Enhance release notes

Last updated: November 2023

Appcd 1.11.1

- 17th November 2023

  • Removal of mapped domains from servers running LiteSpeed or OpenLiteSpeed would erroneously return an error.

9.10.3 Core

- 14th November 2023

  • Mitigation for potential vulnerability relating to the backup/restore system.

Appcd 1.11.0

- 14th November 2023

  • Improved concurrency for wp-cli operations
  • zstd utility now available in customer SSH environment
  • Preparation for partner licence program

9.10.2 Core

- 13th November 2023

  • S3 backups now retry if the S3 provider returns an error.
  • S3 now clears temporary files if an upload fails.

  • Edits to DNS records are now reflected in the UI without needing to hard refresh.
  • Package usage indicator on the website dashboard now checks the correct subscription when user has 2+ subscriptions.
  • WordPress SSO compatibility issue with themes which require a companion plugin.

9.10.1 Core

- 3rd November 2023

  • Backup settings within Add/Edit package are now configurable when using just S3.
  • DNS and DNSSEC on a package level are not enabled and disabled correctly.
  • S3 backup will remove temporary files in the event of an upload failure to prevent excessive disk usage.
  • S3 backup is tolerant of files changing during the backup process.
  • In dark mode the inverse logo is now used during the password reset flow.

9.10.0 Core

- 31st October 2023

  • IPV6 support. More information
  • Ability to set dark mode as default for all new accounts. (Settings > Branding)
  • S3 and S3 compatible providers can now be selected as a backup target, in addition to or in place of the Enhance backup role. More information

  • Move server migration sessions;
    • Migrations are now displayed by the date and time the migration took place.
  • Improvements have been made to the 'Updating toast' so that it only shows when an update is taking place and no longer shows on lost connections.
  • Estonian and Greek language pack (beta).
  • Better handling of PHP errors in WordPress toolkit.
  • On cloning a website, WP_HOME is now set to match WP_SITEURL.
  • CloudFlare integration is more tolerant of poor connectivity.
  • Website search field persists when using the browser's back button.

  • cPanel importer is tolerant of stored procedures, views and triggers with DEFINER definitions.
  • php-fpm setting are now available in UI for Nginx web server.
  • API errors when moving the database or email role for a website with subdomains.
  • Service website domains can now be updated from 'Platform settings'.
  • Disk stats collection no longer fails when a site has bad permissions.
  • Newly created subdomains are now synced to CloudFlare.
  • WordPress cron path was incorrect on addon/subdomains with custom path.
  • Bug during website server migration causing migrations to fail where subdomains existed.

WHMCS module 1.1.3 + older

WHMCS module 1.1.3

- 31st August 2023

  • Single sign-on is now more reliable when multiple users are present in a customer's account.

WHMCS module 1.1.1

-27th April 2023

  • Single sign-on now uses WHMCS system URL when generating the SSO link in the client area.

WHMCS module 1.1.0

-26th April 2023

  • The client area now contains a link for single sign on which will automatically log the customer in to the Enhance control panel with the credentials of the organisation Owner.
  • The module can now upgrade/downgrade subscriptions subject to resource constraints.

  • The module now uses a custom product field `enhanceSubscriptionId` in place of `subscriptionId` to store the subscription ID for future operations.

Appcd 1.10.2 + older

Appcd 1.10.2

- 3rd October 2023

  • Improvement to speed of building PHP container base environment.

  • Docker image for Apache and Nginx now sets correct ownership on /tmp/modsecurity.

Appcd 1.10.0

- 27th September 2023

  • Preparing for upcoming mod_security feature (requires upcoming core 9.9.0 update)
  • Custom vhost includes for Apache and Nginx
  • Improved service performance for website creation/management and SSL issuance
  • The service can now handle /etc/shadow files containing blank lines
  • /usr/bin/wp is now a symlink to /usr/bin/wp-cli
  • Preparation for IonCube support on PHP 8.2 (requires upcoming core 9.9.0 update)

⚠️ Important: If you are running Nginx or Apache, this update will briefly stop and restart your web server from a new Docker image. There will be up to 60 seconds of downtime.

Appcd 1.9.1

- 2nd September 2023

  • Improvement to Let's Encrypt logic for control panel websites.

Appcd 1.9.0

- 31st August 2023

Please note: This update will rebuild all virtualhost files on first startup.

  • Let's Encrypt certificate issuance is now able to bypass the website's .htaccess rules.

  • Redis would occasionally fail to restart when the the PHP container was restarted on PHP versions < 8.1.

