- robust_delete_administrator: use ORM delete when webauthn_credentials exists; else SQL DELETE after optional webauthn row cleanup and recursive child admins
- Fixes MySQL 1146 ProgrammingError on submitUserDeletion for installs without webauthn migrations
- JSON responses use application/json; errors include deleteStatus for listUsers UI
- After invalid/missing HomeDirectory id, resolve home_dir from best path like auto mode
- Handle MultipleObjectsReturned on path lookup; use get_or_create for UserHomeMapping
- Clear errors for ACL.DoesNotExist and IntegrityError (duplicate username)
- Ensure JSON error responses include createStatus and application/json
- Initialize selectedACL in create user template so JSON POST always includes ACL
- Explicit option values; pass default_acl_name from view for ng-init
- Coerce websitesLimit to int; validate selectedACL before ACL.objects.get
- ensure_csrf_cookie on createUser page load
- Optional /etc/cyberpanel/csrf_trusted_origins for HTTPS IP:port panels
- Allow changeUserACL on getUserHomeDirectories (parity with create user page)
- Sync public/static and static copies of userManagment.js with app static
Add _read_lines_from_protected_file: cp via executioner when EACCES/EPERM on read.
Use for settings.py, urls.py, baseTemplate index.html on install/uninstall paths.
- Resolve FTP home paths without duplicating /home/domain; support absolute paths under site home
- Add changeFTPDirectory API and list UI; improve create form path help
- Add setFTPAccountStatus (Status 0/1) with Enable/Disable on list page
- Pure-FTPd MySQL: require Status='1' for authentication in install templates
- Plugin signals for change directory and account status
- CPScripts/ensure_ftp_users_quota_columns.py checks information_schema and
ALTER TABLE users ADD COLUMN for custom_quota_enabled and custom_quota_size
when missing (fixes MySQL 1054 on FTP account creation).
- deploy-ftp-users-custom-quota-columns.sh copies script to CyberCP and runs
repair; restarts lscpd when active.
- upgrade_modules/10_post_tweak.sh runs the repair after upgrade sync.
- secMiddleware: allow dbPassword to bypass strict char check (stronger passwords)
- mysqlUtilities.createDatabase: return (0, error_message) on failure so UI shows real error instead of '0'
- mysqlUtilities.createDatabase: backtick-quote db name (fix 'near -admin' with hyphens), escape password and user for SQL
- submitDBCreation: pass through error message from createDatabase
- backupUtilities, Backupsv2, restoreMeta: treat createDatabase != 1 as failure (tuple return)
- patches/allow-dbpassword-special-chars.patch for secMiddleware deploy
- Remove second 'Final confirmation' dialog; keep only the WARNING backup dialog
- After successful upgrade, refetch plugin store and refresh upgrades list so
upgraded plugins no longer appear under Upgrades Available
- New tab between Table View and CyberPanel Plugin Store with badge count
- Dedicated view listing only installed plugins with a newer store version
- Table columns: Plugin Name, New Version, Your Version, Date, Action (Upgrade)
- Notice to read release info and backup before upgrading
- Badge and list populated from existing store API (update_available)
- Add plugin_settings_proxy for /plugins/<name>/settings/ so settings pages
work for all installed plugins (handles plugins installed after worker start)
- Add path('<str:plugin_name>/settings/', plugin_settings_proxy) in pluginHolder.urls
- removeFromSettings/removeFromURLs: use try/except for read/write, raise clear
PermissionError message; ensure panel user can write (chgrp lscpd; chmod g+w)
- Deploy: make CyberCP/settings.py, urls.py, baseTemplate index.html group-
writable by lscpd so uninstall can update them
Fixes false 'Files extracted to wrong location' when /usr/local/CyberCP/README.md
exists. Ensure panel user can create plugin dirs (e.g. chgrp lscpd /usr/local/CyberCP,
chmod g+w, and add panel user to group lscpd).
