11.0.4 Core

Latest

1st August 2024

Fixed

• File manager file editor issues for RTL languages.
• Mailbox size collection continues for the rest of the server if one mailbox fails.
• Reuse of domain from soft-deleted websites would fail if the assigned email server was separate to the application server.
• Installation of standalone DB server would fail to apply the licence key.

Enhanced

• Improvements to Arabic language pack.
• Name server ordering for SOA selection is now alphabetical so ns1 will always take precedence over ns2, ns3, etc.
• WordPress cron job emails now silenced by default for new installations.
• mod_security disabled by default on new service websites (panel, phpmyadmin, webmail).
• Let’s Encrypt interactive timeout increased to 120 seconds.

Appcd 4.1.0

Latest

29th July 2024

Added

• Ability to automatically load Monarx PHP module where Monarx installation is detected.
• Ability to perform some appcd actions directly from the server using appcd-cli without needing to access the control server.

Enhanced

• Improvements to Let’s Encrypt logic for faster provisioning and reduced possibility of rate limiting.

Fixed

• Reset of nginx custom configuration could potentially cause invalid syntax.
• Symlink for /var/run -> /run now explicitly added within container to mitigate issue with servers having a separate /var partition.

Appcd 4.0.2

25th July 2024

Fixed

• Fixed composer download on appcd installation. If updating from 4.0.0 or 4.0.1 please run rm /usr/bin/composer before updating.

Appcd 4.0.2

25th July 2024

Fixed

• Fixed composer download on appcd installation. If updating from 4.0.0 or 4.0.1 please run rm /usr/bin/composer before updating.

Enhanced

• Improved shutdown logic for ephemeral containers used in backup operations.

Appcd 4.0.1

24th July 2024

Fixed

• PHP containers would fail to restart if /etc/resolv.conf was made immutable on the host o/s.
• PTY error on interactive login for customer SSH.

Enhanced

• Improved logging for container start failures.

11.0.3 Core

23rd July 2024

Fixed

• Update to Cloudflare API client to handle changes in handling of SRV records.

Enhanced

• Increased timeout for RPC calls for email backup operations.
• Improved Hungarian language pack.
• Improved Turkish language pack.

Appcd 4.0.0

23rd July 2024

Changed

This is a major update. Please ensure you have at least 2GB of free disk space before installing. All PHP containers will be restarted when appcd is updated. Once installed, /var/enhance_container_images can be removed.

• PHP containers now mirror the file system of the host o/s, with sensitive directories hidden.
• Software installed on the host o/s can now be accessed within the PHP container.
• New PHP packages will be installed as apt packages on the host o/s.

Enhanced

• PHP CLI can now be accessed from the host o/s. This should not be used to administer websites.
• Significant reduction in disk space requirement for new installations.
• Ioncube loader is now available for PHP 8.3.

Appcd 3.1.4

Security

• Potential race condition in mailbox creation logic.

Appcd 3.1.3

Fixed

• Under some conditions, where a website has multiple secondary domains, email addresses could be associated with the wrong domain within the appcd database.

Appcd 3.1.2

Enhanced

• Improvements to srs_milter service for messages having multiple recipients in a single SMTP transaction where more than one has a forwarder.

Appcd 3.1.1

Enhanced

• Improvements to srs_milter service, specifically logic for sender rewriting when using an outgoing smart host.

Appcd 3.1.0

Added

• Support for Ubuntu 24.04 (Noble Numbat).

Enhanced

• Reduced log verbosity for srs_milter service.
• Improvement to in-memory website data store for improved control panel performance on larger servers.

11.0.2 Core

Fixed

• Failure to enable website preview where the configured preview domain suffix exists as a website owned by the immediate parent organisation.

Enhanced

• Improvement to mail server conversion from versions < 11.0.0. Increased tolerance for missing data from legacy configuration.
• Minor UI improvements.

Appcd 3.0.4

3rd July 2024

Fixed

• Messages sent with an mixed or uppercase envelope from would bypass the user level whitelist/blacklist.
• File manager would fail to load directories named “api” when Openlitespeed or Litespeed was deployed on the control panel server.
• Poor performance when fetching the SSL list for a website with a very high number of mapped domains.

11.0.1 Core + Appcd 3.0.3

1st July 2024

Fixed

• DKIM would sometimes fail to be re-enabled after updates from versions prior to 11.0.0.
• Increased RPC timeout for cPanel/Plesk email imports.
• Minor UI fixes and improvements.

Appcd 3.0.2

28th June 2024

Enhanced

• Changes to default postfix config.

Fixed

• PAM module would sometimes fail to enter website containers where ephemeral containers had previously been used for email operations.
• Forwarder-only addresses would sometimes generate a false NDR.

Appcd 3.0.1

27th June 2024

Enhanced

• Postfix/Dovecot SNI hosts rebuilt immediately after service installation.
• Postfix vdomains immediately rebuilt after service installation.

Fixed

• Smart host custom ports were not properly written to postfix config.

11.0.0 Core + Appcd 3.0.0

Please note: We recommend updating appcd on each server before applying the core update from your Enhance dashboard. To do this, run apt update && apt install appcd as root.

26th June 2024

Changed

• Re-engineered email platform.
  • All email responsibility is now handled by appcd rather than the 3 separate mtacd, imapcd and spamcd containers for greater speed, reliability and configurability.
  • All mailboxes now belong to the website user. Hard disk quotas configured at a website level will apply to the emails when the application role and email role are placed on the same server.
  • Your email data will be automatically migrated to the new structure during the update to this version.
    • One server will be migrated at a time. Email services will continue to function whilst the update is pending.
    • Please check your backups before applying this update.
    • If you experience any unexpected issues, please raise a support ticket.
  • Website generated emails are now sent from the local MTA rather than being forwarded to the assigned email server for the website. This does not require the email role to be installed on the web server. If you have a global smart host configured, this will be applied automatically to all web servers where the email role is not installed.