Appcd 1.8.1

- 24th August 2023

  • Mitigation of potential vulnerability. More details will be disclosed after 1st October 2023.

Appcd 1.8.0

- 7th August 2023

  • Preparation for Redis support (requires upcoming core update)

  • Prevention of web server log buildup during stats processing where some log files are missing.

Appcd 1.7.2

- 1st August 2023

  • `/etc/apt/sources.list` changed within PHP chroot environment to resolve package
    dependency issue.

Appcd 1.7.1

- 29th July 2023

  • Let's Encrypt certificates within a given website are now retried in ascending order of last attempt.

Appcd 1.7.0

- 28th July 2023

  • IonCube is now downloaded when the PHP chroot environment is built.

  • We have identified a potential vulnerability in appcd and this update mitigates it. We recommend applying the update ASAP. Fully disclosure will be made on the 1st of September 2023.

Appcd 1.6.2

  • Improvement to retry strategy for automatic Let's Encrypt certificates.

Appcd 1.6.1

- 21st July 2023

  • Improvement to internal locking strategy allows faster creation and modification of PHP containers on servers with a large number of hosted websites.

Appcd 1.6.0

- 18th July 2023


- Appcd will now provision LetsEncrypt certificates for all websites in place of the centralised system.

- Nginx try_files directive now includes $args on all newly created or modified virtual hosts.

- Web server kind set to Apache on initial startup.


- Excessive Apache reloads when rebuilding virtual hosts.

Appcd 1.5.1

- 14th June 2023

  • Nginx web server vhosts now have client_max_body_size of 200MB.
  • Nginx web server vhosts now have gzip encoding by default.
  • Improved parsing logic for apt sources.list when building PHP chroot environments.
  • New PHP packages: PHP 8.2.7, 8.1.20, 8.0.29.

Appcd 1.5.0

- 8th June 2023

  • Support for nginx web server (requires 9.4.0 core, not yet released)

  • Suspended websites on LiteSpeed and OpenLiteSpeed are now removed from the virtualHost list.

Appcd 1.4.2

- 12th May 2023

  • Improvements to handling of fetching of hard disk quotas where file system is mounted by id or uuid.

Appcd 1.4.1

- 29th April 2023

  • Resetting LiteSpeed config now sets correct file ownership.

Appcd 1.4.0

- 28th April 2023

  • Changes to (commercial) LiteSpeed core configuration are now persisted when virtualhosts are added or modified through Enhance.

Appcd 1.3.4

- 10th March 2023

  • chroot builder now updates ca certificates on base ubuntu environment when creating a chroot environment.

Appcd 1.3.3

- 8th March 2023

  • Workaround for systems with unresolvable hostnames being unable to install ssmtp apt package.
  • System quota support in preparation for future core release.
  • Adjustments to internal RPC timeout for smoother WordPress operations.
  • Ubuntu mirrors are now speed tested before selection.

Appcd 1.2.5

- 14th February 2023

  • Missing 'n' character in PHP auto-generated resolv.conf within website PHP containers.

Appcd 1.2.4

- 14th February 2023

  • When building the chroot environments for PHP, a local Ubuntu mirror is used in preference to for better performance.

Appcd 1.2.3

- 3rd Feb 2023

  • Resolved issue with website primary domain change on control panel websites.

Appcd 1.2.2

- 30th January 2023

  • Additional tolerance added to licence check.

Appcd 1.2.1

- 26th Jan 2023

  • cgroups memory.max setting was incorrectly applied in some scenarios.

Appcd 1.2.0

- 17th January 2022

  • PHP 8.2 support.
  • GMP module (PHP 7.0 and above).
  • Mailparse module (PHP 7.4 and above).
  • ffmpeg binary now in PHP containers.
  • Hard resource limit support (Ubuntu 22.04 only).

Appcd 1.1.0

- 15th December 2022

  • Redis PHP module.
  • IMAP PHP module.
  • Explicit allow for docker container range.
  • Improvement in startup logic for initial installation.
  • Improvement in uninstall logic for .deb package.
  • Composer now installed by default in PHP containers as /usr/bin/composer.
  • httpd.conf now sets ServerTokens Prod.
  • Default ServerLimit is now 256 (this will be updated on web server change).

  • LiteSpeed always delays reload by 1 second to mitigate issue with duplicate POST when creating websites on control panel server.

Appcd 1.0.17

- 22nd November 2022

ℹ️ Appcd updates are only available on 8.1.0 Core. Appcd updates are available on a per server basis. To update your Appcd versions - Manage servers > Application role > 'Check for update'

  • If OpenLiteSpeed is started before orchd on a control panel server (for instance after a reboot), appcd now detects this scenario and issues a graceful reload signal to OpenLiteSpeed to allow it to resume serving the API proxy.

