Important Security Changes

Version 1.38

Feature
Finished

secure_access_group=access check_subdomain_owner=1 are now going to be enabled by default for new installs. These values are set in the data/templates/directadmin.conf. Existing installs will not be affected. This only applies to new installs using 1.37.1 at install time. Related: http://www.directadmin.com/features.php?id=961 http://www.directadmin.com/features.php?id=925 Also, the script: /usr/local/directadmin/scripts/custombuild.sh will now run: chown webapps:apache /var/www chmod 550 /var/www chgrp apache /usr/bin/perl chmod 705 /usr/bin/perl to increase security. The scripts/custombuild.sh is also only called at install time, so feel free to make these changes for existing install if you wish. For existing systems that want all of the above to be enabled, run this: cd /usr/local/directadmin echo "secure_access_group=access" >> conf/directadmin.conf echo "check_subdomain_owner=1" >> conf/directadmin.conf /etc/init.d/directadmin restart echo "action=rewrite&value=secure_access_group" >> data/task.queue chown webapps:apache /var/www && chmod 550 /var/www chgrp apache /usr/bin/perl && chmod 705 /usr/bin/perl

Interested to try DirectAdmin? Get a 30-day Free Trial!