Added

• Outbound rate limiting for website generated emails.
• Outbound rate limiting for SMTP messages.
• Outbound spam scanning, will reject spam messages at SMTP time.
• Global IP whitelist for internal email servers.
• Ability to persistently edit most email server config.
• Smart host credentials are now optional.
• Sender rewriting for forwarded messages.

Enhanced

• Revised method for streaming mailbox backups to S3, does not require an intermediate tar.gz to be created.
• Reduced memory usage for filerd file management service.
• Obsolete S3 backup restore points are automatically removed after the S3 configuration is removed.
• ServerHostname websites now have only the application role placed.
• Improvements to internal locking strategy in appcd for improved efficiency and performance.
• Document root permissions and ownerships are now checked after every server role migration.
• PAM module for entering customer/website containers has been improved.
• Fixes to whitelist/blacklist email functionality.

10.8.6 Core

3rd June 2024

Fixed

• File manager excessive memory usage when downloading large files.
• File manager issue compressing directories beginning with a . character.
• Workaround for migration of databases from later versions of MariaDB to MySQL due to unsupported default collation.

10.8.5 Core

29th May 2024

Added

• Option to perform streaming WHM transfers as root on the cPanel server to bypass CloudLinux restrictions.

10.8.4 Core

Enhancement

• Increased timeout for WHM transfer RPC to allow for larger imports.
• Improvements to WHM transfer retry logic.

10.8.3 Core

Fix

• Mitigation for breaking change in mariadb-dump utility affecting imports from cPanel.

Enhancement

• WHM import will now retry the rsync 10 times in case of connectivity failure or other interruption.

10.8.2 Core

Fix

• WHM import obeys custom SSH port setting for streaming transfer.
• WHM import is now tolerant of files changing during transfer.

Enhancement

• UI now pre-fills the document root with the domain when creating a subdomain or addon domain.

Appcd 2.6.0

Fix

• Some special characters in document roots could potentially cause a syntax error in Apache or Nginx config.

Enhancement

• When an additional domain is mapped, the document root is automatically created if missing.

10.8.1 Core

Fix

• Minor bug fixes to WHM transfer system related to parsing of JSON output.

10.8.0 Core

Fix

• End users were unable to update their subscription friendly name.
• Under some circumstances, end users would receive a permission error when attempting to “push live” a staging website to an existing live website.
• Under some circumstances, the mysql user password hash would not be retained when the password was manually updated.

Feature

• Ability to stream websites from a remote cPanel server using root WHM credentials (beta).
• It is now possible to run a WordPress “search and replace” during push-live or cloning.

10.7.1 Core

Fix

• Mitigation for wordpress.org rate limiting by attempting other download URLs.

10.7.0 Core

23rd April 2024

Fix

• Domain mappings are now removed after all fallible operations on website deletion to prevent the possibility of “orphaned” website entries.
• Cloning of websites would sometimes fail due to the format of the MySQL password hash.

Enhancement

• WordPress updates initiated via the Enhance UI now call wp-cli.
• Newly created DNS zones now set the first platform name server as SOA nameserver if present.
• PHP error log location now indicated in UI.
• Where a server is offline, the cause is now suggested in the UI.
• File manager list view now has sorting options.
• Improvements to Polish language pack.
• Improvements to visibility of domain selector for Nginx configuration.

Feature

• Ability to enable PDO DBLib and APCu PHP extensions on a per-website basis.

Appcd 2.5.1

20th April 2024

Fix

• PHP OpenSSL module for versions < 8.1 was unable to load trusted CA certificates due to incorrect path.

Appcd 2.5.0

16th April 2024

Enhancement

• Removed dependency on Ubuntu 20.04 container base image for PHP versions < 8.1, saving 1.8GB on installation footprint.
• PHP 8.3.6, 8.2.18, 8.1.28 PHP patch version updates.
• GD Avif support for PHP >= 8.1.
• apcu extension available for optional loading.
• PDO Dblib extension available for optional loading.

10.6.1 core

Fix

• Intermittent failure cloning or pushing live larger websites.
• Inability to clone website when password hash is not available.
• Radio selector on “new website” page showed -1 in place of Unlimited.

Enhancement

• Subscription friendly name now displayed in more places.
• DKIM status now shown in email list.

10.6 Core

2nd April 2024

Feature

• Staging website improvements:
  • You can now push a staging website to a new or existing live website without having to delete the staging site.
  • The clone or push-live procedure now displays a verbose log.
• V1 Advance mode added to DNS zone editor:
  • Ability to edit or delete the SOA record for an existing domain.
• Ability to assign friendly names to Subscriptions.
• WordPress theme manager:
  • Select a theme to pre-install on a per package level.
  • Manage themes from WordPress toolkit.

Enhancement

• Polish and Greek translation updates.
• Portuguese language pack.
• Improved error messaging for cPanel/Plesk website imports.
• Inline guidance for setting website resource limitations.
• cPanel/Plesk importer now filters out SHELL= lines from crontab imports.
• WordPress maintenance mode is now set for 10 years.
• Internal errors returned via the API are now explicitly logged to the orchd log.
• Removed false “init failed” activity log message on first startup.