Appcd 1.0.16

- 18th November 2022

ℹ️ Appcd updates are only available on 8.1.0 Core. Appcd updates are available on a per server basis. To update your Appcd versions - Manage servers > Application role > 'Check for update'

  • display_errors is now off in php.ini by default for newly created websites.
  • Caching is now enabled by default at a server level when using LiteSpeed.

  • Excessive graceful restarting of LiteSpeed and OpenLiteSpeed during website statistics processing.
  • Port 443 UDP is now exposed for QUIC support in LiteSpeed and OpenLiteSpeed. Please note this requires a signed SSL to function.

9.9.1 Core + older

9.9.1 Core

- 30th September 2023

  • Improvement to update logic to handle potential database inconsistency in older installations.

9.9.0 Core

- 29th September 2023

  • ModSecurity for Apache and Nginx;
    • Can be enabled on a per server and website basis. The OWASP® ModSecurity Core Rule Set (CRS) are applied by default and the config can be updated on a per server basis. More information.
  • Subdomain DNS to exist within parent domain instead of separate zone.
  • Ability to install WordPress on addon, alias and subdomains;
    • Users can also update their Site URL from with the Enhance panel.

  • Ability to capture a 'Note' for manual website backups.
  • Ioncube support on php 8.2.
  • Cloning a website improvements;
    • Automatically replace the siteurl and home on the destination website.
    • Copy php version.
    • Copy Redis status.
  • Deleted, suspended and disabled websites are selected by default during 'move server'.
  • Ability to delete websites which are on a decommissioned server.
  • Improved efficiency to micro-service communication.
  • Ability to capture a 'Friendly name' for access tokens.
  • Numerical keyboard now triggers for 2FA on mobile.
  • Traditional, simplified Chinese Hindi and Persian language packs (beta).
  • Improvement to handling of large cPanel backup files.
  • Improved error reporting.

  • Fix for auto deletion of backup snapshots where the snapshot was removed outside of Enhance.
  • Improved validation for CNAME and MX records.
  • php.ini and php-fpm global defaults are now applied correctly on new application role installation.

⚠️ This core update will initiate an apt package upgrade on each server in your cluster. It is critical for this core update that the apt upgrade succeeds. If you have a large cluster, we would recommend manually running "apt upgrade" as root on the individual servers prior to applying the core Enhance update so that any failures (which may be due to 3rd party repositories) can be detected and rectified.

9.8.0 Core

- 5th September 2023

  • Auto reload PHP after editing php.ini when running OLS or LiteSpeed.
  • Ability to bulk update php versions (websites > bulk action)
    • The ability for the master organisation to update the php version for all websites on their estate. Deleted and suspended website and websites which are running the selected version will be skipped.

  • Tooltips are now clickable on mobile.
  • Emoji picker added to 'server group name' field.
  • 'Get info' added to file manager.
  • Improvement to spam filtering.
  • Improvement to handling of internationalised WordPress user management.
  • DNSKEY and DS records to display for DNSSEC.
  • Ability for Let's Encrypt validation to bypass .htaccess rules.
  • Russian and Arabic language pack (beta).
  • Dark mode contrast adjustment.

  • Fix for auto deletion of backup snapshots where the snapshot was removed outside of Enhance.
  • Fix for CloudFlare integration where domains without the same account are using the partial/CNAME method.
  • Fix for default automatic cleanup of soft deleted websites, default now correct applied.
  • Fix for error unpacking home directory of large cPanel backups.
  • Fix for website collaborators being unable to fetch Cloudflare status on domains.
  • Fix for CloudFlare sync issue where account contains domains with CNAME method.

9.7.0 Core

- 18th August 2023

  • DNSSEC support (Website > Domains > DNSSEC);
    • This can be enabled/disabled on a per package basis.
  • Redis support (Website > Developer tools > php);
    • This can be enabled/disabled on a per package basis.
  • Ability to manually restart a site's PHP container from within the UI. (Website > Developer tools > php)
  • Prohibited domain names (Settings > Platform > Prohibited domains);
    • Ability for the master organisation to restrict specific domains from being added to the platform.

  • New server card design; now displaying web server type.
  • A block now prevents server hostnames beginning with 'mail.' from being added to the platform.
  • Improved Hungarian translations.
  • cPanel importer will now attempt to import custom MX records if present.

  • wp-admin SSO button on Apps overview page now correctly works.

