--- hide_table_of_contents: true --- # 0.1.6 Released on April 15, 2024 ### 🐛 Bug fixes - Fixed bug durring ModSecurity installation process (reported by [reyokh](https://hostingforums.net/d/282-openpanel-not-another-free-hosting-panel/6)) - Fixed bug on *OpenAdmin > Users* with displaying server name - Fixed bug on *OpenAdmin > Users > Edit information* with modal-backdrop left after closing the modal. - Fixed bug on *OpenAdmin > General Settings* with the disabled input field causing 500 error on save. - Resolved an issue with the PHP-FPM service that led to WordPress prompting for FTP credentials during plugin installation and media uploads. - Fixed bug where suspended users were being excluded from search results in the *OpenAdmin > Users* section. - Fixed bug where [the wrong OpenPanel version was shown in the sidebar](https://i.postimg.cc/Jz0tMy7X/2024-03-18-13-38.png) under OpenPanel. - Fixed bug where errors for the OpenAdmin section were being logged in api.log instead of the error.log file. - Fixed bug with PHP installation in `opencli php-install_php_version` script that caused the missing php-fpm service in containers. - Fixed bug with the `opencli php-default_php_version` script that caused the new default php version not to be set for cli. - Fixed bug with `opencli hostname-ssl` script failing to renew SSL. - Fixed [bug with permissions not permiting user to edit crontab via terminal](https://github.com/stefanpejcic/OpenPanel/issues/75) - Fixed bug [Memcached allocation slider bug #89](https://github.com/stefanpejcic/OpenPanel/issues/89) ### 🚀 New features - [Turkish translation 🇹🇷](#turkish-translation) - [Docker images can now be downloaded, updated and deleted from the *OpenAdmin > Docker Settings* page.](#openadmin--docker) - Introduced *OpenAdmin > API Settings* page, enabling API access, token generation, curl command execution, request sending, response viewing, and API access log monitoring. - Added a feature that allows for [manual initiation of updates via the *OpenAdmin > General Settings* section](#panel-update-from-gui). - [*OpenAdmin > ModSecurity* interface.](#openadmin--modsecurity) - [`opencli nginx-modsec` script that allows admins to: update OWASP Core Ruleset, List ModSecurity rules and Logs, Enable/Disable Rules and view domain settings.](#openadmin--modsecurity) - [Custom OpenPanel and OpenAdmin templates](#custom-templates) can now be defined by the Administrator - [dev_mode](#dev-mode) - [BasicAuth for OpenAdmin panel](#basicauth-for-openadmin) - [DNS zone export for *OpenPanel > Edit DNS Zone*](#export-dns-zone) - [Selfsigned SSL inside docker containers for Nginx & Apache](#selfsigned-ssl) - [Notifications on admin logins from new IP address](#admin-login) - [Email alerts for the Notifications center](#email-alerts) ### 💅 Polish - Added check if docker images exist before creating plans. - The system now logs the admin username to identify who performed actions for a user. - Moved all JavaScript code for OpenAdmin to external files. - All responses from OpenAdmin are now compressed, including pages (HTML), templates (JavaScript & CSS), and API responses (JSON). - Added online status indicators to the Users table in OpenAdmin. - MySQL service is now listening on both `localhost` and `127.0.0.1` - New default OpenAdmin theme - Added checks to remove apt cache and temporary files after install process - [Custom cron file `/etc/cron.d/openpanel`](#etccrondopenpanel) - [OpenAdmin login log](https://dev.openpanel.co/logs.html) - [Default PHP version change is now logged](#log-php-change) - Added warning messages for unlimited disk usage on *OpenAdmin > Users > single user* page. ----- ### dev_mode dev_mode allows developers to view original responses from OpenAdmin and detailed error messages. When enabled, the following occurs: - html/css/js code from the templates is not minified - json responses are not minified - detailed error messages are shown To enable dev_mode: ``` opencli config update dev_mode on ``` To disable dev_mode: ``` opencli config update dev_mode on ``` and restart *admin* service. ---- ### BasicAuth for OpenAdmin As an additional security measure, [BasicAuth](https://en.wikipedia.org/wiki/Basic_access_authentication) can be enabled for OpenAdmin panel. [Instruction](/docs/admin/scripts/openpanel_config/#admin_template) ![screenshot](https://i.postimg.cc/XNs02KHz/2024-04-08-15-04.png) :::danger API access is automatically disabled when BasicAuth is enabled. ::: To enable basic authentication for OpenAdmin, run commands: ``` opencli config update basic_auth yes ``` ``` opencli config update basic_auth_username STRONG_USERNAME_HERE ``` ``` opencli config update basic_auth_password STRONG_PASSWORD_HERE ``` then reload the OpenAdmin service: ``` service admin reload ``` --- ### Email Alerts You can now receive email alerts from the Notifications center! ![email_alert](https://i.postimg.cc/904QNyf9/image.png) - To enable email alerts, set email address in *OpenAdmin > Notifications Center* or using OpenCLI: `opencli config update email stefan@pejcic.rs` - To disable email alerts simply remove the email address from *OpenAdmin > Notifications Center* or using OpenCLI: `opencli config update email ''` - To check current email navigate to *OpenAdmin > Notifications Center* or using OpenCLI: `opencli config get email` For sending emails, you can configure outgoing SMTP server: ``` [SMTP] mail_server= mail_port=465 mail_use_tls=False mail_use_ssl=True mail_username= mail_password= mail_default_sender= mail_security_token=78bd237db2da ``` Each value can be set with the `opencli config update` command. --- ### Admin Login You can now receive notifications when admin account is accessed from a new IP address. ![notifications admin