Fix

• The pagination on ‘Websites’ now persists after performing actions.
• A cta now shows in the plugin manager empty state (if allowed on package).
• File editor no longer prompts for saving if no changes have occurred.
• MySQL access hosts no longer duplicated on phpMyAdmin users.
• DNS editor now accepts subdomain wildcards ie. *.subdomain.
• Modification of platform nameservers now skips any customer domains which not found.

Appcd 2.4.2

29th March 2024

Enhancement

• Log processor now waits longer between runs to reduce graceful web server reloads.
• Litespeed and Openlitespeed web server default configs now include IPv6 listener.

Security

Website containers can no longer reach other containers over IP.

Appcd 2.4.1

18th March 2024

Enhancement

• Nginx config generation no longer adds PHP directives to Control panel websites.
• Debian package post install script now runs “systemctl enable ufw” on every update/installation

10.5 Core

6th March 2024

Feature

• Ability for a master organisation to select a website’s server location when importing a cPanel or Plesk backup.
• PHP extension manager V1 (Website > Developer tools > PHP) provides the ability to enable optional PHP extensions which are not included in the default config.

Enhancement

• Roundcube auto updates for the centralised Roundcube installation.
• Ability to clone a website across subscriptions.
• Ukrainian language pack.
• A ‘2 day’ option has been added to ‘Max/min backup age’.
• Improvements to the DNS zone and Cron job editor.
• New ‘Account setup’, ‘New websites’, ‘New customers’ and ‘Website disk usage’ cards on the master organisations/ Reseller dashboards.
• Vazirmatn font added to ‘Branding settings’.
• Package card improvements - staging website resource is now hidden if ‘0’ resource usage assigned.
• Restoration of a database backup will now re-create the database if it was deleted through the UI or API.
• Improvements to Bulgarian language pack.

Fix

• Plesk backup untar would fail when the target website used an older PHP version.
• S3 backups would sometimes fail when a restore was initiated immediately after a filerd container update.
• On cPanel/Plesk imports, the addon domain resource is only checked if the backup contains addon domains.
• MySQL password hashes were not retained when a website imported from cPanel or Plesk was subsequently moved to a different server in the cluster.
• Disaster recovery now takes the last complete backup rather than the last backup.
• The reseller “websites” resource was sometimes not consumed correctly when creating a customer subscription and therefore the reseller could create more websites than their package allowed if they did this before the next automatic usage recalculation.

Appcd 2.4.0

5th March 2024

Feature

• Preparation for PHP extension manager. Requires forthcoming core update.

PHP packages

4th March 2024

• PHP 8.3.3
• PHP 8.2.16

Appcd 2.3.1

25th February 2024

Enhancement

• An /etc/hosts entry for the system hostname is now added to each PHP container to improve PHP startup time.
• Openlitespeed config rebuild now writes to a temporary file before updating the running config.

10.4 Core

20th February 2024

Feature

• Ability to disable the ‘Screenshot’ service on a per server basis. (Servers > Manage > ’…’ > Screenshots)
• This feature defaults ‘On’ for servers with more than 2GB on RAM.

Enhancement

• Removal of persistent Screenshotd service for reduced memory overhead. Website screenshots are now handled by Appcd.
• PT-BR language pack improvements.
• Gmail auto-configuration styling improvements for configured records.
• cPanel imports can now handle MySQL usernames up to 80 characters where the destination MySQL variant is MariaDB.

Fix

• Issue downloading SQL backups through the Enhance panel when the MySQL variant is MariaDB 11.
• Enhance will no longer attempt to back up ServerHostname websites which resulted in a false error in the activity log.
• Backup errors are no longer logged where a backup is already in progress.
• Website soft deletion now tolerates FTP accounts which do not exist on the server.
• cPanel importer no longer skips directories called “php” or “mail” if they are outside of the root of the home directory.
• cPanel importer can now handle directories without owner write permissions.

Appcd 2.3.0

19th February 2024

Feature

Preparation for revised screenshot system with lower resource consumption and no persistent processes when screenshots are not in progress.

Enhancement

Website config persistence now gracefully handles “disk full” scenarios, preventing truncation of config data.

10.3 Core

2nd February 2024

Feature

• Ability to send system notifications to a Slack channel.
• One channel can be set per organisation.
• A master organisation or reseller can now create unlimited name server hostnames.

Enhancement

• Plesk importer UI improvements in dark mode.
• Additional data points (3, 4, 5 and 6 days) added to ‘Maximum backup retention’ setting.
• South Korean language pack (beta)
• ‘Move server’ moved to sit beneath ‘Websites’ in the left hand spine.
• Backup system is now more tolerant of files which change during a backup process.
• Plesk importer can now handle backups created with no compression.
• Plesk importer now handles backups containing empty mailbox passwords.
• imapcd backups are now more tolerant of slow disk performance.
• Improved tolerance of partially provisioned or externally removed backup users on the backup role.

Fix

• Ability to transfer the ownership of a ‘staging’ website to another organisation.
• ‘Branding’ setup step now correctly shows as completed for Resellers.
• Activity log no longer shows for ‘collaborator’ users.
• Issue with resellers being unable to unsuspend a website they had previously suspended
• Plesk importer did not apply the document root correctly for the primary website.
• Issue copying the database password hash from MySQL users created with caching_sha2_password on earlier versions of Enhance.
• It is now possible for a normal user to import a cPanel/Plesk backup if no email role is installed anywhere on the cluster, provided that backup contains no emails.
• DKIM setup instructions now showing correctly.

Appcd 2.2.2

Enhancement

• Additional error reporting for MySQL database transfers.

