A new apnscp update has been released to the servers. Of importance (and the most prolonged development time), is a new SSL application that allows you to manage your SSL certificate from the control panel. We’re testing the correctness of everything, before putting SSL management on auto-pilot. You can do everything except install a new certificate at this time. Just open a ticket within the control panel to have us update your SSL certificate.

SSL certificate management app
SSL certificate management app

Mail > Manage Mailboxes now supports a simple syntax to bulk-add mailboxes following the form:
<mailbox to create> <address1>, <address2>, <addressN>

Bulk add dialog in Mail > Manage Mailboxes
Bulk add dialog in Mail > Manage Mailboxes

Reports > Storage Tracker now includes a historical graph of storage usage for users, giving you a better indication of their historical growth rates.

Historical storage usage in Reports > Storage Tracker.
Historical storage usage in Reports > Storage Tracker

And finally, for accounts that qualify for terminal support, Dev > Terminal includes a built-in terminal!

New terminal interface in Dev > Terminal
New terminal interface in Dev > Terminal

We added some more features under the hood, including argument decomposition, a new process spawning via fork, and vanquished a throng of bugs. Enjoy!


  • NEW: initial SSL app release
  • NEW: bulk mailbox creation (Manage Mailboxes)
  • NEW: DNS bypass file to skip domain verification process (Aliases)
  • NEW: file manager command: create file, creates an empty file named after input
  • NEW: historical storage usage graph (Storage Tracker)
  • NEW: decompose() – break a string down into its command and arguments (Util_Process)
  • NEW: embedded terminal for Developer+ accounts (Terminal)
  • NEW: process Fork class, for when you need to fork a process off (Util_Process)
  • FIX: compat fix, mounting procfs with hidepids=1 masks crond process (Crontab)
  • FIX: remove_transport()- auto-detection failed to remove MX record on positive (Email)
  • FIX: null arguments bypass remainder of arguments (Module Skeleton)
  • FIX: change_domain()- refrain from passing null to dns_get_records_external, invoker misinterprets argument list as finalized (Auth)
  • FIX: jQuery browser detection bitrot (AJAX Unbuffered)
  • FIX: delete()- remove symlinks to which the referent does not exist (File)
  • FIX: help formatting error on apps with hidden breadcrumbs (Page Template)
  • FIX: workaround for visible hidden mounts in systemd (Stats)
  • FIX: move()- moving multiple files to a directory fails (File)
  • FIX: update multiselect compatibility with jQuery 1.9
  • FIX: XSS in DNS parameter field (DNS Manager)
  • FIX: balance quotes in TXT records if quotes exist adjacent to start/end (DNS)
  • FIX: retain key association on message buffer sort (Page Container)
  • FIX: correctly populate subdomain/domain host maps, include subdomain domain maps for flipping between reference (Mail Routing)
  • FIX: incorrectly sync directories outside user-writeable filesystem (Transfer)
  • FIX: verification hash fails, because site/info/current directory not always accessible by other users (Aliases)
  • FIX: session cache clobbered (afi)
  • FIX: hidden wiki text appears outside viewport resulting in elongated horizontal scrollbar (Page Template)
  • FIX: sudo process wrapper incorrectly asserts domain check for admin (Util_Process:Sudo)
  • FIX: fixup file transfer sources (Transfer)
  • FIX: busted downgrade logic (CLI::Transfer::Fixup)
  • FIX: keep DNS if domain unauthorized to handle mail on server, resolves migrations in which mail is remotely handled (Transfer)
  • FIX: ACLs not set properly on Majordomo directories on platforms 4.5+ (Majordomo)
  • FIX: lookup decomposed domain from hostname to determine if domain can carry e-mail transports (Transfer)
  • FIX: severity class sort broken (Page Container)
  • FIX: files improperly synchronized during xfer (Transfer)
  • FIX: formatting (Site Map)
  • FIX: mysql database transfer fails from unbraced multi-line if block (Transfer)
  • FIX: terminal single-row height in IE (Terminal)
  • FIX: fix PEAR base class for PHP5 deprecation notices
  • FIX: autofill yellow background overrides field images (Login)
  • CHG: visibility of crm_get_subject_id_by_name (CRM)
  • CHG: truncate decimals from file size (Trouble Tickets)
  • CHG: include distinction between backend/frontend stack trace (Error Reporter)
  • CHG: ignore certificate backup copies when determining if SSL certificates installed (SSL)
