Install:
- install.py: in preFlightsChecks.call(), replace missing CyberPanel python
with /usr/bin/python3 and force shell=True so any code path (including
old/cached script) never hits FileNotFoundError.
Upgrade:
- cyberpanel_upgrade.sh: resolve CP_PYTHON (CyberPanel, CyberCP, python3)
before running upgrade.py and configure.py; use it for both.
- plogical/upgrade.py: add _python_for_manage(), use it in GeneralMigrations,
collectstatic, and upgradePip so migrations/collectstatic work when
/usr/local/CyberPanel/bin/python is missing.
- install.py: create venv at /usr/local/CyberCP if missing; add system python3 fallback for migrations; download composer.sh before chmod; remove existing SSH keys before ssh-keygen
- installCyberPanel.py: remove MariaDB-server from dnf exclude before install
- cyberpanel.sh: ensure ports 8090 and 7080 listening after install; final status shows port accessibility
- backupUtilities.py: remove existing cyberpanel keys before ssh-keygen to avoid Overwrite prompt
- plogical/firewallUtilities: fix inverted success/failure (result==1 = success); write blocked_ips.log under CyberCP/data for cyberpanel write access
- plogical/processUtilities: when root, use normalExecutioner return value so executioner reflects actual command success/failure
- firewall/firewallManager: addBannedIP uses FirewallUtilities.blockIP; ACL and all errors return JSON with error_message/error; rollback store if block fails
- baseTemplate/views: blockIPAddress uses FirewallUtilities.blockIP instead of subprocess
- baseTemplate/homePage: inline Ban IP calls /firewall/addBannedIP with ip/reason/duration; show server error in notifications
- baseTemplate/system-status.js: handle string response and show server error_message in success and error callbacks
- Fix delete for domain and Root File Manager: use sudo helper when
lscpd/executioner fails (TOKEN/sendCommand issues)
- Add safe-delete-path and safe-move-path helpers for base64 path handling
- Add ACLManager.isPathInsideHome and isFilePathSafeForShell for path validation
- Fix upload authorization for Root File Manager (domainName empty)
- Harden outputExecutioner result checks to prevent 500 on None
- Update Bootstrap CDN for CSP compatibility
- Improve error display and a11y focus management in modals
- Resolves#1670: files with special characters can be uploaded/deleted
- saveSSHConfigs() now writes only one Port line (was writing one per
existing Port line, causing duplicate Port entries and 'Address
already in use' from sshd)
- Match only actual 'Port N' directive; exclude GatewayPorts and other
lines containing 'Port'
- If no Port line exists in config, append one
Fixes: https://github.com/usmannasir/cyberpanel/issues/1668#issue-3881969535
- install.py: use preFlightsChecks.mariadb_version in mariadb_repo_setup
- venvsetup.sh: prompt for MariaDB 11.8/12.1 in interactive install, pass --mariadb-version to install.py
- cyberpanel_upgrade.sh: add MARIADB_VER (default 11.8), --mariadb-version arg, interactive prompt, write /etc/cyberpanel/mariadb_version, use in MariaDB.repo
- plogical/upgrade.py: read mariadb_version from /etc/cyberpanel/mariadb_version in fix_almalinux9_mariadb(), default 11.8
- Install: add LiteSpeed repo (repo.litespeed.sh), install openlitespeed; keep official binary if >= 1.8.5, else optional custom binary overlay
- Upgrade: add repo, upgrade openlitespeed package; only run installCustomOLSBinaries if version < 1.8.5
- LSWS: fallback to 6.3.4 when API empty in cyberpanel_upgrade.sh and venvsetup.sh; sed lsws-6.0 and lsws-6.3.4 to latest stable
- plogical/upgrade: add_litespeed_repo(), get_installed_ols_version(); install.py: add_litespeed_repo(), get_installed_ols_version()
Only files that match current live server; excludes settings.py (deployment-specific), pluginHolder/pluginInstaller (repo ahead), install/cyberpanel scripts (diff), and deleted static files (still on server).
- Add CyberCPLogFileWriter.get_current_timestamp() for errorSanitizer (fixes 500 logging)
- After upgrade/install: fetch meta.xml from raw GitHub and overwrite installed file so
store version (e.g. 1.1.0) is correct even when archive ZIP is cached/stale
- Upgrade/install: discover ZIP top-level folder and match plugin folder case-insensitively
- Improves redisManager/memcacheManager upgrade and all store installs
- Enhanced MariaDB-server-compat package removal with multiple aggressive attempts
- Added --allowerasing and dnf exclude to prevent compat package conflicts
- Added MariaDB binary verification before password change
- Added service status verification and wait time
- Improved error handling and graceful failure
- Fixed FileNotFoundError when mysql command not found
Fixes:
- MariaDB-server-compat-12.1.2-1.el9.noarch conflict with MariaDB 10.11
- mysql command not found after failed installation
- Installation proceeding when MariaDB wasn't actually installed
- install_utils.call: use shell=True for commands with ||, 2>, |, etc.
