Some Bugs after Upgrade to 1.1.0

Community Support Mail
2

Here are some more results. I think it’s a good idea to post what I have tested along with the results. That way we know if something is tested or not. If you think that’s too much unneeded information, just tell me.

  1. Obtain lets encrypt certificate for domain via WebUI (using web template default - php-fpm 7.3)
    OK - Success

  2. Enable automatic HTTP-to-HTTPS redirection via WebUI
    OK - Success (enabled/set + working OK)

  3. Enable AWStats via WebUI (for the server’s FQDN)
    Issue: While visiting the https://[FQDN]/stats/ page I get the results + this message
    Warning: HostAliases parameter is not defined, awstats choose “[FQDN Here] localhost 127.0.0.1”.
    Quick research: https://awstats.sourceforge.io/docs/awstats_config.html#HostAliases
    Inside the file /etc/awstats/awstats.[FQDN Here].conf HostAliases="" (empty)
    Possible solution: The warning dissapears when adding the FQDN in HostAliases (HostAliases="[FQDN Here]") and then running v-update-sys-queue webstats. I don’t know though if this is the right way to solve that issue.

  4. Assign SSL/TLS Certificate to all services (v-add-letsencrypt-host)
    OK (exim ports 465/587, dovecot ports 993/995, Hestia Web UI)
    NOT OK (FTP port 21 - still has HestiaCP Certificate)

  5. Added php-7.4 via WebUI
    OK

  6. Issue with Webmail
    Visiting https://[FQDN]/webmail/ instead of the Roundcube page I get:
    CONFIGURATION ERROR
    config.inc.php was not found.
    Please read the INSTALL instructions!
    …Although, creating a new web domain xxx.yyy via WebUI (+DNS +Mail domain) and visiting webmail.xxx.yyy works. So I guess support for https://[FQDN]/webmail/ (using the FQDN of the server) was dropped. Right?

  7. I just noticed that a new feature has been added in Fail2Ban, that checks the fail2ban log for repeated abuses and bans them for a longer period of time. Aka the [recidive] filter.

IPs banned by the recidive filter appear as Hestia in WebUI (Server > Firewall > Banned IPs) which is confusing, because it’s the same name as failed login attempt to HestiaCP. The way it is now, if you look at the banned IPs for “Hestia” you can’t tell if an IP was banned because it failed to authenticate on the actual HestiaCP or if it was an IP that repeatedly failed to authenticate on another service.

2 Likes