9.6.0 Core

- 5th August 2023

  • IonCube loader toggle in UI (Website > Developer tools).
  • A default php version and supported php versions configurable per package.
  • Hungarian local (beta).

  • Default php version has been update to 8.1.
  • phpmyadmin and wp-admin SSO buttons now open in a new tab.
  • Copy buttons have been added to database names and database users.
  • Middle truncate and copy button added to Email client settings.

  • Login page now uses inverse logo while in dark mode.
  • Mail domain aliases are no longer created for preview domain.
  • Failed website restores (due to file permissions) no longer leave the website in restoring state.
  • RoundCube aliases are no longer created for preview and staging domains.

9.5.1 Core

- 27th July 2023

  • File manager, redirects and FTP options failed to show for customers where application role placement was disabled on their assigned server.

9.5.0 Core

- 21st July 2023

  • Let's Encrypt management panel;
    • A certificate can be requested on demand from 'Security' > 'SSL certificates'
    • All new websites and domain aliases will automatically gain a Let's Encrypt for mail[dot], if the DNS points to the current server. The customer can use this address to connect with POP/IMAP/SMTP in place of the server hostname.
    • Webmail will be accessible on mail.customerdomain. This will offer better performance than the centralised RoundCube installation where latency between your customer mail server and control panel server is high. Please note this is a separate instance of RoundCube and will not share calendar/contacts with the centralised RoundCube. This address is not currently shown to your customers.
    • On updating to version 9.5.0, Enhance will automatically attempt to add the mail.customerdomain Roundcube and SSL to existing websites and domains. It may take some time to issue all of the SSLs. This will happen in the background and no manual action is required.
    • On updating to version 9.5.0, all existing "server domains" will be converted to websites which have the kind "server hostname". This enables Enhance to request LetsEncrypt certificates using HTTP validation rather than DNS. These websites do not count towards your licence cost.
    • It should now be possible to issue LetsEncrypt certificates even where the website uses a caching proxy (such as CloudFlare).
  • A 'create account URL' has been added to Branding > Organisation;
    • If provided a 'create account' link will display on the login page

  • A white background has been added to the 2FA QR barcode while in dark mode
  • Branding styling preview has been moved inline
  • Colour visualiser added to Servers overview page > disk space
    • If any partition is over 90% an orange warning will show, over 95% a red warning will show.
  • Pagination and search functionality has been added to WordPress > Users
  • Server load graphs now abide by users locale
  • Logs on 'Move server' now display the date and time of each log entry
  • Mail and SQL IP added is now displayed on a websites 'At a glance' card
  • Improvements to logic for deletion of websites that may have been partially deleted in the past.

  • Resellers can now freely select a 'pre-installed application' (if enabled on their package)
  • Resellers with 2FA now see the correct spine items in all instances
  • The 'Backups' button in the quick link bar on a website dashboard no longer shows if a backup role is not assigned to the website
  • File manage nested file deletion fixed
  • Email quota now correctly reflects usage
  • Package > CPU > this input now accepts decimal numbers
  • Server placement during website cloning now abides by server overrides
  • Various translation fixes, including;
    • 'tar.gz' is now excluded from translations, 'WordPress version' has a translation key + updated Dutch translations

9.4.1 Core

- 16th June 2023

  • Improvement to appcd connection logic to mitigate issues when the app server is behind a DDoS filtering appliance.

  • UI issue with file manager which could cause accidental file deletion.
  • phpMyAdmin SSO now works when the control panel web server is Nginx.

9.4.0 Core

- 11th June 2023

  • Nginx web server is now supported. 'FastCGI caching', 'Rewrites', 'Cache exclusions' can all be configured on a per website basis. FastCGI cache can be manually purged. (BETA)
  • Server disaster recovery capability. Websites can be moved to another server with the cluster if the original server is permanently lost, using backup data if available.
  • The HELO name for the email role can now be updated. (Server > Email > Settings > General)
  • Global DNS templating. Set DNS records to be applied to all new websites. (native and imported)

  • During orchd (core) update, authentication is now the first service to be initialised to allow customers to continue to log in during an ongoing update.
  • File manager improvements;
    • Double click file to open editor
    • A persistent load toast is now displayed during compress file
    • Cut icon now shows in dark mode
  • The Inverse logo is now used on login page when in dark mode.
  • 'Server' fields are now searchable.
  • DNS helper when setting fully qualified domain names as CNAME/MX values.
  • Improvements to Spanish translations.
  • Web server type is now displayed on a website's dashboard.
  • Reduced UI bundle size.
  • Better error reporting and logging for rsync errors during website server moves and backups.
  • Any temporary files left behind by the chromium instance as part of the screenshot service are now periodically removed.