Avoids 'No matching repo to modify: 2>/dev/null, true, ||' when
dnf config-manager '... 2>/dev/null || true' is run via shlex.split.
- Add explicit 'rpm -e --nodeps MariaDB-server-compat-12.1.2-1.el9.noarch'
before dnf remove in main(), installMySQL, fix_almalinux9_comprehensive.
- upgrade fix_almalinux9_mariadb: add compat removal before MariaDB install;
use MariaDB 10.11 repo instead of 12.1 to avoid compat conflicts.
- Updated fallback version in versionFetcher.py to 5.2.3
- Updated fallback version in upgrade.py to 5.2.3
- Uses latest stable phpMyAdmin version (released 2025-10-08)
- Reference: https://www.phpmyadmin.net/files/5.2.3/
- Updated phpmyadminsignin.php to accept token and username via both GET and POST
- Fixes issue where phpMyAdmin access fails when accessed with GET parameters
- Maintains backward compatibility with existing POST-based authentication
- Resolves 404 error when accessing phpMyAdmin via CyberPanel interface
- Added migrateRainloopToSnappymail() function to automatically migrate email data
- Migrates from /usr/local/lscp/cyberpanel/rainloop/data to /usr/local/lscp/cyberpanel/snappymail/data
- Uses rsync to preserve permissions and ownership
- Updates include.php files to use new snappymail path
- Includes safety checks to prevent data overwriting
- Added migration logic to cyberpanel_upgrade.sh
- Updated default paths from rainloop to snappymail
- Deprecates rainloop folder in 2.5.5-dev
- Fixed perHostDomainConf() to replace {virtualHostName} placeholder in olsChildConf template
- Updated lswsChildConf template to use master domain log directory
- Updated lswsRediConfChild and lswsRediConfChildWWW templates to use master domain log directory
- Added automatic log directory and log file creation for child domains during creation
- Log files are now created at /home/{masterDomain}/logs/{childDomain}.{access|error}_log
- Ensures all newly created sub-domains automatically have separate log files from the start
This permanent fix ensures that when child domains are created:
1. VHost config uses correct log paths pointing to master domain's log directory
2. Log directory is created if it doesn't exist
3. Separate log files are created for each child domain with proper permissions
4. Works for both OpenLiteSpeed (OLS) and LiteSpeed Enterprise (LSWS) configurations
Fixes the root cause so all future child domain creations will have correct log configuration automatically.
- Always download compatible ModSecurity binary after installation
- Removes conditional check for custom_ols_marker
- Fixes undefined symbol: mdb_env_create error
- Prevents OpenLiteSpeed crashes with SIGSEGV signal 11
- Compatible with Ubuntu 24.04, RHEL 8/9, Debian 11/12
The fix ensures that compatible ModSecurity binaries (built without
LMDB dependency or with LMDB statically linked) are always used,
preventing the runtime symbol lookup errors that cause crashes.
Related: https://github.com/usmannasir/cyberpanel/issues/1626
- Fixed bug where regular users (UserACL) cannot create websites
- Changed UserACL createWebsite permission from 0 to 1
- Also enabled modifyWebsite and deleteWebsite for consistency
- Resolves issue where non-admin/reseller users were blocked from creating websites
Related changes:
- UserACL: createWebsite: 0 -> 1
- UserACL: modifyWebsite: 0 -> 1
- UserACL: deleteWebsite: 0 -> 1
- suspendWebsite remains 0 (admin-only feature)
This allows regular users to create, modify, and delete their own websites
while maintaining proper ownership checks and security controls.
- Fixed CloudFlare proxy toggle button to display as oblong with round dot
- Enable CloudFlare proxy by default for all domains/subdomains except mail domains
- Automatically add AAAA (IPv6) DNS records when creating domains/subdomains
- Added GetServerIPv6() function to retrieve server IPv6 address
- Updated DNS template styling and Angular.js binding for toggle buttons
- Filter domain dropdown to show only main domains (exclude sub-domains)
- Add automatic CloudFlare DNS record deletion when domains/sub-domains are removed
- Improve DNS Records table display to match SSH Logins/Logs table styling
- Add loading states and proper table structure with ng-if conditions
- Update CSS to match activity-table styling with sticky headers
- Introduced a `safeModifyHttpdConfig` method in `installUtilities` to handle modifications to the OpenLiteSpeed configuration file with backup, validation, and rollback capabilities.
