4.3 KiB
| hide_table_of_contents |
|---|
| true |
0.2.2
Not yet released.
🚀 New features
- BETA support for RockyLinux 9.4
- DNSSEC for OpenPanel domains
- Containerized Nginx webserver
- Google PageSpeed data for WordPress websites on OpenPanel WPManager.
- Option to clear cached RAM from OpenAdmin Dashboard page.
- Shared phpMyAdmin for All OpenPanel users and their MySQL users
- Widgets on OpenAdmin Dashboard: Usage, Quick Start, Latest News and CPU can now be dismissed.
🐛 Bug fixes
- Fixed bugs on OpenAdmin > Users > Profile and OpenPanel > Dashboard with disk usage information not displayed when overlay2 storage driver is used.
- Fixed bug with File Watcher service causing infinite OpenAdmin service restart on Ubuntu24.
- Fixed bug with OpenAdmin > Firewall > Blacklists (IPsets) causing
ufw reloadcommand to fail - reported by @f1lk3. - Fixed bug with
opencli config updatecommand not restarting OpenPanel docker container *(introduced in OpenPanel 0.2.1).
Nginx
Nginx is now no longer installed on the server, but instead runs as a Docker container. A custom Docker image with Nginx, ModSecurity, and the latest OWASP Core Rule Set is used.
This approach has several benefits:
- ModSecurity Pre-installed: In OpenPanel <0.2.2, ModSecurity is not pre-installed because installing it requires compiling Nginx from source, which takes 15-20 minutes. Previously, admins had the option to install ModSecurity if desired. Now, ModSecurity comes pre-installed with Nginx, and the entire stack (Nginx, ModSecurity, OWASP ruleset, and Certbot) takes less than 1 minute to start.
- Automatic Nginx Updates: Since we use a custom image to bundle the latest Nginx version, OWASP rules, and ModSecurity, we can now update the image on our side when newer versions are available. Your OpenPanel server will automatically use the newest Ngincx version.
- Automatic Rules Update: We will also automatically update the rules, ensuring that your server always has the latest security rules. Custom settings and disable per domain or rule will still be respected.
- Resource Limiting: You can now define CPU and memory limits for the Nginx service. This means that if there is a DoS attack on some of the domains, the server and other services will remain functional.
DNSSEC
New command opencli domains-dnssec is available and allows administrators to enable DNSSEC, re-sign the zone and view DS records for domains.
-
to enable dnssec for example.net :
opencli domains-dnssec example.com -
to update the zone after publishing new records:
opencli domains-dnssec example.com --update -
to check if domain has dnssec enabled and view DS records:
opencli domains-dnssec example.com --check
Please note that this feature is still experimental and there is still no UI for it in OpenPanel interface.
phpMyAdmin
Added an option to run a shared phpMyAdmin service accessible on a custom domain, allowing login for all MySQL users of OpenPanel. This service contradicts OpenPanel's usual setup where each user has independent services, but it was requested by a few users, so we decided to implement it. It remains disabled by default.
To enable the shared phpMyAdmin service, first set the URL where it will be accessible. For example:
opencli config update pma_url https://phpmyadmin.pejcic.rs
Then enable the phpMyAdmin service for all users:
opencli phpmyadmin --enable
This will start the phpMyAdmin service, configure an nginx reverse proxy for the domain, and generate an SSL certificate if using HTTPS.
To disable the service:
opencli phpmyadmin --disable
If enabled, the auto-login option from OpenPanel will no longer work. Instead, each user must use a username and password to log in to phpMyAdmin.
NOTE: OpenPanel user must enable RemoteMySQL for his mysql users to be able to use the phpMyAdmin service.
If this shared service is enabled, we recommend removing phpmyadmin from the Dockerfiles and rebuilding the images. This will save you up to 250MB per OpenPanel user.