  • CHG: rewrite Traceroute app (Traceroute)
  • CHG: add proxy cookie to track server to proxy requests to (Login)
  • CHG: perform CP server lookup + redirect if domain not on server (Login, Auth_UI)
  • CHG: only initialize rvm gemset in edit hook if procfs is present (Ruby)
  • CHG: recursively resolve SSL chain (SSL)
  • CHG: convert between DER and PEM formats as necessary (SSL)
  • CHG: ignore “info” message types (Util_Account::Editor)
  • CHG: clear_buffer(class) now strips the class from the error severity (Error Reporter)
  • CHG: rename Use SSL to Require SSL (MySQL Manager)
  • CHG: prevent ability to name subdomain “www”
  • CHG: during migration, port_index cannot be guaranteed. Unset this value and let the server negotiate an appropriate port (Transfer)
  • CHG: add general template inheritence to PostgreSQL db creation (SQL)
  • CHG: remove fst prefix for Majordomo wrapper (Majordomo)
  • CHG: always ensure vsftpd configuration files have root ownership, obviates custom patches (FTP)
  • CHG: separate DNS bypass logic into _is_bypass() and _remove_bypass() (Aliases)
  • CHG: remove_transport()- add warnings if no MX present upon deauthorizing a server from handling Mail (email)
  • CHG: add note if no domains are configured to handle e-mail (Mail Routing)
  • CHG: prefer meta domain over apnscp db domain (CRM)
  • CHG: DNS verification workaround for migrated accounts (Aliases)
  • CHG: add select all to clipboard (File Manager)
  • CHG: follow 302 responses (File Manager)
  • CHG: confirm database name in status on MySQL/PgSQL database creation (SQL)
  • CHG: disable garbage collection globally (apnscp Core)
  • CHG: update wiki links to kb links
  • CHG: match pma cookies on word boundaries (phpMyAdmin)
  • CHG: cleanup auth code (Auth)
  • CHG: disallow p tag on pasting (Trouble Tickets)
  • CHG: encode/decodeEntities JS helper functions (apnscp.js)
  • CHG: add prepopulated state/province support for CA/MX/IT/AU/BR/IN/BE countries (HTML Kit)
  • CHG: upgrade TinyMCE to 3.5.11
  • CHG: make AJAX status indicator global instance (DNS Manager)
  • CHG: cleanup strict warnings (Billing)
  • CHG: raise error on record deletion with no records selected (DNS Manager)
  • CHG: ignore swap reporting on swapless servers (Server Info)
  • CHG: update Rails Quickstart to new KB (Code Frameworks)
  • CHG: reduce TTL on IP changes from 1 day to half day (Change DNS)
  • CHG: clean-up Mail Routing
  • CHG: get_package_type() – retain response only 12 hours at most (Billing)
  • CHG: implement array_column() backwards-compatibility for older apnscp installs
  • CHG: cache quota tracking data (Account)
  • CHG: upgrade Mousewheel, Event.Drag jQuery plugins (Flot)
  • CHG: disable FOLLOWLOCATION for phpMyAdmin auto-login (phpMyAdmin)
  • CHG: require change of primary domain to use hosting nameservers (Auth)
  • CHG: Server Uptime stat to Last Reboot (TemplateConfig)
  • CHG: only support mysql user creation by IP or IP + wildcard, deny creation by hostname (SQL)
  • CHG: drop DNS view cache from 5 minutes to 1 minute (DNS Manager)
  • CHG: update e-mail login link to new KB (Manage Mailboxes)
  • CHG: auto-detect if suitable to add/remove MX records on mail authorization/deauthorization based on presence of custom MX records (Mail Routing)
  • CHG: add note that login request expired because of single-use (Login)
  • CHG: use pcntl_exec() for forked processes (Util_Process::Fork)
  • CHG: don’t validate subdomain existence when adding virtual transport to domain (Email)
  • CHG: shared_domain_exists() now returns true if domain parameter is primary domain (Aliases)
  • CHG: separate blocking subdomains and domains that must be removed before dropping a user (User)
  • CHG: move inaccessible subdomain warnings to separate function, validate_subdomains() to reduce message pollution (Web)
  • CHG: make domain verification process more clear (Addon Domains)
  • CHG: clean-up MySQL constructor
  • CHG: Apache 2.4 compatibility: turn off DirectoryIndex to prevent rewriting index file (Terminal)
  • CHG: PHP 5.6 compatibility, ensure always_populate_raw_post_data is off
  • CHG: isSSL() helper function (Util_HTTP)
  • CHG: enabled() may also be called by users to validate if ssh is enabled (ssh)
  • CHG: rename Page_Container::getLogin to Page_Container::getLastLogin to avoid potential overwrites (Page Container)
  • CHG: extract method password reset for AJAX callback (Login)
New apnscp update: 105 changes, embedded terminal, SSL app, bulk mailbox support