  • A green toast now shows when a WordPress website's update schedule is successfully changed.
  • RPC timeout on database cPanel import extended to allow for larger backup imports.
  • Websites on LiteSpeed and OpenLiteSpeed are now correctly taken offline when suspended or unsuspended.
  • Issue with appcd initialising when a server is behind a DDOS appliance.

9.3.1 Core

- 17th May 2023


  • Security patch

9.3.0 Core

- 12th May 2023

  • A Master organisation can now SCP a backup file to the cPanel importer.
  • Dark mode (Account > Profile > Theme) (Beta).

  • The DKIM validation status now only shows when DKIM is enabled.
  • WordPress toolkit can now handle custom table prefixes.
  • Role usage has temporarily been removed from 'Manage servers' until accurate data can be returned.
  • UX improvements to 'File manager' tree.

  • Protection against retrying a cPanel backup import.
  • WordPress SSO button no longer redirects to the Application's overview page before opening wp-admin.
  • Cloning of website with multiple WordPress installations would sometimes write an incorrect database password to the new wp-config.php.
  • Website creation will no longer fail if the backup server is unavailable. The backup service will be provisioned on first backup creation.
  • Website collaborators can now enable DKIM and validate its status.

Core 9.2.1

- 2nd May 2023

  • Intermittent LetsEncrypt SAN validation error for www aliases has been resolved.

Core 9.2.0

-30th April 2023

  • Hard disk quotas:
    • Ability to enable/disable on a platform level, set on a per website and per-package level.
  • LiteSpeed V2:
    • Custom configurations are now saved on a per server basis.
    • Ability to 'Reset config to default' and 'Reset admin password' from within the Enhance control panel.
  • WP toolkit ability to toggle WP_DEBUG, WP_DEBUG_LOG and WP_DISPLAY.
  • Ability to rename a customer's Organisation (Customers > Manage customer).
  • Ability to search a server by IP address.
  • DKIM support.
  • Brute force protection:
    • Ability to set rate limiting by IP address and Email address.
    • Ability to add IP addresses and Email addresses to a Block / Allow list.

  • Table settings now persist on 'Packages'.
  • When editing a file 'Ctrl' + 'S' will save inline.
  • Tables have been redesigned on mobile to offer a consistent experience.
  • Data graphs in 'Analytics' are now horizontally scrollable on mobile.
  • Norwegian translations added (Beta).

  • All suffixes are now accepted in 'Redirects' and domains are copied correctly.
  • Access tokens 'Authorization' removed from translations.
  • It is now possible to 'Transfer ownership' of a website through the 'Customers' management page.
  • Website 'Collaborators' can now create databases.
  • A 'Dedicated' package can now be upgraded with the same server selection.
  • Websites are now properly removed from email server's local relay list on website deletion.
  • cPanel importer now properly handles inconsistencies in the format of the tar backup.
  • cPanel importer has improved handling of SSL imports including location of missing ca bundles.
  • cPanel importer now handles email imports where the Maildir files are compressed.

  • Improved handling of SQL backups uploaded through the control panel.

Core 9.1.2

- 26th March 2023

  • API colour coding of users and websites would sometime generate an invalid hex code.

Core 9.1.1

- 17th March 2023

  • A billing URL can now be set by the MO and Resellers. We recommend this is used to link back to your billing platform.

  • A generic name is now displayed for self signed SSL Certificates.
  • Improved error messaging for users who have uploaded an invalid backup on the cPanel importer.
  • When linking a domain to a cloudflare account a confirmation modal highlights the changes that will be made to an account.
  • Updated default login image.
  • imap-login service in Dovecot now has connection limit default of 1024.
  • WordPress plugin deletion now uses uninstall rather than delete.
  • Website colour coding now has more colour variants.

  • IP manager now lists all IPs added.
  • Fixed compatibility issue with RoundCube 1.6.x due to renamed internal variable smtp_server.
  • SSL Certificates are no longer altered when uploaded.
  • cPanel importer now succeeds where no quota is set on the source server.
  • cPanel importer now correctly handles PHP versions configured by CloudLinux PHP selector.
  • Database import/export via UI now works with extra long database names.

Core 9.1.0

- 11th March 2023

Before updating to 9.1.0 through the UI, please log in to your control panel server as root and run:

mkdir -p /var/www/control-panel/ui.update
This is a one time step which will not be required for future updates.

Please note, when synchronising a domain with CloudFlare for the first time, if the domain already exists in CloudFlare the existing zone will be replaced. Therefore if there are custom records in CloudFlare that you wish to retain, you should set the records in Enhance before connecting the domain to CloudFlare.