Appcd 2.2.1

Enhancement

• PHP and PHP-FPM error logs are now logged to the website home dir. These are cleaned up on container restart to avoid excessive disk usage.
• SSH MOTD now disabled by default.

PHP packages

• PHP 8.3.2
• PHP 8.2.15
• PHP 8.1.27

10.2 Core

24th January 2024

Feature

• Plesk website importer (beta):
• Ability to import a full Plesk backup (not protected by a password). For end users an import can be carried out by uploading a backup. For the MO an import can be carried out by - SCP and by uploading a backup.
• V1 server, website and activity log.
• Ability to enable/disable maintenance mode from the WordPress toolkit.
• Ability to manually request Let’s Encrypt for mail.customerdomain (mapped to the website’s mail server) to avoid waiting for automatic Let’s Encrypt.
• Ability to set a custom SSL for mail.customerdomain.
• Ability to invite a user with a URL rather than sending an email.

Enhancement

• Left hand spine improvements;
• This defaults to the Enhance icon. If you have white labelled the panel we recommend that you upload an inverse icon in Branding > Control panel > Inverse icon asap.
• If no server hostname is available, webmail.{primary_domain} now shows in ‘Email connection settings’ card
• Romanian, Italian, Croatian, Serbian and Bosnian language packs (beta)
• More verbose logging for website migrations.
• More descriptive error messages when attempting to allocate more subscription resources than are available.
• Additional compatibility improvements for moving websites from MySQL to MariaDB and MariaDB to MySQL.
• orchd uses an internal IP to connect to appcd on the master server, for customers who use NAT without “hairpin” routing enabled.
• Improvements to FTP user cleanup when permanently deleting a website.
• cPanel importer untar performance improvements

Fix

• Edit database privileges no longer gives a white screen.
• Nginx rewrites (if present) are now migrated during app role migration.
• cPanel/Plesk importer now import subdomains last to avoid issues with the parent domain not existing.
• Updating WordPress site URL also updates “home” variable.
• cPanel/Plesk importer can now handle FTP usernames up to 255 characters.
• Domains which are soft-deleted can now be added to a different organisation.
• Mitigation for docker image where a container does not stop in time for service uninstallation.
• Disaster recovery now functions properly if both S3 and Enhance backups are enabled.
• cPanel importer is tolerant of capital letters in email valiases file.
• WordPress app deletion is now tolerant of the database being previously deleted.

Appcd 2.2.0

20th January 2024

Feature

• When using the OpenLiteSpeed web server kind, Enhance will attempt to monitor document roots for .htaccess changes and automatically reload OpenLiteSpeed.

Enhancement

• Default php.ini now contains memory_limit 256M.
• MySQL databases can now contain the . character if it is not at the start or end of the name.

10.1 Core

10th January 2024

Feature

• Automatic site URL update when updating the primary domain name for a WordPress website.
• Ability to set a ‘Delay first backup’ setting;
• This setting will delay the initial backup of newly created websites. Default is 15 minutes. (Settings > Service > Backups)

Enhancement

• Updates to Arabic, Bulgarian, Polish and Estonian language pack.
• Minor right to left UI improvements.
• Bengali and Turkish language pack added. (beta)
• Improvements to dark mode implementation.
• Databases are now dumped with —skip-lock-tables and —single-transaction during backups.
• Increased appcd RPC timeouts to accommodate slower servers.
• Internal RPC services that are infrequently accessed are now connected “on demand” rather than using pooled connections to reduce idle TCP connection count on larger clusters.

Fix

• Database role restart in UI from database role management page now fixed.
• MySQL database version now correctly shows in the UI.
• Ability to duplicate packages which have a server group selected now fixed.
• Issue backing up some MySQL databases with stored procedures and functions.
• cPanel import issue with importing databases with stored procedures and functions.
• SQL import through panel now allows uploading of files with multiple period characters in the filename.
• Role migration, fix for “website not found” when moving app + db roles simultaneously.
• Fix for cloning of websites where stored procedures and custom functions exist.
• Error migrating backup role where S3 backups are also configured.
• Email pagination fix.

10.0 Core

• 15th December 2023

:::caution ⚠️ This core update will replace the mysqlcd container (version 8.0.28) on each of your database servers with a new mySQL container running version 8.0.35.

This will happen one server at a time after initiating the core update through the Enhance UI. Your databases will be offline whilst the new MySQL starts which shouldn’t take more than a few seconds. Since this involves a MySQL upgrade, you should always check the integrity of your backups first. If you experience any problems, please send a support ticket.

The update relies on updating the appcd package on each server. If you have a large cluster, you can improve the speed of the core update by pre-emptively updating appcd on each server, through the ui (from the application role settings) or through the command line using apt.

This update is not compatible with Ubuntu 20.04. If you have any servers running Ubuntu 20.04, please update to 22.04 by running “do-release-upgrade” before installing this Enhance update. :::

Feature

• MariaDB support. More information
• Custom VirtualHost config for sites on Apache and Nginx in UI. More information
• Ability to pre-install arbitrary WordPress plugins on a package level.
• Ability to install arbitrary plugins from the WordPress plugin manager. More information
• Ability to reset a customer’s password on their behalf. More information
• Ability to create ‘location based’ hosting packages, with the user having a choice of location at the point of adding a website. More information
• Newly created websites now have a local MySQL user which has credentials stored in a .my.cnf file allowing database access from SSH without needing to enter a password.

Enhancement

• PHP 8.3 support.
• Updated German, Spanish and Polish language packs
• Georgian, Danish, Serbian, Bulgarian and Slovakian language packs (beta)
• If no ‘Global webmail domain’ is given, the ‘Webmail’ button in a users account will now use mail.{customers_domain} to connect
• Improved performance and caching for fetching of subscription usage.
• Improvements to MySQL database upload/download through the panel.

