Easy Hosting Control Panel (EHCP) :: Force Edition

Updated version out.

---

Things to Keep In Mind:

If updates are made to the base apache2 / nginx webserver templates, you may need to revert your Global Web Templates back to their defaults and then add your original changes and additions to benefit from the changes made in the base templates since database templates or domain specific templates take precedence over the base templates if configured.

---

Update Log:

Updates & Changes (January 23, 2024):

• Converted all svn (subversion) commands to git commands since Microsoft decided to unexpectedly kill subversion support at GitHub.

Updates & Changes (November 22, 2023):

• Added additional validation when creating forwarded or normal domain email accounts.
• Allow tabs in editor for global web config templates.

Updates & Changes (October 29, 2023):

• Minor fixes for Ubuntu 22.04 and newer.
• Installation changes so you can choose apache or nginx as your webserver during install.
• Symlink fixes.

Updates & Changes (October 7, 2023):

• bind template serial fixes for proper master / slave sync.

Updates & Changes (September 22, 2023):

• Python 3 pam authentication scripts added and used for newer operating systems (Ubuntu 23+, Debian 12+).
• Debian 12 fixes.
• Added new timezone check, prompt, and update interaction during install since newer versions of Ubuntu and Debian set the server's time to UTC which may or may not be desired.  Might as well have EHCP handle it since the system's date/time is very important for certain cron jobs.

Updates & Changes (July 25, 2023):

• PHP 8.x fixes.
• Debian 11 and 12 support and fixes.
• Changes to default nginx domain templates.

Updates & Changes (March 3, 2023):

• Impersonate any user as admin account (to login as end users if they need help setting up something).
• Allow hostnames for remote backup transfers.
• CCTLD checks for certain functionality.
• Webalizer stats - use geo database.
• Minor bug fixes.
• Revert Jan 9 release www. inclusion for Let's Encrypt certificate requests.  This shouldn't always be done after all... new logic to handle CCTLDs and to better figure out if www should be appended or not.

Updates & Changes (January 9, 2023):

• Let's encrypt fixes to include www. and domain always when certificate is applied to domain.
• Minor back-end fixes.

Updates & Changes (December 6, 2022):

• New redirect global template functionality.
• Minor front-end fixes.

Updates & Changes (October 24, 2022):

• Ubuntu 22.04 minor fix.
• Debian fixes.
• Saslauthd bug fix.

Updates & Changes (August 6, 2022):

• Ubuntu 22.04 minor tweaks.
• Minor bug fixes.
• Other minor changes.

Updates & Changes (April 25, 2022):

• Ubuntu 22.04 and Debian 11 support and fixes.
• PHP 8 fixes and compatibility.
• Minor bug fixes.
• Other minor changes.

Updates & Changes (February 23, 2022):

• Fixed auto-reply email functionality for newer versions of Ubuntu.
• Fixed post install issue on newer versions of Ubuntu.
• Other minor changes.

Updates & Changes (January 25, 2022):

• Import MySQL timezone tables during installation.
• When the DNS IP address changes, resync all bind zones.
• Minor fixes for Let's Encrypt.
• Other minor changes.

Updates & Changes (October 27, 2021):

• German language template files added to picante template.

Updates & Changes (September 27, 2021):

• nginx directive fixes

Updates & Changes (August 18, 2021):

• Picante template UI changes to simplify use by end-users (normal panel users).
• Debian fixes and cleanup.
• Minor fixes.

Updates & Changes (April 13, 2021):

• Python2 Fixes - Link Changed Again!
• Minor fixes.

Updates & Changes (March 6, 2021):

• Nginx template changes
• Feature enhancements
• Minor fixes and changes
• Webalizer fixes
• Support custom post update script - create /root/scripts/ehcp_force_post_update_script.sh bash script which will run after ehcp updates in case you need to do some custom tweaking

Updates & Changes (November 24, 2020):

• Debian 8, 9, and 10 Fixes.
• Security hardening fixes.

Updates & Changes (November 14, 2020):

• Security hardening fixes.  Please update to this version ASAP!

Updates & Changes (November 4, 2020):

• bc added as a package dependency to fix webalizer detection

Updates & Changes (October 26, 2020):

• Fixes for Ubuntu 16.04 VSFTPD and SMTP Authentication - Run ehcp update if using Ubuntu 16.04 to apply the fixes.

