Vestacp cronjob planner

VestaCP 0.9.8-16 is out!

Finally! After again a long time of waiting there is the VestaCP 0.9.8-16 release! For me it’s somewhat unexpected, it is not really a major release but mainly a bug fix and refactor release. It is unexpected because there wasn’t activity around Vesta until last weekend. I haven’t take a look at the new changes, I just installed the new release so I’m wondering what it brings to us.

 

Refactoring & bug fixes

The Vesta team has done a complete refactoring of the code, and this has fixed a lot of bugs. One of them was a big security issue, due a miss validation in the file manager was it possible to create a session file and get admin permission. From there you could change the admin password and log in as root over SSH. On a security audit, we did at our hosting company EmeraldCloudHosting all our servers in a specific IP range (188.166.*.*) were infected. They also used 1 of our domains to infect other servers. In our audit, we found seven other domains that were used to infect systems. They changed the password of the admin user to ‘admin’ or ‘admin123’. Our quick fix was to rename the file manager directory in the Vesta root. On our systems, they only changed the admin settings and did nothing else.

 

New features

cronplanner selectorWhen I take a quick look at the web panel, I can’t find any new features. When I take a deeper look at the API’s, I found finally the let’s encrypt integration! I currently have some issues when I try to create a certificate, and maybe it isn’t completely ready yet. A new feature is the Cronjob planner. For the beginning Linux users, this can help you better to understand and create your cronjob. You can select in human language when the jobs need to run, and thereafter the real cronjob command will be generated. Vesta CP cronjob planner.

The lets encrypt API’s are:

v-add-letsencrypt-domain USER DOMAIN [ALIASES] [RESTART]
v-add-letsencrypt-user USER [EMAIL]
v-check-letsencrypt-domain USER DOMAIN
v-list-letsencrypt-user USER [FORMAT]
v-sign-letsencrypt-csr USER DOMAIN CSR_DIR [FORMAT]
v-update-letsencrypt-ssl

 

Release note:

4 thoughts on “VestaCP 0.9.8-16 is out!

  1. “It is unexpected because there wasn’t activity around Vesta until last weekend”

    Skid drove along refactor with master branch, it took a lot of time. And when it was done… pull, pull, pull and release.

    • Yeah, I know skid was doing a fantastic job, but we didn’t see anything until last week. A few days earlier I had no idea that the new release will come so fast.

  2. The thing I love about VestaCP is that it s open sourced and available on Github so in this case I could read the code, trying to find a solution to my problem.

Leave a Reply

Your email address will not be published. Required fields are marked *