Fix

• cPanel importer can now import databases containing hyphens. Forwarders with destinations set to :fail: are skipped.
• Deletion of a detected WordPress app no longer deletes the database if another WordPress app within the same website is using it.
• cPanel importer now strips any AddHandler directives from the .htaccess file which may not be valid on Enhance.
• Appcd 2.1.0 + older

Appcd 2.1.0

8th January 2024

Enhancement

• Let’s Encrypt provisioning no longer performs preflight check for manual request.

Appcd 2.0.1

15th December 2023

Fix

• When upgrading from legacy mysqlcd, “activate_all_roles_on_login” was not copied from the old my.cnf which could cause issues with remote database connections.
• When resetting nginx custom vhost config to default, the web server could be left in an state where it was unable to start.

Appcd 2.0.0

14th December 2023

Feature

• Preparation for MariaDB support (requires core update 10.0.0)
• Preparation for PHP 8.3 support (requires core update 10.0.0)

Enhancement

• Improvement to internal locking strategy for faster website creation.
• Nginx config now rejects SNI handshake on default host.

17th November 2023

Fix

• Removal of mapped domains from servers running LiteSpeed or OpenLiteSpeed would erroneously return an error.

14th November 2023

Enhancement

• Improved concurrency for wp-cli operations
• zstd utility now available in customer SSH environment
• Preparation for partner licence program

Appcd 1.10.2

3rd October 2023

Enhancement

Improvement to speed of building PHP container base environment.

Fix

Docker image for Apache and Nginx now sets correct ownership on /tmp/modsecurity.

Appcd 1.10.0

27th September 2023

Enhancement

• Preparing for upcoming mod_security feature (requires upcoming core 9.9.0 update)
• Custom vhost includes for Apache and Nginx
• Improved service performance for website creation/management and SSL issuance
• The service can now handle /etc/shadow files containing blank lines
• /usr/bin/wp is now a symlink to /usr/bin/wp-cli
• Preparation for IonCube support on PHP 8.2 (requires upcoming core 9.9.0 update)

⚠️ Important: If you are running Nginx or Apache, this update will briefly stop and restart your web server from a new Docker image. There will be up to 60 seconds of downtime.

Appcd 1.9.1

2nd September 2023

Enhancement

• Improvement to Let’s Encrypt logic for control panel websites.

Appcd 1.9.0

31st August 2023

• Please note: This update will rebuild all virtualhost files on first startup.

Enhancement

• Let’s Encrypt certificate issuance is now able to bypass the website’s .htaccess rules.

Fix

• Redis would occasionally fail to restart when the the PHP container was restarted on PHP versions < 8.1.

Appcd 1.8.1

24th August 2023

Security

• Mitigation of potential vulnerability. More details will be disclosed after 1st October 2023.

Appcd 1.8.0

7th August 2023

Feature

• Preparation for Redis support (requires upcoming core update)

Fix

• Prevention of web server log buildup during stats processing where some log files are missing.

Appcd 1.7.2

1st August 2023

Fix

• /etc/apt/sources.list changed within PHP chroot environment to resolve package dependency issue.

Appcd 1.7.1

29th July 2023

Enhancement

• Let’s Encrypt certificates within a given website are now retried in ascending order of last attempt.

Appcd 1.7.0

28th July 2023

Feature

• IonCube is now downloaded when the PHP chroot environment is built.

Security

• We have identified a potential vulnerability in appcd and this update mitigates it. We recommend applying the update ASAP. Fully disclosure will be made on the 1st of September 2023.

Appcd 1.6.2

Enhancement

• Improvement to retry strategy for automatic Let’s Encrypt certificates.

Appcd 1.6.1

21st July 2023

Enhancement

• Improvement to internal locking strategy allows faster creation and modification of PHP containers on servers with a large number of hosted websites. Appcd 1.6.0

18th July 2023

Enhancement

• Appcd will now provision LetsEncrypt certificates for all websites in place of the centralised system.

• Nginx try_files directive now includes $args on all newly created or modified virtual hosts.

• Web server kind set to Apache on initial startup.

Fixed

• Excessive Apache reloads when rebuilding virtual hosts.

Appcd 1.5.1

14th June 2023

Enhancement

• Nginx web server vhosts now have client_max_body_size of 200MB.
• Nginx web server vhosts now have gzip encoding by default.
• Improved parsing logic for apt sources.list when building PHP chroot environments.
• New PHP packages: PHP 8.2.7, 8.1.20, 8.0.29.

Appcd 1.5.0

8th June 2023

Feature

Support for nginx web server (requires 9.4.0 core, not yet released)

Fix

• Suspended websites on LiteSpeed and OpenLiteSpeed are now removed from the virtualHost list.

Appcd 1.4.2

12th May 2023

Enhancement

• Improvements to handling of fetching of hard disk quotas where file system is mounted by id or uuid.

Appcd 1.4.1

29th April 2023

Fix

• Resetting LiteSpeed config now sets correct file ownership.

Appcd 1.4.0

28th April 2023

Feature

• Changes to (commercial) LiteSpeed core configuration are now persisted when virtualhosts are added or modified through Enhance.

Appcd 1.3.4

10th March 2023

Enhancement

• chroot builder now updates ca certificates on base ubuntu environment when creating a chroot environment.

Appcd 1.3.3

8th March 2023

Enhancement

• Workaround for systems with unresolvable hostnames being unable to install ssmtp apt package.
• System quota support in preparation for future core release.
• Adjustments to internal RPC timeout for smoother WordPress operations.
• Ubuntu mirrors are now speed tested before selection.