  • cPanel website importer - restore from cPanel account backup. (Beta)
  • CloudFlare integration for DNS syncing and proxy status. Multiple keys can be added and managed on account level. Each domain can be linked to a Cloudflare account which allows for a DNS proxy status to be set. (Beta)
  • Transfer the ownership of a website between direct customers and back to your own organisation.
  • Update the server group provisioning for an existing package.

  • File manager improvements; shift and click to select ranges and syntax highlighting in CSS files.
  • Server domain functionality has now been moved to 'Servers' > 'Email role' > 'Settings'. When installing an email role the 'Server domain' field is displayed.
  • Spanish and Polish translation updates.
  • Improved panel and API performance when roles are being installed.
  • Improved WordPress toolkit speed.
  • phpMyAdmin now defaults to using SSL when connecting to remote servers.
  • Improved servers page performance.
  • New Roundcube websites are version 1.6.1.
  • More verbose error logging for application role errors.

  • WordPress crontab entry is now removed when uninstalling WordPress through Enhance.
  • SQL import through the panel now correctly accepts files up to 1GB.
  • API spec correction for uninstallServerRole.
  • Cloning a WordPress sites now performs a search and replace of wp-config.php.
  • Hard resource limits on a per website basis now display accurately.
  • Changing website primary domain no longer breaks PHP mail() functionality
  • API connection is no longer disrupted when a database connection pool capacity is exceeded.

Core 9.0.1

- 9th Feb 2023


  • WordPress salt is now randomised on installation.
  • WordPress pseudo cron is now disabled in wp-config.php on installation.
  • WordPress plugin auto update status fetching logic improvements.
  • Additional tolerance to prevent licence errors.

  • Service polling logic is now more reliable.
  • A 404 is now returned for website placement instead of 500 when an application service is not available.
  • The file manager now handles editing a JSON file correctly.
  • While installing Enhance the server now queries multiple IP services to find correct IP.
  • Let's Encrypt certificates without any assigned domains can now be removed.
  • The password for an FTP account can now successfully be updated.
  • Error when storing/retrieving docker credentials.
  • Perm delete a website now succeeds for website's that were partially deleted on a previous attempt.
  • Site backups now have a determinate state when the snapshot stage fails.
  • Site backups no longer occasionally deadlock under high load
  • Website control panel and filerd proxies are no longer lost when changing a control panel primary domain.

Core 9.0.0

- 20th Jan 2023

ℹ️ If you are still running Ubuntu 20.04 LTS, you will need to update to 22.04 LTS for the "Hard resource limits" feature to function. Follow these steps to update to Ubuntu 22.04.

  • Hard resource limits 'System resources' can now be configured on a package level and overridden on a per website basis. Learn more.
  • Database improvements. A single database user can now be assigned access to multiple databases.
  • WordFence is available as a pre-install plugins on a package level.
  • Bandwidth usage can now be viewed on a per website basis (Website > Analytics).
  • A hosting package (Settings > packages) can now be duplicated.
  • PHP 8.2 is now supported.

  • Appcd now auto updated where required for interoperability with core.
  • Improved error messaging communicating to a customer why features are unresponsive during a website backup/restore.
  • WordPress plugin listing now served from cache.
  • A 'Refresh' button has been introduced to the WordPress plugin card, allowing users to refresh the table as and when needed to reduce overheads.
  • Automatically created WordPress cron jobs now have randomised minute within the hour rather than running every 30 minutes.
  • Polish and French translation files available.
  • Staging websites can now be cloned.
  • Nameservers which are mapped to a DNS role can now be seen on the DNS tab in Servers > Manage server.
  • Subscription ID is now exposed in Customers > packages.
  • 10, 20, 50 and 100 now available as 'view items' options on table pagination.

  • Permissions on the file manager are now accurately reflected in the UI.
  • Subscription now returns more accurate usage data for customers having both Reseller and non-reseller hosting plans.
  • 'Optimisation'/ Opcode caching can no longer be allowed on Control Panel websites.
  • System generated email settings now apply even if the test email fails
  • Listing organisation emails as a Collaborator user only shows emails from websites to which the Collaborator has access
  • Changing mailbox settings other than the quota does not update the quota.
  • WordPress user listing now functions when unrecognised roles are present. The user role "customer" is skipped.

8.2.0 Core

- 9th December 2022


  • Service statuses in the UI are now served from in-memory cache (refreshed at 60 second intervals) which will improve performance for large clusters.
  • The Watchd service has been removed, reducing memory footprint.
  • Duplicate quotation marks now removed from TXT records automatically.