- Find plugin in GitHub archive by any path segment (Category/pluginName)
- extractPlugin: prefer top-level dir matching plugin name; handle repo-root
single dir by using plugin subdir when present (avoids wrong location)
- Add pluginHolder and pluginInstaller to upgrade recovery essential dirs
Fixes: Files extracted to wrong location (e.g. pm2Manager, README.md in root)
- dockerManager: add 0001_initial migration (CREATE TABLE IF NOT EXISTS), migrate-and-retry on DB errors, safe error response, fix logging.CyberCPLogFileWriter.writeToFile
- dockerManager/views: listContainersPage fallback HTML with error message if template fails
- dockerManager/viewContainer: improve container log readability (font-size 1rem, color #f1f5f9, line-height 1.6)
- baseTemplate: blockIPAddress also adds ban to firewall BannedIP model so Firewall > Banned IPs shows all
- firewall: getBannedIPs migrate-and-retry on OperationalError/ProgrammingError; install runs migrate firewall
- plogical/upgrade: syncBannedIPsJsonToDb() to sync JSON bans to firewall_bannedips; firewallMigrations() calls it; CyberPanelUpgrade runs firewallMigrations(); someDirectories creates /usr/local/CyberCP/data
- install: explicit migrate firewall after global migrate
- Add get_ssh_port() to read Port from /etc/ssh/sshd_config
- Use 127.0.0.1 and port=SSH_PORT in asyncssh.connect()
- Web Terminal now works when SSH runs on non-22 port
Add fallback gradient and !important color for btn-primary when
--bg-gradient is undefined (e.g. dark mode/base theme), so the Save
button is always visible instead of appearing white/invisible.
Expand mail-domain detection so proxy stays off for:
mail., smtp., imap., pop3., pop., autodiscover., webmail.
(and subdomains containing these). Other A/AAAA/CNAME get proxied by default.
- Return (success, error_msg) from createNONSSLMapEntry instead of 0/1
- Fix logging: use CyberCPLogFileWriter.writeToFile instead of writeToFile
- Match listener block case-insensitively (listener Default / listener default)
- Raise clear ValueError if Default listener block not found in httpd_config.conf
- Propagate actual error messages in createConfigInMainVirtualHostFile and createConfigInMainDomainHostFile
- dnsManager.fixDNSRecordsCloudFlare: track existing_types_by_name;
skip adding A/AAAA when hostname has CNAME (A/AAAA cannot coexist
with CNAME). Clearer docstring.
- dnsUtilities: comment tweak for proxy-capable record types.
- settings.py: read DB password from /etc/cyberpanel/mysqlPassword
when present so panel stays in sync with CLI/install scripts.
- dnsManager.py: include AAAA in record types that get proxied flag on
update (was only A, CNAME); fix HTTP 500 by hardening loadCFKeys and
addDeleteDNSRecordsCloudFlare (safe file read, always pass
domainsList/cfEmail/cfToken to template).
- dnsUtilities.py: A, AAAA and CNAME can be proxied in Cloudflare;
set proxied only for those types; MX, TXT, etc. cannot be proxied.
- Bug: filtering on '::1' in line incorrectly excluded addresses like
2a02:c206:2238:7806::1, so fixDNS() never created AAAA records.
- Fix: use ipaddress.ip_address() and is_loopback/is_link_local so
only actual loopback (::1) and link-local (fe80::) are excluded.
- GetServerIPv6() now returns correct global IPv6 for DNS AAAA records.
- Delete record: confirmation dialog and local backup before delete
- Clear all DNS records: double confirmation (zone name), local backup, Restore button
- Export/Import DNS records (JSON) for zone
- Check orphan DNS: find A/AAAA/CNAME for hostnames no longer in panel, remove with backup
- Backend: getExportRecordsCloudFlare, clearAllDNSRecordsCloudFlare, importDNSRecordsCloudFlare, getStaleDNSRecordsCloudFlare, removeStaleDNSRecordsCloudFlare