Updates & Changes (September 26, 2020):

• Fixes for Ubuntu 18.04 VSFTPD and SMTP Authentication - Run ehcp update if using Ubuntu 18.04 to apply the fixes.
• Fixes and minor changes

Updates & Changes (August 26, 2020):

• Dependency on now unavailable content removed from installer and used from local files
• Fixes and minor changes

Updates & Changes (May 13, 2020):

• Ubuntu 20.04 fixes
• Minor nginx and apache2 default template changes
• Extplorer PHP 7.4.x compatibility
• Fixes and minor changes

Updates & Changes (May 4, 2020):

• Ubuntu 20.04 Compatible
• Fixes and minor changes

Updates & Changes (December 19, 2019):

• Fixes for webalizer (older operating systems)
• Delete user from panel fixes.
• Various minor bug and system fixes.

Updates & Changes (October 18, 2019):

• Debian 10 is now supported by EHCP Force Edition.
• Debian 9 fixes.
• Various system fixes.

Updates & Changes (October 17, 2019):

• Debian 8 and 9 fixes
• Added code to adjust and clear the sql_mode MySQL variable so that it is set to the default that has been used in the community for years
• Adjusted web server mode to use nginx on Ubuntu 14.04 so that a fresh installation continues to work.

Updates & Changes (October 7, 2019):

• Ubuntu 16.04+ fixes
• Minor fixes and UI enhancements
• Generic bug fixes and code cleanup

Updates & Changes (August 21, 2019):

• Better Debian detection
• Minor fixes and UI enhancements
• Generic bug fixes and code cleanup

Updates & Changes (June 5, 2019):

• DKIM email support for emails originating from the EHCP Server.  Configure it to use a particular signing domain in the "Advanced Settings" area of the panel.
• Italian language support added for the picante theme.  (Thanks maxiozzia)
• FTP remote backup transfer status fixes
• PHP session files cleanup fixes
• Generic bug fixes and code cleanup

Updates & Changes (May 2, 2019):

• Email quotas are respected correctly in Ubuntu 18.04.
• Fixed minor Let's Encrypt issues.
• Fixed web server domain / subdomain template generation issues depending on whether or not domains are forcing requests to SSL.
• New TLS Postfix SSL certificate option in the advanced settings
• Install nginx-badbot-blocker (https://github.com/mariusv/nginx-badbot-blocker) - to configure and use, that is still up to you via custom apache/nginx domain template or global template
• Master / Slave DNS UI bug fix
• Cleaned up and removed unused functionality left over from the original EHCP
• Minor bug fixes.  Tested a fresh install on Ubuntu 19.04 and no major problems were found.

Updates & Changes (January 30, 2019):

• Fixed domain transfer functionality so that it works as it should.
• Fixed minor Let's Encrypt issues.
• Fixed minor issues with custom FTP accounts.
• Minor bug fixes.  Tested a fresh install on Ubuntu 18.10 and no problems were found.

Updates & Changes (December 1, 2018):

• PHP errors are now logged to /var/log/php_errors.log and are rotated using rsyslog

Updates & Changes (September 22, 2018):

• Custom subdomain web server templates functionality added.
• Minor bug fixes.

Updates & Changes (August 9, 2018):

• Fixed remote MySQL access panel configuration minor issues.
• Remote access grants are now included in EHCP backups.
• Fixed MySQL user editing.  Passwords are now updated in the database along with in MySQL.  This will prevent errors when restoring a backup after a database password has been changed.

Updates & Changes (July 25, 2018):

• Let's Encrypt certificate name sync bug fixed.
• Small Ubuntu 18.04 Fixes

Updates & Changes (July 15, 2018):

• Entire backup and restore process tested vigorously and fixed (multiple bugs made server migrations a nightmare, but that should be resolved now) [Backup and Restore Documentation]
• PHPMyAdmin root MySQL user fixes in Debian 9 and Ubuntu 18.04.
• Additional Debian 8 and 9 fixes.
• Bug fixes, code cleanup optimizations, and additional input validation implemented (database name validation).

Updates & Changes (June 1, 2018):

• Major APACHE2 template changes (follow instructions above to revert all custom apache2 domain and global templates prior to upgrading!)
• Apache2 now uses fastcgi (php-fpm) to match nginx behavior [php updated documentation for EHCP].
• Major security enhancements - domains run in unprivileged PHP-FPM pool while panel runs in a privileged pool [php updated documentation for EHCP].
• Debian 8 and 9 fixes.
• Ubuntu 18.04 enhancements and fixes
• Debian 7 and below is NO longer supported
• Server status page issues fixed in panel.

Updates & Changes (May 14, 2018):

• Minor picante template tweak
• Slave DNS domains will not have entries in the hosts file.

