Major changes in next release (therefore already in current master)

  • Hello

    The next stable release (therefore already in current master) will come with major changes, which, must be known by administrators and resellers.

    I. Billing and Order components

    These two components were removed from master and so, will not be part of next stable release. These components were removed for the following reasons:

    • The billing component as implemented was totally useless since i-MSCP was unable to handle billings created from it.
    • The majority of us is using an external billing interface such as WHMCS or Boxbilling.

    To resume, instead of lost too many time with maintenance of something that is never used and that is really useless, we prefer concentrate all our efforts to make i-MSCP fully compatible with external billing interfaces (by providing an API and/or plugins).

    II. Web folders management

    1. Web folders protection

    Web folders management has been revisited. i-MSCP is now providing an option to protect/unprotect Web folders by using file system extended attributes (immutable flag).

    From now, when a reseller will create a new customer account, he will be able to choose to protect (default) or not the Web folders of the customer. The protection allow to protect default directories and files against deletion. This also means that the customer will not longer be allowed to write anything at the root of its Web folders.

    Note: The root of a Web folder, is the mount point of the domain, domain aliases and subdomains.

    Also, if a customer want store some files/directories outside its documentRoot directories, he must store them into the folder 00_private that has been added for this purpose.

    Note: To avoid any problem with older i-MSCP versions, the Web folders protection is deactivated for all existent accounts. Of course, A reseller can always activate/deactivate the Web folders protection via its interface, by editing the domain. In such case, the reseller must ensure that the Web folders of the customer for which he want activate the Web folders protection are free of any directory/file that are no part of the Web folder skeletons by moving them into the 00_private directory.

    2. Web folders permissions

    From now, the www-data user (user under which Apache is running) is added to the group of each i-MSCP virtual users (vuxxxx), which are nothing more than normal unix users without password and valid shell:

    1. root@raring:/var/www/virtual/ getent passwd | grep vu2027vu2027:x:1002:1002:iMSCP virtual user:/var/www/virtual/ getent group | grep vu2027vu2027:x:1002:www-data

    That means that the www-data group is not longer set as group for directories/files within the Web folders (including the Web folders themselves). This is true for any directory/file that must be modifiable by the customer.

    However, and depending of the httpd server implementation you are using (ITK, fcgi, php-fpm) the www-data group can be still set as group for some directories or files that should be readable by Apache but not modifiable by the customer. For instance, it's the case of the .htgroup and .htpasswd files, and the domain_disable_page directory. For such file/directory, the owner is set as root.

    3. Default permissions set on upload through FTP, or file creation via PHP script

    When a customer upload directory/file through FTP, or when a directory/file is created by a PHP script, owner, group and permissions are set as follow:

    1. Directory: vuxxx:vuxxx 0750
    2. File: vuxxx:vuxxx 0640

    These permissions correspond to the umask 027.


    It's not recommended to change permissions on Web folders or any of the directories/files stored inside them manually (default directories and files as created by i-MSCP). Instead, you should run the /var/www/imscp/engine/setup/imscp-setup script that will do that for you, according the i-MSCP httpd server implementation you are using.

    III. Web folder skeletons

    Web folders are now created using skeletons located under eg. /etc/imscp/apache/skel. This allow the administrator to customize Web folders in easy way. For now, the following skeletons were added:

    • One for Web folders of domains (named domain)
    • One for Web folders of subdomains (named subdomain)
    • One for Web folders of domain aliases (named alias)

    The administrator is free to customize the Web folder skeletons as he want by adding directories and files in it, but must not remove those already present, excepted if he known what he is doing.

    Any directory/file added in Web folder skeletons will be added in Web folders of the customers (either on creation or change).

    IV. Domain, domain alias and subdomain deletion

    From now, when a domain, domain alias or subdomain is being deleted, only directories and files that are part of the Web folder skeleton are removed. Any other file is kept, and it's the responsibility of the customer to remove them.


    Edited once, last by Nuxwin ().

  • The i-MSCP requirements page has been updated according the change mentioned above. See


  • Thanks Nuxwin,
    one little question: what do you mean with "Default domain page". It's not that what I think (…OGRESS-Secure-admin-panel)?

    Ninos :)

    Hello ;

    Hello ;

    No, the default domain page it's the html page generated for new domains, domain aliases and subdomains...

    And the domain disabled page is the page that users see when the domain (therefore also domain aliases and subdomains) is suspended.

    Thank you for using i-MSCP


    Edited once, last by Nuxwin ().

  • First post updated. Added some words about Web folders permissions.

    gOOvER: Should we add all notes above in the wiki? I've not time for such thing now (too busy with development) so maybe you can take care of this. Thanks you. ;)


    Edited once, last by Nuxwin ().

  • First post updated because: Added Web folder skeleton for domain aliases.