login](https://i.postimg.cc/mg9qmSH7/image.png) - To disable login notifications: `opencli admin notifications update login no` - To enable login notifications: `opencli admin notifications update login yes` --- ### Selfsigned SSL Docker images are now equipped with self-signed SSL certificates, enabling the establishment of secure connections from the Nginx proxy on the host server. This eliminates the need to [add custom code to wp-config.php to make WordPress work behind reverse proxy](https://developer.wordpress.org/advanced-administration/security/https/#administration-over-https). --- ### OpenAdmin > ModSecurity *OpenAdmin > ModSecurity Settings* pagenow provides a list of all ModSec rules (files), logs from the Nginx service and options to identify attack, block IP addresses, disable certain rules or files, etc. ![modsecurity settings page](https://i.ibb.co/7t7mZDW/2024-04-09-12-12.png) New commands are also available: - `opencli nginx-modsec --rules` displays rule files. - `opencli nginx-modsec --logs IP_HERE/RULE_ID` allows you to search the logs. - `opencli nginx-modsec --update` will update the ModSecurity OWASP Core Ruleset files. - `opencli nginx-modsec --domain` displays a summary about a domain modsec status. - `opencli nginx-modsec --enable FILE_NAME` enables a rule file globally. - `opencli nginx-modsec --disable FILE_NAME` disabled a rule file globally. --- ### OpenAdmin > Docker Docker images can now be downloaded, updated and deleted from the *OpenAdmin > Docker Settings* page. ![docker settings page](https://i.postimg.cc/nr66G5M6/2024-04-09-12-02.png) Command `opencli docker-update_images` can also be used from the terminal or cronjobs: https://openpanel.co/docs/admin/scripts/docker/#update-images --- ### Custom Templates Starting v0.1.6 you can set [custom templates](https://dev.openpanel.co/templates/) for both OpenPanel and OpenAdmin interfaces! Examples: ![default](https://i.postimg.cc/wBGr0gkL/2024-04-05-17-00.png) ![example](https://i.postimg.cc/QMtPQHcj/2024-04-05-16-59.png) To create new templates copy the default templates folders: For OpenPanel: `cp /usr/local/panel/templates/ /home/custom_template/` For OpenAdmin: `cp /usr/local/admin/templates/ /home/custom_admin_template/` and then make the changes over html/css file. To change theme for OpenPanel, run command: ``` opencli config update template NAME_HERE ``` instead of *NAME_HERE* set either just the folder name in `/usr/local/panel/` or a full path, example: ``` opencli config update template "/home/custom_template/" ``` To change theme for OpenAdmin, run command: ``` opencli config update admin_template NAME_HERE ``` instead of *NAME_HERE* set either just the folder name in `/usr/local/admin/` or a full path, example: ``` opencli config update admin_template "/home/custom_admin_template/" ``` --- ### Export DNS Zone Users can now export the BIND9 DNS zone file from *OpenPanel > Edit DNS Zone* ![export dns zone](https://i.postimg.cc/RFgBLdt4/image.png) --- ### Turkish translation Turkish language is now available for OpenPanel! 🎉 It will be included in the [0.1.6 version](https://openpanel.co/roadmap) and shipped with OpenPanel core. Thank you **grafen** for your personal contribution to OpenPanel. 🙏 To use `tr` locale immediately, run command: ``` wget -O - https://gist.githubusercontent.com/stefanpejcic/701fe98ab873120378f7c7de9d75e030/raw/0d4db8338ce2ad17aec54dfc1d4982abdbb254dc/install_tr.sh | bash ``` and the new locale will be available to your users under Account Settings: ![tr locale openpanel](https://i.postimg.cc/wv3J1DzS/image-720.png) ----- ### Panel update from GUI OpenPanel can now be updated directly form the OpenAdmin interface. To update navigate to *OpenAdmin > General Settings* section and if new update is available, click on the update button to initiate. ![update openpanel](https://i.postimg.cc/FzCGTgFg/openadmin-update-is-available.png) ----- ### /etc/cron.d/openpanel OpenPanel now utilizes a custom cron file located at `/etc/cron.d/openpanel` instead of relying on the root user's crontab. This allows the root user to add custom cronjobs without the risk of them being overwritten during OpenPanel updates. ```bash # /etc/cron.d/openpanel: crontab entries for the OpenPanel # # # This file is used by OpenPanel to schedule cronjobs # # It should NOT be edited manually as it is overwritten on update. # To add crons please use the crontab as root user. # # Important Note! This cronjob will NOT be executed if you are # running systemd as your init system. If you are running systemd, # the cronjob.timer function takes precedence over this cronjob. For # more details, see the systemd.timer manpage, or use systemctl show # certbot.timer. SHELL=/bin/sh PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin # SSL 0 */3 * * * root opencli ssl-hostname 0 */3 * * * root certbot renew --post-hook 'systemctl reload nginx' # STATISTICS 0 * * * * root opencli docker-collect_stats 30 2 * * * root opencli domains-stats # MAINTENANCE * 2 * * * root opencli docker-usage_stats_cleanup 15 0 * * * root opencli update 0 0 12 * * root opencli server-ips # BACKUPS 0 7 * * * root opencli backup-check 0 8 * * * root opencli backup-scheduler # MONITORING * * * * * root bash /usr/local/admin/service/notifications.sh @reboot root bash /usr/local/admin/service/notifications.sh --startup @reboot root opencli server-on_startup ``` ----- ### remove apt cache Added checks to [remove apt cache](https://linuxier.com/how-to-clear-apt-cache-in-ubuntu/) and temporary files after install process ----- ### Log PHP change When user modifies the default PHP version for CLI and new domains, the system logs this action in their activity log. ![php_v_change](https://i.postimg.cc/XNKymZ0C/2024-04-10-12-14.png)