Updates & Changes (May 1, 2018):

• Added VSFTPD SSL TLS certificate option in Advanced Options - can use SSL FTP now

Updates & Changes (April 26, 2018):

• Ubuntu 18.04 support (tested)
• PHP fixes for deprecated 7.1.x code
• Minor Net2FTP and extplorer fixes
• Removal of CORs incorrect headers from web templates

Updates & Changes (April 2, 2018):

• Installation fixes and changes
• Changes for the GitHub cutover
• Fixed password protected directory removals in apache2 - they work fine in nginx
• Debian 8 and Debian 9 fixes & support.
• Minor bug miscellaneous bug fixes

Updates & Changes (February 21, 2018):

• Domain redirection fixes.
• Better domain redirection detection for when to send the URI params.

Updates & Changes (January 25, 2018):

• New Courier custom SSL certificate setting in "Advanced Settings" for POP3 and IMAP.  See this guide for learning how to re-use a Let's Encrypt certificate.

Updates & Changes (January 16, 2018):

• Massive performance fix.  Panel loads much more quickly now.
• New custom panel URL(s) (using Let's Encrypt SSL certificates if web server mode is set to use SSL or SSLOnly mode) support in EHCP Advanced Options.  Map a domain or subdomain like mycp.mydomain.com to link directly to your EHCP panel.
• Bug and minor fixes.
• Better php-fpm service name detection for different versions of Ubuntu.

Updates & Changes (December 7, 2017):

• Security fixes and enhancements.
• Redirect subdomains to HTTPS too if the domain is set to do so when the web server mode is mixed SSL and NON-SSL mode (labeled as just SSL in the pane).
• Updated MyBB Easy Install to version 1.8.14 and fixed a minor bug in the EZ Install script.

Updates & Changes (December 1, 2017):

• Fixed SASLAUTHD SMTP Authentication Python PAM Module Bug
• IMAP configuration fixes
• Minor changes and fixes for Ubuntu 17.10 compatibility

Updates & Changes (November 2, 2017):

• Redesigned SSL page to encourage users to use free Let's Encrypt SSL certificates.
• Users can force HTTPS when the server is running in mixed HTTP and HTTPS mode if they use a certificate from Let's Encrypt or a custom one.
• Various cleanup and enhancements.
• UI improvements based on which features are enabled.
• Minor bug fixes.

Post update operations: 

Login to the panel using the admin account so that the database structure will be updated.  On the home page, click on "Synchronize Domains".

This will fix SSL errors that were caused by the database structure not being up-to-date.

Updates & Changes (October 20, 2017):

• Default allow all CORS requests.
• Major security improvements and fixes.
• Various cleanup and enhancements.
• UI improvements based on which features are enabled. (picante theme only)
• Better notification system for remote scheduled backup transfers.
• Minor bug fixes.

Updates & Changes (September 20, 2017):

• Added additional validation.
• Update, upgrade, svn-update script is now in just one file.
• Various cleanup and enhancements.
• Better logging.
• Use service instead of systemctl for greater compatibility on all systemd and non-systemd systems.

Updates & Changes (May 31, 2017):

• Fixed custom and Let's Encrypt SSL bugs.

Updates & Changes (May 6, 2017):

• Fixed Let's Encrypt automatic certificate renewal.

Updates & Changes (April 13, 2017):

• Bug fixes.
• Security enhancements in nginx

Updates & Changes (February 15, 2017):

• Let's Encrypt SSL Certificate Integration and Support - Your domains can now be encrypted by free SSL certificates.  See The Video
• SSL mixed mode has an option to default to using the server wide SSL default certificate for domains that don't have one configured or the SSL portion does not get included in the template at all.

Updates & Changes (January 15, 2017):

• systemd scripts for EHCP and PolicyD if applicable for Ubuntu 16.04+
• mod-security/mod-evasive cleanup
• roundcube default mail server fix
• Various bug fixes and changes.

Updates & Changes (December 7, 2016):

• Minor security enhancements.
• Minor bug fixes.
• Default email client is now RoundCube (SquirrelMail can still be accessed via /webmail2)
• Ubuntu 16.10 support.

Updates & Changes (July 30, 2016):

• Added SpamHaus and SpamCop incoming email filtering to help reduce the number of spam email messages received and delivered by the server.