- Updated various modules (`modSec.py`, `sslUtilities.py`, `tuning.py`, `vhost.py`, etc.) to utilize the new safe modification method, enhancing reliability and preventing configuration corruption.
- Improved error handling and logging throughout the configuration modification processes to ensure better traceability and debugging.
- Added new model `CatchAllEmail` to store catch-all email configurations per domain.
- Implemented views for fetching, saving, and deleting catch-all email configurations, enhancing email management capabilities.
- Updated URL routing to include endpoints for catch-all email operations.
- Enhanced error handling and permission checks for email forwarding actions.
These changes improve the flexibility and user experience of email management within CyberPanel.
- Added a new function `detect_default_php` to dynamically determine the default PHP version based on symlink and available versions, enhancing compatibility with PHP 7.4-8.5.
- Updated `phpmyadmin_limits` to utilize the detected PHP version for configuration changes, ensuring accurate parameter adjustments for the current PHP environment.
- Enhanced installation scripts for Redis and Memcached extensions to support PHP versions 7.4-8.5, improving backward compatibility and installation reliability.
- Improved error handling for missing PHP configuration files, providing clearer feedback to users.
These changes enhance the flexibility and robustness of PHP management within CyberPanel.
- Added a new fixed position banner in the index.html to announce .htaccess support, including styling and functionality for showing and dismissing the notification.
- Enhanced file manager to support extraction of 7z and rar file formats, with appropriate command handling in filemanager.py.
- Updated JavaScript files to determine extraction types based on file extensions, ensuring compatibility with new formats.
- Modified HTML templates to include options for 7z and rar compression types in the user interface.
https://github.com/usmannasir/cyberpanel/issues/1617#issue-3727006951
These changes improve user experience by providing clear notifications and expanding file management capabilities within CyberPanel.
- Added detailed error handling and logging for reverse DNS lookups, improving robustness against network issues and invalid responses.
- Updated virtualHostUtilities to handle cases where reverse DNS lookups fail, providing clearer error messages and guidance for users.
- Ensured that the results from DNS queries are validated before processing, enhancing the reliability of the rDNS checks.
These changes improve the overall reliability and user experience of the reverse DNS lookup feature within the CyberPanel environment.
- Changed versioning in README.md to 2.5.5-dev and updated the last modified date.
- Added a section for recent fixes in README.md detailing improvements to MySQL password rotation.
- Removed obsolete test files for MySQL utilities and ImunifyAV route.
- Enhanced mysqlUtilities.py to improve MySQL account resolution and logging, ensuring better handling of user and host identification during password changes.
- Added a static method to ensure ImunifyAV assets are created and permissions set correctly in CageFS.py.
- Updated the URL routing in urls.py to include paths for ImunifyAV, supporting both legacy and new routes.
- Modified the ImunifyAV HTML template to use Django's URL template tag for better maintainability.
- Enhanced the cyberpanel_fixes.sh script to ensure ImunifyAV UI assets are installed during fixes.
- Improved database user resolution and password handling in mysqlUtilities.py for better security and reliability.
This update enhances the integration and management of ImunifyAV within the CyberPanel environment.
- Refactored the enableDisableEmail function to improve handling of Postfix service enabling and disabling, including better error logging and cleanup of stale marker files.
- Added a new method in mailUtilities to check if Postfix is installed, ensuring that DKIM setup only proceeds if Postfix is available.
- Updated virtualHostUtilities to verify Postfix installation before attempting DKIM setup, with appropriate logging for missing markers.
- Improved overall robustness of email service management during installation and configuration processes.
https://github.com/usmannasir/cyberpanel/issues/1570
- Introduced a static method `restartCronService` to restart the cron service across various distributions, ensuring immediate application of changes.
- Updated `website.py` to call `restartCronService` after modifying cron jobs, with error handling to return appropriate responses if the restart fails.
- Enhanced overall reliability of cron job management by ensuring the service is restarted after changes are made.
https://github.com/usmannasir/cyberpanel/issues/1589
- Updated SQL queries to use backticks around database and table names for improved safety and compatibility.
- Implemented escaping for user inputs in CREATE USER and SET PASSWORD statements to prevent SQL injection vulnerabilities.
- Ensured consistent use of safe variable handling across various database operations, including user creation and privilege grants.
- Added PHP 8.6 to the list of system PHP versions and fallback versions in PHPManager.