Appcd 1.2.5

14th February 2023

Fix

• Missing ‘n’ character in PHP auto-generated resolv.conf within website PHP containers.

Appcd 1.2.4

14th February 2023

Enhancement

• When building the chroot environments for PHP, a local Ubuntu mirror is used in preference to archive.ubuntu.com for better performance.

Appcd 1.2.3

3rd February 2023

Fix

• Resolved issue with website primary domain change on control panel websites.

Appcd 1.2.2

30th January 2023

Enhancement

• Additional tolerance added to licence check.

Appcd 1.2.1

26th January 2023

Fix

• cgroups memory.max setting was incorrectly applied in some scenarios.

Appcd 1.2.0

17th January 2022

Enhancement

• PHP 8.2 support.
• GMP module (PHP 7.0 and above).
• Mailparse module (PHP 7.4 and above).
• ffmpeg binary now in PHP containers.
• Hard resource limit support (Ubuntu 22.04 only).

Appcd 1.1.0

15th December 2022

Enhancement

• Redis PHP module.
• IMAP PHP module.
• Explicit allow for docker container range.
• Improvement in startup logic for initial installation.
• Improvement in uninstall logic for .deb package.
• Composer now installed by default in PHP containers as /usr/bin/composer.
• httpd.conf now sets ServerTokens Prod.
• Default ServerLimit is now 256 (this will be updated on web server change).

Fix

• LiteSpeed always delays reload by 1 second to mitigate issue with duplicate POST when creating websites on control panel server.

Appcd 1.0.17

22nd November 2022

• ℹ️ Appcd updates are only available on 8.1.0 Core. Appcd updates are available on a per server basis. To update your Appcd versions - Manage servers > Application role > ‘Check for update’

Enhancement

If OpenLiteSpeed is started before orchd on a control panel server (for instance after a reboot), appcd now detects this scenario and issues a graceful reload signal to OpenLiteSpeed to allow it to resume serving the API proxy.

Appcd 1.0.16

18th November 2022

• ℹ️ Appcd updates are only available on 8.1.0 Core. Appcd updates are available on a per server basis. To update your Appcd versions - Manage servers > Application role > ‘Check for update’

Enhancement

display_errors is now off in php.ini by default for newly created websites. Caching is now enabled by default at a server level when using LiteSpeed.

Fix

• Excessive graceful restarting of LiteSpeed and OpenLiteSpeed during website statistics processing.
• Port 443 UDP is now exposed for QUIC support in LiteSpeed and OpenLiteSpeed. Please note this requires a signed SSL to function.

9.10.3 Core + older

9.10.3 Core

14th November 2023

Security

• Mitigation for potential vulnerability relating to the backup/restore system. 9.10.2 Core

13th November 2023

Enhancement

• S3 backups now retry if the S3 provider returns an error.
• S3 now clears temporary files if an upload fails.

Fix

• Edits to DNS records are now reflected in the UI without needing to hard refresh.
• Package usage indicator on the website dashboard now checks the correct subscription when user has 2+ subscriptions.
• WordPress SSO compatibility issue with themes which require a companion plugin.

9.10.1 Core

3rd November 2023

Fix

• Backup settings within Add/Edit package are now configurable when using just S3.
• DNS and DNSSEC on a package level are not enabled and disabled correctly.
• S3 backup will remove temporary files in the event of an upload failure to prevent excessive disk usage.
• S3 backup is tolerant of files changing during the backup process.
• In dark mode the inverse logo is now used during the password reset flow.

9.10.0 Core

31st October 2023

Feature

• IPV6 support. More information
• Ability to set dark mode as default for all new accounts. (Settings > Branding)
• S3 and S3 compatible providers can now be selected as a backup target, in addition to or in place of the Enhance backup role. More information

Enhancement

• Move server migration sessions;
• Migrations are now displayed by the date and time the migration took place.
• Improvements have been made to the ‘Updating toast’ so that it only shows when an update is taking place and no longer shows on lost connections.
• Estonian and Greek language pack (beta).
• Better handling of PHP errors in WordPress toolkit.
• On cloning a website, WP_HOME is now set to match WP_SITEURL.
• CloudFlare integration is more tolerant of poor connectivity.
• Website search field persists when using the browser’s back button.

Fix

• cPanel importer is tolerant of stored procedures, views and triggers with DEFINER definitions.
• php-fpm setting are now available in UI for Nginx web server.
• API errors when moving the database or email role for a website with subdomains.
• Service website domains can now be updated from ‘Platform settings’.
• Disk stats collection no longer fails when a site has bad permissions.
• Newly created subdomains are now synced to CloudFlare.
• WordPress cron path was incorrect on addon/subdomains with custom path.
• Bug during website server migration causing migrations to fail where subdomains existed.

9.9.1 Core

30th September 2023

Enhancement

• Improvement to update logic to handle potential database inconsistency in older installations.

9.9.0 Core

29th September 2023

Feature

• ModSecurity for Apache and Nginx;
• Can be enabled on a per server and website basis. The OWASP® ModSecurity Core Rule Set (CRS) are applied by default and the config can be updated on a per server basis. More information.
• Subdomain DNS to exist within parent domain instead of separate zone.
• Ability to install WordPress on addon, alias and subdomains;
• Users can also update their Site URL from with the Enhance panel.