  • Multiple fixes for control panel SSO (backend and UI)
  • FTP users are now successfully migrated when moving a websites application role between servers.
  • CNAME destinations can now contain underscores.
  • WordPress discovery now handles single line comments in wp-config.php
  • WordPress plugin detection now skips "drop-in" plugins whilst continuing to load other plugins.
  • Mail server settings are now all validated before being added to the postfix config.
  • Domain email local/remote setting now functions where the website has no mailboxes provisioned.
  • When updating a control panel domain from 'platform settings' public_html is now set as the document root.

8.1.0 Core

- 18th November 2022


  • Pre-install plugins on WordPress websites is now a package level setting.
  • Control panel single sign-on (SSO).
  • Indonesian and Polish (Beta) language packs.
  • The Appcd version running on an application role can be viewed and updated on a per server basis.
  • Discover new allows existing WordPress installation to be found and managed through the Enhance interface.


  • Cloning websites now updates the wp-config.php file of any discovered WordPress websites with the new database credentials.
  • Items shown per page are now saved in state on overview tables.
  • Websites can now be moved to roles which are disabled.
  • Fetching of server information is now more efficient and no longer holds database connections. Better handling of down servers within the cluster.
  • New WordPress installations now have their wp-config.php set to 600 permissions.

  • Resellers can now access/manage Access tokens.
  • Bandwidth resource usage is now correctly returned when fetching subscription status.
  • WordPress "must-use" plugins no longer generate an error when listing plugins for a WordPress installation.
  • Automatically generated preview domain is now accepted by LetsEncrypt. Format has been changed.
  • Rate limiting of failed logins was too aggressive. Better error messages in UI.
  • Occasional failure of WordPress installations when performed as part of the website creation process where the web server is LiteSpeed or OpenLiteSpeed.
  • Potential issue with out of office replies not sending if system logger failed.

8.0.0 Core

- 28th October 2022

Please read more about updating to 8.0.0 here.

  • LiteSpeed and OpenLiteSpeed web servers are now supported. Learn more.
  • WordPress SSO is now available in the WordPress toolkit.
  • php versions 7.0, 7.1, 7.2, 7.3 and 8.1 are now available.
  • Customers can now be filtered by 'Status' and 'Package'.
  • It is now possible to 'su' directly to the website's system user. This will enter the containerised environment automatically.
  • It is now possible to edit a website's cron tab from the host o/s using the standard "crontab" command. crontabs are executed within the PHP containerised environment.

  • Installation requirements are reduced by 50%. Recommended minimum hardware requirements are now: 4GB RAM minimum, 40GB disk, 2CPU cores or vCPUs.
  • Settings on the customers table are now remembered across sessions.
  • An on demand refresh button is available on the File Manager.
  • Opcode caching is now enabled by default on all new websites.
  • Dutch language pack is available. (Beta)
  • Various UI improvements.
  • PHP is now containerised by the appcd service, there is no longer a docker container per website greatly reducing overheads.

  • Resource usage calculation is now fixed.
  • SMTP settings no longer require a 'username' and 'password'.
  • The total website count on /home now includes soft deleted websites.
  • A wildcard IP address can now be added to a Database users.
  • Cron jobs with a Weekly run rate are now successfully added.

7.4.0 Core

- 13th September 2022

  • WooCommerce + WordPress can now be installed as an Application and can also be offered as a pre installed application.
  • The Portuguese-Brazilian language pack is now available.
  • A custom 'From address' for system generated emails can be configured. This is also available for Resellers.
  • A custom 'eCommerce' URL can be configured. If provided, a 'Buy new package' will be displayed on a customer's 'Package' page.

  • Service websites (RoundCube, Control panel and phpMyAdmin) can now be moved between servers. The Application role for these websites cannot be moved.
  • Settings on the Websites table are now remembered across sessions.

  • Logic for traversing the directory tree of websites optimised to reduce memory consumption within file management service.
  • Emails can now be sorted by size.

7.3.0 Core

- 18th August 2022

  • A customer's subscription/package can now be upgraded or downgraded to a different package.
  • The Spanish language pack is now available (Beta).
  • Service websites can now be deleted and restored.

  • The file manager's folder upload actions has been optimised.
  • Error messaging throughout the panel has been improved.
  • The Email table can now be sorted.
  • Clone website functionality is now disabled during the add website flow if the customer does not have any active websites.
  • 'Service websites' and 'Domain aliases' now default to shown on the Website table.

