6.2 KiB
| hide_table_of_contents |
|---|
| true |
0.1.9
Not yet released.
🚀 New features
- OpenAdmin Notifications Center is now using Sentinel service
- IPset Blacklists for UFW
- Restrict access to Cloudflare only with a single click
- OpenPanel FTP - FTP module for OpenPanel (BETA)
- OpenMail - Emails module for OpenPanel (BETA)
opencli faqcommand to show frequently asked questions
🐛 Bug fixes
- Fixed bugs with
opencli admin disableandopencli admin enablecommands. - Fixed bug with
opencli reportthat failed to retrive MySQL version for mysql running inside docker container. - Fixed bug with incorect version in changelog link on OpenAdmin > General Settings > Update Preferences.
💅 Polish
- Working server time on OpenAdmin > Dashboard.
- CPU type information on OpenAdmin > Dashboard.
- Install script now supports optional flags
--enable_ftpand--enable_mailto enable experimental features. opencli -vis now an alias foropencli --version.
Cloudflare only
Administrators can now disable direct server access and only allow access via Cloudflare proxy.
OpenPanel server
_____________________________
__________________________________ | | |
| | | F | |
-->| Traffic comming from Cloudflare |---------->| I | Websites |
|__________________________________| | R | |
__________________________________ | E | & |
| | | W | |
-->| Direct access to server IP |----------X| A | User services |
|__________________________________| | L | |
| L | |
|_____|_______________________|
To enable this feature simply navigate to OpenAdmin > Firewall and click on the Cloudfare button.
This feature will regularry update Cloudflare ip addresses to make sure new CF IP ranges are included.
IPset Blacklists
OpenAdmin Firewall now allows Administrators to easily add blacklists to block IP addresses from known malicious sources.
This feature uses the ipset-blacklist service automating the process of fetching and blocking IPs. It's a simple yet effective way to enhance system security without manual hassle.
Default blacklists:
| Blacklist | URL |
|---|---|
| AbuseIPDB (DISABLED) | https://api.abuseipdb.com/api/v2/blacklist |
| OpenPanel (DISABLED) | https://api.openpanel.co/blocklist.txt |
| Spamhaus DROP | https://www.spamhaus.org/drop/drop.lasso |
| Spamhaus EDROP | https://www.spamhaus.org/drop/edrop.lasso |
| DShield | https://www.dshield.org/feeds/suspiciousdomains_Low.txt |
| FireHOL level1 | https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level1.netset |
| FireHOL level2 | https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level2.netset |
| FireHOL level3 | https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level3.netset |
| FireHOL level4 | https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level4.netset |
| Binary Defense | https://www.binarydefense.com/banlist.txt |
| blocklist.de | https://lists.blocklist.de/lists/all.txt |
Administrators can add additional blacklists.
New opencli commands are also available:
- Download new IP addresses for all enabled blocklists:
opencli blacklist --fetch - Update all ipsets rules and reload UFW service:
opencli blacklist --update_ufw - Add a new blacklist:
opencli blacklist --add-blacklist name=<name> url=<url> - Enable a blacklist:
opencli blacklist --enable-blacklist=<name> - Disable a blacklist:
opencli blacklist --disable-blacklist=<name> - Delete a blacklist:
opencli blacklist --delete-blacklist=<name>
opencli faq
OpenCLI now has a new command opencli faq to display most frequently asked questions:
/etc/openpanel/
To enable easier updates in the future, we are gradually migrating all configuration files from /usr/local/panel/ & /usr/local/admin/ directories to the new /etc/openpanel/ directory.
This will separate configuration files in /etc/ from all the code in /usr/ and therefore no configuration files will need to be moved&restored when performing updates.
Current changes include:
- Forbidden usernames file is now moved from:
/usr/local/admin/scripts/helpers/forbidden_usernames.txtto/etc/openpanel/openadmin/config/forbidden_usernames.txt - FTP configuration files are stored under
/etc/openpanel/ftp/users/