Enhancement

• Ability to capture a ‘Note’ for manual website backups.
• Ioncube support on php 8.2.
• Cloning a website improvements;
• Automatically replace the siteurl and home on the destination website.
• Copy php version.
• Copy Redis status.
• Deleted, suspended and disabled websites are selected by default during ‘move server’.
• Ability to delete websites which are on a decommissioned server.
• Improved efficiency to micro-service communication.
• Ability to capture a ‘Friendly name’ for access tokens.
• Numerical keyboard now triggers for 2FA on mobile.
• Traditional, simplified Chinese Hindi and Persian language packs (beta).
• Improvement to handling of large cPanel backup files.
• Improved error reporting.

Fix

• Fix for auto deletion of backup snapshots where the snapshot was removed outside of Enhance.

• Improved validation for CNAME and MX records.

• php.ini and php-fpm global defaults are now applied correctly on new application role installation.

• ⚠️ This core update will initiate an apt package upgrade on each server in your cluster. It is critical for this core update that the apt upgrade succeeds. If you have a large cluster, we would recommend manually running “apt upgrade” as root on the individual servers prior to applying the core Enhance update so that any failures (which may be due to 3rd party repositories) can be detected and rectified.

9.8.0 Core

5th September 2023

Feature

• Auto reload PHP after editing php.ini when running OLS or LiteSpeed.
• Ability to bulk update php versions (websites > bulk action)
• The ability for the master organisation to update the php version for all websites on their estate. Deleted and suspended website and websites which are running the selected version will be skipped.

Enhancement

• Tooltips are now clickable on mobile.
• Emoji picker added to ‘server group name’ field.
• ‘Get info’ added to file manager.
• Improvement to spam filtering.
• Improvement to handling of internationalised WordPress user management.
• DNSKEY and DS records to display for DNSSEC.
• Ability for Let’s Encrypt validation to bypass .htaccess rules.
• Russian and Arabic language pack (beta).
• Dark mode contrast adjustment.

Fix

• Fix for auto deletion of backup snapshots where the snapshot was removed outside of Enhance.
• Fix for CloudFlare integration where domains without the same account are using the partial/CNAME method.
• Fix for default automatic cleanup of soft deleted websites, default now correct applied.
• Fix for error unpacking home directory of large cPanel backups.
• Fix for website collaborators being unable to fetch Cloudflare status on domains.
• Fix for CloudFlare sync issue where account contains domains with CNAME method.

9.7.0 Core

18th August 2023

Feature

• DNSSEC support (Website > Domains > DNSSEC);
• This can be enabled/disabled on a per package basis.
• Redis support (Website > Developer tools > php);
• This can be enabled/disabled on a per package basis.
• Ability to manually restart a site’s PHP container from within the UI. (Website > Developer tools > php)
• Prohibited domain names (Settings > Platform > Prohibited domains);
• Ability for the master organisation to restrict specific domains from being added to the platform.

Enhancement

• New server card design; now displaying web server type.
• A block now prevents server hostnames beginning with ‘mail.’ from being added to the platform.
• Improved Hungarian translations.
• cPanel importer will now attempt to import custom MX records if present.

Fix

• wp-admin SSO button on Apps overview page now correctly works.

9.6.0 Core

5th August 2023

Feature

• IonCube loader toggle in UI (Website > Developer tools).
• A default php version and supported php versions configurable per package.
• Hungarian local (beta).

Enhancement

• Default php version has been update to 8.1.
• phpmyadmin and wp-admin SSO buttons now open in a new tab.
• Copy buttons have been added to database names and database users.
• Middle truncate and copy button added to Email client settings.

Fix

• Login page now uses inverse logo while in dark mode.
• Mail domain aliases are no longer created for preview domain.
• Failed website restores (due to file permissions) no longer leave the website in restoring state.
• RoundCube aliases are no longer created for preview and staging domains.

9.5.1 Core

27th July 2023

Fix

• File manager, redirects and FTP options failed to show for customers where application role placement was disabled on their assigned server.

9.5.0 Core

21st July 2023

Feature

• Let’s Encrypt management panel;
• A certificate can be requested on demand from ‘Security’ > ‘SSL certificates’
• All new websites and domain aliases will automatically gain a Let’s Encrypt for mail[dot], if the DNS points to the current server. The customer can use this address to connect with POP/IMAP/SMTP in place of the server hostname.
• Webmail will be accessible on mail.customerdomain. This will offer better performance than the centralised RoundCube installation where latency between your customer mail server and control panel server is high. Please note this is a separate instance of RoundCube and will not share calendar/contacts with the centralised RoundCube. This address is not currently shown to your customers.
• On updating to version 9.5.0, Enhance will automatically attempt to add the mail.customerdomain Roundcube and SSL to existing websites and domains. It may take some time to issue all of the SSLs. This will happen in the background and no manual action is required.
• On updating to version 9.5.0, all existing “server domains” will be converted to websites which have the kind “server hostname”. This enables Enhance to request LetsEncrypt certificates using HTTP validation rather than DNS. These websites do not count towards your licence cost.
• It should now be possible to issue LetsEncrypt certificates even where the website uses a caching proxy (such as CloudFlare).
• A ‘create account URL’ has been added to Branding > Organisation;
• If provided a ‘create account’ link will display on the login page

Enhancement

• A white background has been added to the 2FA QR barcode while in dark mode
• Branding styling preview has been moved inline
• Colour visualiser added to Servers overview page > disk space
• If any partition is over 90% an orange warning will show, over 95% a red warning will show.
• Pagination and search functionality has been added to WordPress > Users
• Server load graphs now abide by users locale
• Logs on ‘Move server’ now display the date and time of each log entry
• Mail and SQL IP added is now displayed on a websites ‘At a glance’ card
• Improvements to logic for deletion of websites that may have been partially deleted in the past.

