We continue to make improvements around the 'admin' and 'sub-admin' functionality, so that it's easier for you to manage your admin users, and for them to manage their admins (and so on). In the bandwidth overview page, you'll now see which admin each domain belongs to in the table of usage, so that you can easily see which of your admins the high-bandwidth domains belong to.
If you are just starting to take advantage of being able to have a hierarchy of admins and have a flat system already, it can be annoying to have to set up new sub-admins and then re-bind the domains to the appropriate place. We've now made this easy to do - you can just move one admin to be a sub-admin of another. Simply go to the "Manage admins" page, and select "Move admin" from the action drop-down on the left. You can then select any of the admins, and the admin you move will become a sub-admin of that one.
More control over passwords:
Security is obviously very important to us, as well as to you. One thing that makes a big improvement to security is ensuring that users have strong passwords. To help with that, it's now possible for you to set controls around what types of passwords are permitted for your users.
The restrictions at the super-admin level apply to all of that user's admins. Those admins can then keep those restrictions for their own admin and domain users, or make them stricter.
At the moment, these policies apply to the web interface users. In future updates, we'll make it possible to have them apply to other types of user as well. We'll also be offering additional types of policy.
To set up your policies, go to the "User Settings" page. You can set a minimum number of characters, a minimum number of digits, a minimum number of lowercase characters, a minimum number of uppercase characters, a minimum number of punctuation characters, and whether spaces are permitted. Note that existing passwords are not impacted when the policies are changed (because we do not store passwords).
As a reminder, you'll see that this page is also where you can require two-factor authentication for your users. We strongly encourage the use of two-factor authentication as an additional security layer.
Logging to a remote syslog server:
Although very detailed information about messages is available from our web interface, and also directly via our API, in some situations where users are integrating the software with their own custom systems, having a direct, pushed, feed is more useful.
We now offer the ability to have a message pushed to a remote syslog server for each message that is processed by the system. You're able to configure what the format of the message is, as well as how to connect to the server. At the moment, this functionality is only available directly via the API, and is not exposed in the web interface.
Change from Apache to NGINX:
We're excited to announce that to further improve the responsiveness and performance of the webserver, we're switching from Apache to NGINX over the next weeks. There is no action required on your end for this, and nothing will visibly change for your users. Changelog:
The Archive logging system now stores the Archive ID and the api_find_messages and api_find outgoing messages support an addition column: archive_id (#21584)
The welcome email (auto-enable protection reports now has the "Content-Type header set (#24397)
The logging data may now be configured to be sent to a remote syslog server, as well as stored in the internal logging system (#21535)
Front-end / GUI:
Adding a duplicate IP to SSH access now return an error message (#24112)
The Archive Search now has the option for Real Time searching (#21588)
We now have a modular system of passwords policies (#22398)
Improvements to the CSR generated output (#16478)
The 'api_find_messages' and 'api_find_outgoing' messages now returns a translated string for the classification information (#22034)
A super-admin can now add domains over the limit that the Admin has (#24357)
Resolved issue with sorting by username on the Manage Admins page (#24458)
Resolved issue with Bulk Actions options being wrongly displayed when multiple users are selected (#24140)
Resolved issue with Control Panel API '/api/admin/list/' not returning the domains of the admins (#24445)
Improved loading speed of the control panel for Admin users (#24499)
Resolved issue with 'Invalid, skipping' error when trying to remove Blacklisted Senders uploaded via CSV (#24490)
Improved SpamPanel error response text (#23411)
Resolved issue with empty menu under Permissions Page - Domain section (#24502)
Resolved issue with Admin Settings page being available only when incoming mail product is available (#24531)
Resolved issue with Control Panel API '/api/reseller/setproduct/' returning error: 'You have no permission to call this method' (#24539)
Plugins & Integration tools:
cPanel: Resolved issue with PSF installer brand setup (#24508)
Plesk: Resolved issue with email for Admin account failing to be gathered (#24368)
Plesk: Added support for sub-domains (#23094)
Plesk: Resolved issue with ATD not executing domain addition command as PSAADM (#24469)
Plesk: Resolved issue with Undefined variable: converted domain (#24473)
Plesk: Resolved issue with 'There are no domains on this server' error (#24488)
Plesk: Resolved issue with Plesk add-on failing to install on PHP 5.2: syntax error, unexpected ':' in /usr/src/prospamfilter/bin/install.php (#24497)
Plesk: Resolved issue with update failing on Plesk for Linux (#24521)
Plesk: Resolved issue with PSF installer brand setup (#24508)
DirectAdmin: Resolved issue with upgrade failing (#24319)
For more information, please do not hesitate to contact us.