New virtual-server module version 3.64

Howdy all,

I’ve rolled out version 3.64 of the Virtualmin virtual-server module. This is the biggest release in quite a while, including several new features, and a lot of script updates and bugfixes. As always, everybody ought to upgrade, ASAP.

Changes since 3.63:

[li]Updated the TikiWiki script installer to version 2.2, Mantis to 1.1.4, Drupal to 6.6 and 5.12, WordPress to 2.6.5, WPMU to 2.6.5, PHPCoin to 1.4.5, Rails to 2.1.2, PHPList to 2.10.7, phpMyAdmin to 3.1.0, SugarCRM to 5.1.0b, MoinMoin to 1.8.0, PiWik to 0.2.26, OpenX to 2.6.3, Bugzilla to 3.2, SMF to 1.1.7, Trac to, Joomla to 1.5.8, phpBB to 3.0.3, Moodle to 1.9.3, ZenPhoto to 1.2.2, Squirrelmail to 1.4.7, TextPattern to 4.0.7, Movable Type to 4.23, TWiki to 4.2.4, and Gallery to 2.3 and 1.5.10.[/li]
[li]Added a script installer for OpenGoo 1.0, a web-based office suite.[/li]
[li]On systems running Postfix with spam filtering enabled, the ownership and permissions on the procmail wrapper command are validated as part of the configuration check to ensure that it is setuid and setgid to root.[/li]
[li]When a virtual server with slave DNS zones is disabled, then will be removed from slave servers to properly prevent DNS resolution of the domain. When it is re-enabled, the slave zones will be re-created.[/li]
[li]Optimized the spam and virus deletion screen to deal better with large folders, by processing only 100 messages at a time.[/li]
[li]Added a check to ensure that the Webalizer template configuration file actually exists.[/li]
[li]Multiple virtual servers with SSL enabled can now share the same IP address. However, Virtualmin will display a warning message if a new domain does not match the hostname in the certificate for an existing domain.[/li]
[li]UCC certificates and CSRs can now be created and displayed on the Manage SSL Certificate page.[/li]
[li]Domain owners can now restore from files under their virtualmin-backup directory, subject to regular Unix permissions.[/li]
[li]FTP directory restrictions can now be included in Virtualmin configuration backups.[/li]
[li]Custom nameservers can now be defined for resellers, so that domains they create can appear to be hosted on a server separate from other resellers or the master admin.[/li]
[li]The CPU time resource limit can now be entered in seconds, rather than minutes. However, this will be rounded down to the nearest minute when applied to SSH logins, due to the format of the /etc/security/limits.conf file.[/li]
[li]Added a field to the Website Options page for setting the maximum run-time for PHP scripts.[/li]
[li]If the post-modification or creation script for a domain fails, its output is now displayed as an error message.[/li]
[li]Validation now checks that each domain’s Unix user and group quotas match what Virtualmin expects.[/li]
[li]Added a DNS template option to have a DNSSEC key generated for new domains, and records automatically signed. Requires Webmin 1.443 or later though.[/li]
[li]Email sent to domain owners is now properly encoded so that non-ASCII characters can be included.[/li]
[li]Added a checkbox to the Shared IP Addresses page to allocate a new shared IP, if allocation ranges have been defined.[/li]
[li]Shared IP addresses can now be listed, added and removed from the command line using the new, and scripts.[/li]
[li]Virtual server backups can now be in ZIP format, by changing the ‘Backup compression format’ option on the Module Config page. TAR format is still recommended though, as it better preserves Unix filesystem attributes.[/li]
[li]When submitting a new SSL certificate and key, they are checked to ensure a modulus match, ensuring that they were generated and can be used together.[/li]

The biggest change is the introduction of multiple SSL certificate support UCC certificates. This has long been one of the top requested features…and while this is not a perfect solution, and we still recommend you use one IP per SSL site, this can make it possible to run multiple SSL sites on a single IP address. It also adds wildcard certificate support, which works in a similar manner. Note that many older browsers do not recognizer the UCC certificate type, and will consider it invalid.

Another big change is that Jamie has added DNSSEC to the Webmin BIND module, and this release of Virtualmin supports this in Server Templates. Note that this option requires Webmin 1.443 or higher, so it’ll be a week or two before the functionality is actually visible.

This release also includes a couple of additional sanity checks to make sure your system is doing what you think it is. If one of these sanity checks doesn’t pass, please don’t panic–it does not indicate that your system is suddenly broken, and not doing something it was doing before. It just indicates that Virtualmin is getting smarter at recognizing when things are broken. (This has been a problem in the past, with folks doing bizarre things like reinstalling, or doing other dramatic and damaging actions in response to a simple configuration check or server validation warning. Just search the forums, and then ask us about it, if you get any warnings during server validation or the configuration check that you don’t recognize or know what to do about.)

As always, if you run into any problems, let us know in the ticket tracker.