- Updated return values to include PHP 8.6 in case of errors or empty results.
- Enhanced phpUtilities to recognize PHP 8.6 for CentOS and Ubuntu configurations.
- Adjusted recommended PHP version order to prioritize PHP 8.6.
- Removed local installation function in favor of a direct installation approach.
- Updated installation script to prioritize the development branch for downloading CyberPanel, with a fallback to stable if unavailable.
- Adjusted PHP version lists across various scripts to exclude PHP 8.6 and ensure compatibility with existing versions.
- Enhanced error handling and feedback during installation to improve user experience.
- Added installation logic for PHP 8.6 in the install script, ensuring compatibility with various distributions.
- Updated PHP version lists in the PHPManager to include PHP 8.6 for system checks and fallbacks.
- Modified phpUtilities to recognize PHP 8.6 for CentOS and Ubuntu.
- Adjusted upgrade script to support PHP 8.6 for AlmaLinux 8+ compatibility.
- Revised symlink setup logic to prioritize PHP 8.6 alongside other versions.
This commit implements an improved version of PRs #1575 and #1576 from @bdgreenweb
with critical performance optimizations.
## Background
The original PRs (#1575, #1576) proposed real-time disk usage tracking for file
manager operations. While the feature was valuable for improving user awareness of
disk quotas, there were several concerns:
1. **Performance Impact**: Original implementation used synchronous `executioner()`
calls that would block file operations until disk calculation completed
2. **Target Branch Issues**: PRs were submitted to the stable branch instead of
development branch, which could introduce instability
3. **Blocking Operations**: Each file operation would wait for disk usage
recalculation, potentially causing noticeable delays
## Implementation Changes
### filemanager/filemanager.py
- Added disk usage updates to 9 file operation methods:
- createNewFile() - After file creation
- createNewFolder() - After folder creation
- deleteFolderOrFile() - After deletion (both permanent and trash)
- restore() - After restoring from trash
- copy() - After copying files/folders
- move() - After moving files/folders
- upload() - After file uploads
- extract() - After extracting archives
- compress() - After creating archives
### plogical/IncScheduler.py
- Added CalculateAndUpdateDiskUsageDomain() function for domain-specific updates
- Added command-line argument handler for UpdateDiskUsageForceDomain
- Calculates disk usage for websites, email accounts, and bandwidth
## Key Improvements Over Original PRs
1. **Asynchronous Execution**: Uses `popenExecutioner()` instead of `executioner()`
- File operations return immediately without waiting
- Disk usage updates happen in background threads
- Zero performance impact on user operations
2. **Selective Updates**: Only updates the specific domain affected by the operation
rather than all domains system-wide
3. **Proper Branch Targeting**: Applied to development branch (v2.5.5-dev) for
proper testing before stable release
## Benefits
- Real-time disk usage tracking as requested
- No performance degradation
- Users immediately aware of quota usage
- Prevents accidental quota violations
- Better than competitors (cPanel/DirectAdmin) in responsiveness
## Acknowledgments
Thank you @bdgreenweb for the original implementation idea and PRs #1575/#1576.
While we couldn't merge them directly due to the performance and stability concerns
mentioned above, your contribution highlighted an important feature gap. This
implementation preserves your core functionality while addressing the performance
concerns through asynchronous execution.
This will definitely help organizations track disk usage more effectively without
sacrificing file manager performance.
- Removed session validation check from phpmyadminsignin.php
- Removed PhpMyAdminAccessMiddleware from settings.py
- These changes were preventing access to phpMyAdmin even for logged-in users
- Reverts problematic authentication flow that was blocking legitimate access
Update all vhost configurations to use /usr/local/lsws/Example/html/.well-known/acme-challenge
instead of domain-specific paths for better SSL certificate management
- Changed MariaDB server version from 10.11 to 12.1 in cyberpanel_upgrade.sh, cyberpanel.sh, install.py, and venvsetup.sh to ensure compatibility with the latest features and security updates.
- Enhanced error handling for branch and commit verification in venvsetup.sh to improve installation reliability.
- Streamlined the requirements file download process with fallback options in venvsetup.sh to handle potential download failures.
- Adjusted PHP version priority in cyberpanel_upgrade.sh and install.py to include PHP 8.5 (beta) as the highest priority.
- Enhanced package installation logic in cyberpanel.sh and installCyberPanel.py to install PHP dependencies more robustly, including error handling for missing packages.
- Updated README.md to reflect the new recommended PHP versions and deprecated versions.
- Improved error handling and dependency management in phpUtilities.py and upgrade.py for better installation reliability.