Updates & Changes (June 12, 2016):

• Fixed bind9 issue during installation
• Net2FTP and extplorer PHP 7.0 fixes and changes

Updates & Changes (May 5, 2016):

• Fixed php-fpm bug for nginx (Ubuntu 16.04 specific)
• Minor enhancements to picante theme

Updates & Changes (May 2, 2016):

• Ubuntu 16.04 Support (x64 and x86)
• MySQL to MariaDB seamless upgrade support (optional)
• MariaDB is now the default DB option during installation
• PHP 7 Compliance
• Lots of bug fixes
• Policyd / amavisd / spam assassin fixes
• libpam-mysql replaced with libpam-python scripts in Ubuntu 16.04 since pam-mysql is broken... whereas pam-python is not.

Updates & Changes (March 29, 2016):

• Minor security enhancements
• Additional global template for password protected directories added.
• Fixed PHP not working in password protected sub directories created under nginx.

Updates & Changes (March 13, 2016):

• Several security changes.
• UPDATE TO THIS VERSION ASAP!

Updates & Changes (March 4, 2016):

• Enhancements made to Global Webserver Template functionality.
• Added the ability to have a global template for the default enabled site (custom contents for /etc/nginx/sites-enabled/default or /etc/apache2/sites-enabled/default depending on the webserver)

Updates & Changes (February 29, 2016) Second Release:

• Webserver apache2 / nginx base template changes for phpmyadmin functionality changes in Ubuntu 15.10

Updates & Changes (February 29, 2016):

• Minor security changes
• Logging changes for conglomerate access log so it shows the domain accessed in the log along with the request and referrer.
• Changed conglomerate log name to have an extension of .log (/var/log/apache2/access_log_multi.log or /var/log/nginx/access_log_multi.log) so that logrotate will automatically process it daily.

Updates & Changes (February 18, 2016):

• Template changes for nginx and apache
• Configured password protected directories are now stored directly in the domain template instead of relying on and possibly overwriting .htaccess files.
• /webstats directory for each domain is now password protected
• New Global Domain / Subdomain Template Override Feature - Admin Only Operation - Manage Global Web Templates (Means changes to the default EHCP templates via updates will no longer overwrite any custom config you want for all domains and subdomains) - ?op=manageglobalwebtemplates
• Lots of bug fixes
• Changes made to template files to support the usage of base jQuery code.
• Better input validation to prevent web server errors.
• Logging changed and stored in "/var/log/apache2/access_log_multi" (for apache) and "/var/log/nginx/access_log_multi" for nginx
• Fixed Slave BIND DNS issues
• Other MISC fixes

Please see the following knowledge articles for possible issues after installing this update:

http://ehcpforce.tk/faq/index.php?sid=27500&lang=en&action=artikel&cat=4&id=10&artlang=en
http://ehcpforce.tk/faq/index.php?sid=27500&lang=en&action=artikel&cat=4&id=9&artlang=en

Updates & Changes (October 28, 2015):

• Tons of nginx fixes
• Trim issue in database causing some issues fixed.
• New Custom Domain Server SSL Certificates Functionality
• Other MISC fixes

Updates & Changes (August 24, 2015):

• New:  extplorer file manager integration (url:  http://serverip/extplorer/)
• Lots of Bug Fixes
• FIXED:  Domain redirection for both apache2 and nginx

Updates & Changes (May 23, 2015):

• NEW:  Ubuntu 15.04 x86 and x64 Support
• NEW:  SystemD Init Support
• New:  Create and define hosting plan templates.
• New:  Create user accounts from hosting plan templates.
• FIXED:  nginx php session handling
• Enhanced:  Login functionality to redirect to desired operation post successful login if session timeout occurs and the admin or user is required to login again.
• Enhanced:  Security changes to make the panel more secure
• Enhanced:  Few picante theme changes and UI enhancements

To take advantage of the new EZ installation script functionality that actually works, please run this operation as admin:
http://{SERVERIP}/ehcp/index.php?op=updateinstallscriptsql

Updates & Changes (April 9, 2015):

• FIXED:  Password protected directories now work correctly for both nginx and apache2
• FIXED:  Easy install scripts now work properly.  There are currently 8 packages supported (MyBB, phpbb, Joomla, Wordpress, Drupal, phpCOIN, SMF, and more)
• NEW:  UI Enhancements to make it easier to use the panel.
• FIXED:  Template fixes for nginx and apache
• FIXED:  Net2FTP works properly now thanks to some HTTPS fixes and permissions changes. 

Updates & Changes (January 21, 2015):

• PHP 5.5.x minor fixes.
• Webmail configuration is not overwritten during updates or upgrades.