Fix

• Resellers can now freely select a ‘pre-installed application’ (if enabled on their package)
• Resellers with 2FA now see the correct spine items in all instances
• The ‘Backups’ button in the quick link bar on a website dashboard no longer shows if a backup role is not assigned to the website
• File manage nested file deletion fixed
• Email quota now correctly reflects usage
• Package > CPU > this input now accepts decimal numbers
• Server placement during website cloning now abides by server overrides
• Various translation fixes, including;
• ‘tar.gz’ is now excluded from translations, ‘WordPress version’ has a translation key + updated Dutch translations

9.4.1 Core

16th June 2023

Enhancement

• Improvement to appcd connection logic to mitigate issues when the app server is behind a DDoS filtering appliance.

Fix

• UI issue with file manager which could cause accidental file deletion.
• phpMyAdmin SSO now works when the control panel web server is Nginx.

9.4.0 Core

11th June 2023

Feature

• Nginx web server is now supported. ‘FastCGI caching’, ‘Rewrites’, ‘Cache exclusions’ can all be configured on a per website basis. FastCGI cache can be manually purged. (BETA)
• Server disaster recovery capability. Websites can be moved to another server with the cluster if the original server is permanently lost, using backup data if available.
• The HELO name for the email role can now be updated. (Server > Email > Settings > General)
• Global DNS templating. Set DNS records to be applied to all new websites. (native and imported)

Enhancement

• During orchd (core) update, authentication is now the first service to be initialised to allow customers to continue to log in during an ongoing update.
• File manager improvements;
• Double click file to open editor
• A persistent load toast is now displayed during compress file
• Cut icon now shows in dark mode
• The Inverse logo is now used on login page when in dark mode.
• ‘Server’ fields are now searchable.
• DNS helper when setting fully qualified domain names as CNAME/MX values.
• Improvements to Spanish translations.
• Web server type is now displayed on a website’s dashboard.
• Reduced UI bundle size.
• Better error reporting and logging for rsync errors during website server moves and backups.
• Any temporary files left behind by the chromium instance as part of the screenshot service are now periodically removed.

Fix

• A green toast now shows when a WordPress website’s update schedule is successfully changed.
• RPC timeout on database cPanel import extended to allow for larger backup imports.
• Websites on LiteSpeed and OpenLiteSpeed are now correctly taken offline when suspended or unsuspended.
• Issue with appcd initialising when a server is behind a DDOS appliance.

9.3.1 Core

17th May 2023

Fix

• Security patch

9.3.0 Core

12th May 2023

Feature

• A Master organisation can now SCP a backup file to the cPanel importer.
• Dark mode (Account > Profile > Theme) (Beta).

Enhancement

• The DKIM validation status now only shows when DKIM is enabled.
• WordPress toolkit can now handle custom table prefixes.
• Role usage has temporarily been removed from ‘Manage servers’ until accurate data can be returned.
• UX improvements to ‘File manager’ tree.

Fix

• Protection against retrying a cPanel backup import.
• WordPress SSO button no longer redirects to the Application’s overview page before opening wp-admin.
• Cloning of website with multiple WordPress installations would sometimes write an incorrect database password to the new wp-config.php.
• Website creation will no longer fail if the backup server is unavailable. The backup service will be provisioned on first backup creation.
• Website collaborators can now enable DKIM and validate its status.

Core 9.2.1

2nd May 2023

Fix

• Intermittent LetsEncrypt SAN validation error for www aliases has been resolved.

Core 9.2.0

30th April 2023

Feature

• Hard disk quotas:
• Ability to enable/disable on a platform level, set on a per website and per-package level.
• LiteSpeed V2:
• Custom configurations are now saved on a per server basis.
• Ability to ‘Reset config to default’ and ‘Reset admin password’ from within the Enhance control panel.
• WP toolkit ability to toggle WP_DEBUG, WP_DEBUG_LOG and WP_DISPLAY.
• Ability to rename a customer’s Organisation (Customers > Manage customer).
• Ability to search a server by IP address.
• DKIM support.
• Brute force protection:
• Ability to set rate limiting by IP address and Email address.
• Ability to add IP addresses and Email addresses to a Block / Allow list.

Enhancement

• Table settings now persist on ‘Packages’.
• When editing a file ‘Ctrl’ + ‘S’ will save inline.
• Tables have been redesigned on mobile to offer a consistent experience.
• Data graphs in ‘Analytics’ are now horizontally scrollable on mobile.
• Norwegian translations added (Beta).

Fix

• All suffixes are now accepted in ‘Redirects’ and domains are copied correctly.
• Access tokens ‘Authorization’ removed from translations.
• It is now possible to ‘Transfer ownership’ of a website through the ‘Customers’ management page.
• Website ‘Collaborators’ can now create databases.
• A ‘Dedicated’ package can now be upgraded with the same server selection.
• Websites are now properly removed from email server’s local relay list on website deletion.
• cPanel importer now properly handles inconsistencies in the format of the tar backup.
• cPanel importer has improved handling of SSL imports including location of missing ca bundles.
• cPanel importer now handles email imports where the Maildir files are compressed.

Security

• Improved handling of SQL backups uploaded through the control panel.

Core 9.1.2

26th March 2023

Fix

• API colour coding of users and websites would sometime generate an invalid hex code.

Older release notes.

WHMCS module 1.1.3 + older

WHMCS module 1.1.3

31st August 2023

Fix

Single sign-on is now more reliable when multiple users are present in a customer’s account.

Older release notes.