings in the ISPConfig System log only and not to block attacks. If you like to block attacks, set ids_block_level to a value between 5 and 20 in the security_settings.ini file. The checks are quite strict and it is possible taht you have to whitelist some addditional variables to avoid false positive warnings. Therefore I would like to ask you to help us to complete the whitelist. The sql injection scanner is turned on by default while the intrusion detection system is turned off because the scan of all incoming variables can slow down the ISPconfig interface. You can turn the IDS on in /usr/local/ispconfig/security/security_settings.ini by changing "ids_enabled" to "yes" if you like to test this new feature. How whitelisting in IDS works: The IDS writes all alerts in whitelst file format to the file /usr/local/ispconfig/interface/temp/ids.log and the full warning message to the ispconfig system log in the interface. If you find that a alert is a false positive, then please post the alert message and line from ids.log here in the forum so we can check that and add it to the official whitelist. You can find a detailed description on the IDS settings in the security README file in the /usr/local/ispconfig/security/ folder. See changelog link below for a list of all changes that are included in this release. ----------------------------------------------------- - Download ----------------------------------------------------- The software can be downloaded here: http://prdownloads.sourceforge.net/ispconfig/ISPConfig-3.0.5.4p4.tar.gz ------------------------------------ - Changelog ------------------------------------ http://bugtracker.ispconfig.org/index.php?do=index&tasks=&project=3&due=82&status[]= -------------------------------------- - Known Issues: -------------------------------------- Please take a look at the bugtracker: http://bugtracker.ispconfig.org -------------------------------------- - BUG Reporting -------------------------------------- Please report bugs to the ISPConfig bugtracking system: http://bugtracker.ispconfig.org ---------------------------------------- - Supported Linux Distributions ---------------------------------------- - Debian Etch (4.0) - Wheezy (7.0) and Debian testing - Ubuntu 7.10 - 14.04 - OpenSuSE 11 - 13.1 - CentOS 5.2 - 7 - Fedora 9 - 15 ----------------------------------------- - Installation ----------------------------------------- The installation instructions for ISPConfig can be found here: http://www.ispconfig.org/ispconfig-3/documentation/ or in the text files (named INSTALL_*.txt) which are inside the docs folder of the .tar.gz file. ------------------------------------------ - Update ------------------------------------------ To update existing ISPConfig 3 installations, run this command on the shell: ispconfig_update.sh Select "stable" as the update resource. The script will check if an updated version of ISPConfig 3 is available and then download the tar.gz and start the setup script. Detailed instructions for making a backup before you update can be found here: http://www.faqforge.com/linux/controlpanels/ispconfig3/how-to-update-ispconfig-3/ If the ISPConfig version on your server does not have this script yet, follow the manual update instructions below. ------------------------------------------- - Manual update instructions ------------------------------------------- Code: cd /tmp wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz tar xvfz ISPConfig-3-stable.tar.gz cd ispconfig3_install/install php -q update.php
Till, Was curious as to the best way to apply ISPConfig updates to dozens of servers in a multi-server ISPConfig setup. Does your hosting company do these manually or do you use some type of orchestration software like puppet to automate the upgrades? Thanks for all you do!
After update is still tells me version 3.0.5.4p3 I just ran the update But it is still telling me it is the old version 3.0.5.4p3 any ideas how to fix this? Never mind just needed to delete the old version from tmp Regards Michael
If you like to apply the poodle ssl changes (in case you did not do that manually yet), then yes. Otherwise a reconfigure is not required.
Hello, Thank you for this update. I have just a small problem with the patch 4. After the update i can't use the php-fpm socket. I have an error 500 (FastCGI: incomplete headers (0 bytes) received from server). in the vhost of a website (php-fpm socket in use on the ispconfig interface) : "FastCgiExternalServer /var/www/xxx/xx/w23/cgi-bin/php5-fcgi-x.x.x.x-xxx.xxx.net -idle-timeout 300 -host 127.0.0.1:9032 -pass-header Authorization" need to be : "FastCgiExternalServer/var/www/xxx/xx/w23/cgi-bin /php5-fcgi-x.x.x.x-xxx.xxx.net -idle-timeout 300 -socket /var/lib/php5-fpm/web23.sock -pass-header Authorization" With the patch 3, the "-host" change to "-socket" when you enable socket in the ispconfig interface. Ispconfig 3.0.5.4p4 on Ubuntu 14.04.
I experience a bug. When I update from 3.054p3 to 3.054p4, backing up ispconfig stops and jumps back to the shell. Then, I re-run the update and choose no backing up ispconfig. The update is then successful.
Thats a problem with the php binary and happens when the php has no mysql extension. Please post the output of: which php
It is my OS. It have been running for over a year without problem backing up ispconfig. php5-mysql 5.3.3-8ubuntu12~lucid1
Please create a file /tmp/test.php on your server with this code inside: Code: <?php if(function_exists('mysqli_connect')) { echo 'mysqli found'; } else { echo 'no mysqli found'; } ?> then run: php /tmp/test.php and post the output.
Hi, I has the same problem with the version 3.0.5.4p4. I updated with the same version, disable and enable the website and it's ok Best regards