Updates & Changes (January 5, 2015):

• Latest version now using mysqli extension making EHCP Force Edition PHP 5.5.x compliant.
• Ubuntu 14.10 VSFTPD Fix Now Inlcuded
• EHCP Force Edition supports (QA Tested by Me) Ubuntu 14.10 x86 and x64
• Fixed Apache2 SSL and Non-SSL Mixed Mode
• Adjusted Apache2 templates.
  
• Reworded some deletion functions.

Updates & Changes (December 11, 2014):

• Fixed some fail2ban bugs.
• Added support for postfix-sasl into fail2ban for all versions of Ubuntu.
• Update hosts file fix for retrieving local IP address.
• Fixed some of my original PHPMyAdmin mess.  It should be correct now. (You will have to redo all whitelisted IP addresses once for root MySQL login through PHPMyAdmin if you update)
• Moved some install settings around.
• Removed the original default theme (the new default is picante) which called ehcp.net for some reason.
• Generic fixes
• Some apache2 fixes which use Include instead of the newer IncludeOptional to maintain backwards compatibility for all Ubuntu versions.

Updates & Changes (November 29, 2014):

• Enhanced the remote backup scheduling and backup scripts to log correctly what happens if the transfer of the backup fails.
• Integrated all deb package fixes locally rather than pulling them from a web server.
• Fixed some issues in Ubuntu 12.04 and Ubuntu 14.04.

Updates & Changes (October 28, 2014):

• Changed the way the installer and upgrade/updater scripts work.
• Fixed some installation bugs in latest run through of Ubuntu 14.04 testing.
• Added server IP address in-front of backup name for scheduled remote backups so multiple backups from different servers should never have the same name.
• More control over what gets installed.
• Custom Apache VHOST Not Managed in the Panel along with Custom Ports Supported - See here.

Updates & Changes (October 7, 2014):

• Faster account deletion that relies on recursion instead of you removing every domain one by one.
• Resellers cannot create other resellers.
• New - Master resellers (a new setting specified during account creation by admin) can create other resellers, but their resellers cannot create other resellers.
• New - If a reseller account is deleted, all of its associated panel users, their domains, and settings are also deleted.
• Bug fixes

Updates & Changes (Sept 9, 2014):

• New Remote Backup Scheduling and Server Cronjob Functionality
• New Picante Dynamic Theme
• Bug fixes

Updates & Changes (May 2, 2014):

• Email bugs dealing with ipv6 and pop-before-smtp fixed
• mod security package bug has been fixed and should no longer keep Apache from running happily in Ubuntu 13.10-14.04
• Additional minor changes and fixes / code cleanup

Updates & Changes (April 20, 2014):

• New SSL-Only mode has been introduced in case you would prefer to only accept connections over https rather than mixed-mode SSL/NonSSL
• apache2 SSL subdomain templates have been fixed
• Ubuntu 14.04 is now supported and has been tested

Updates & Changes (April 8, 2014):

• nginx SSL support has been added
• apache2 SSL templates have been fixed
• nginx integration has been fixed
• Generic Fixes for Ubuntu 13.10
• In advanced options, you can now switch between webserver software (choose between apache2 and nginx) - may take up to 30 seconds for changes to take effect
• New pre-install script which can make installing EHCP Force a breeze without any prompts.

To Do:

Download  Latest Version Now

Please report all bugs and how to reproduce them!

Please post your DNS templates from both your domain registrar and EHCP. 

Add the ns.yourdomain.com and ns1.yourdomain.com as NS records using Edit DNS template for the main domain. 

You also need to create an A record that points to your IP address for both ns1.yourdomain.com and ns.yourdomain.com

Save the template, and you should be good to go.

www.intodns.com is a great way to troubleshoot and learn about why your DNS isn't working. 

Which version of EHCP were you using when you created the backup and when you tried to restore it?

Hi,

It's never been clear to me if the process of upgrading ehcp actually updates everything.  The last version installed by my predecessor was 0.30.9.  It's not been clear until now that a stable version had been released.  Does installing Force ehcp properly upgrade the underlying systems?

--jason

Hi Jason,

Please run the upgrader script:

sudo apt-get install subversion
cd ~/Downloads
if [ -e "ehcpforceupgrade.sh" ]; then
    rm "ehcpforceupgrade.sh"
fi
svn export "svn://svn.code.sf.net/p/ehcpforce/code/trunk/ehcpforce/ehcp/ehcpforceupgrade.sh"
sudo bash "ehcpforceupgrade.sh"

http://ehcpforce.tk/download.php

It SHOULD take care of everything for you.  Please let me know if the script missed anything.

[/size]

Have a good idea or want EHCP to do something it doesn't already do?  If so, please create a new thread and post your ideas!