  • If a website does not have an Email server IP, auto-configuration of Gmail DNS records will now succeed.
  • Both 301 and 302 domain redirects are now working correctly.
  • Let's Encrypt now removes DNS validation records where the DNS challenge is rejected to prevent zone files growing too large.

7.2.0 Core

- 29th July 2022

  • Users can now search websites by their ID (UUID format).
  • Users can now search websites by any of their domain aliases in addition to the primary domain.
  • German language pack is now available.
  • Folders can now be uploaded to the the file manager.

  • An inverse logo can now be uploaded to the branding settings.
  • When impersonating a customer, soft-deleted websites are now hidden (as the customer would see them).
  • Where permanent website deletion partially succeeds, the operation can now be retried to fully remove any remaining data.
  • The native Enhance WordPress installer no longer permits WordPress users to be created with duplicate email addresses.
  • New look bulk action bar.

  • The screenshot displayed on a website's dashboard now automatically updates when refreshed by a user.
  • System generated emails no longer fail when configuration is custom and username is not an email address.

7.1.0 Core

- 30th June 2022

  • Users can now download and bulk download files directly to their browser.

  • Container logs now rotate, effectively reducing server disk usage.
  • If SMTP systems details have not yet been configured, key system emails are now sent using a Local MTA.
  • Multiple usability improvements have been made to the file manager, including;
    • The file editor now supports full screen and window mode.
    • The file manager is now full screen, making the best use of the space available.
    • The .enhance file is now read only.
  • A site's creation date is now displayed on the 'At a glance' card on a website dashboard.
  • PHP tidy extension now enabled by default.
  • PHP 7.4 updated to 7.4.30.
  • PHP 8.0 updated to 8.0.20.

  • Mail routing options are now hidden from websites which do not have an email role assigned.

7.0.0 Core

- 10th June 2022

  • Server disk usage is now shown per partition.
  • Roundcube default version updated to 1.5.2.
  • Website access tokens are now generated by the application server rather than the control panel server. The key to generate an access token is generated on filerd boot and held in memory.
  • Advanced website filtering by server and role is available.
  • When converting a mailbox account to a forwarder-only account it is now possible to enter any destination address.
  • Website metrics now require less disk space.
  • Internal task scheduler now uses a separate database connection pool.

  • File manager sessions are automatically refreshed when they expire.
  • Backup executor thread for application server now re-spawns on error.
  • Server SSL Let's Encrypt certificates now automatically provision on all roles.
  • When moving a website between application roles, data is now fully removed from the source server.

5.0.9 Core

- 28th April 2022

  • A SSH login command is now displayed on 'SSH keys' and 'SSH password authentication'.

  • Additional user guidance provided on 'nameservers' creation.
  • phpMyAdmin display_errors disabled explicitly on the sign on script - this will override any server settings.
  • Website placement falls back to global placement if no available role is in the packages assigned server group.
  • Website dashboard load speed is now faster thanks to a separate DNS status end point.
  • Source maps are no longer distributed with the Frontend bundle.
  • 'Backup Enhance software' setting has been removed. The Enhance database is automatically backed up every 4hrs.
  • Session cookies now have the 'Secure' flag.
  • Cross origin headers are no longer sent by default.
  • Additional validation has been added to the backup role installation to guide users.

  • When renaming a file is selected, the name would default to '-copy'. This is now fixed.
  • The page title now obeys the organisations brand settings.
  • Email resources now default to '0' when an email role is installed after the package is created.
  • When a server role install times out a descriptive error message is now displayed and the role installation continues in the background.

4.1.1 Core

- 14th April 2022

  • Internal DNS resolver (used for Let's Encrypt pre-flight checks) is now faster and more efficient.
  • phpMyAdmin single signon now uses cache buster to prevent caching of redirects in some browsers.

  • phpMyAdmin single sign-on bug when a website has multiple databases.
  • Service updates now continue on a given server even if one service fails to update.
  • Error on subscribing customers to shared plans.

4.0.2 Core

- 13th April 2022

  • A server's primary IP can now be updated. Updating the primary IP will update in the database and the in-memory store. It will only impact newly added sites.

  • When a domain alias is added with a directory that doesn't exist, the directory is now created.
  • Install link now uses ''.
  • Small UI improvements.

  • On mobile it was not possible to visit the 'My account' page. This is now fixed.
  • phpMyAdmin single sign-on logic now occurs mostly via the API and sessions are populated in backend. This improves reliability and security of phpMyAdmin single sign-on.
  • Licence usage calculation now excludes "service" websites.
  • Other miscellaneous bug fixes.

Got a question about updating?

Check out our Update Enhance guide or email your questions to