Hello
The next stable release (therefore already in current master) will come with major changes, which, must be known by administrators and resellers.
I. Billing and Order components
These two components were removed from master and so, will not be part of next stable release. These components were removed for the following reasons:
- The billing component as implemented was totally useless since i-MSCP was unable to handle billings created from it.
- The majority of us is using an external billing interface such as WHMCS or Boxbilling.
To resume, instead of lost too many time with maintenance of something that is never used and that is really useless, we prefer concentrate all our efforts to make i-MSCP fully compatible with external billing interfaces (by providing an API and/or plugins).
II. Web folders management
1. Web folders protection
Web folders management has been revisited. i-MSCP is now providing an option to protect/unprotect Web folders by using file system extended attributes (immutable flag).
From now, when a reseller will create a new customer account, he will be able to choose to protect (default) or not the Web folders of the customer. The protection allow to protect default directories and files against deletion. This also means that the customer will not longer be allowed to write anything at the root of its Web folders.
Note: The root of a Web folder, is the mount point of the domain, domain aliases and subdomains.
Also, if a customer want store some files/directories outside its documentRoot directories, he must store them into the folder 00_private that has been added for this purpose.
Note: To avoid any problem with older i-MSCP versions, the Web folders protection is deactivated for all existent accounts. Of course, A reseller can always activate/deactivate the Web folders protection via its interface, by editing the domain. In such case, the reseller must ensure that the Web folders of the customer for which he want activate the Web folders protection are free of any directory/file that are no part of the Web folder skeletons by moving them into the 00_private directory.
2. Web folders permissions
From now, the www-data user (user under which Apache is running) is added to the group of each i-MSCP virtual users (vuxxxx), which are nothing more than normal unix users without password and valid shell:
That means that the www-data group is not longer set as group for directories/files within the Web folders (including the Web folders themselves). This is true for any directory/file that must be modifiable by the customer.
However, and depending of the httpd server implementation you are using (ITK, fcgi, php-fpm) the www-data group can be still set as group for some directories or files that should be readable by Apache but not modifiable by the customer. For instance, it's the case of the .htgroup and .htpasswd files, and the domain_disable_page directory. For such file/directory, the owner is set as root.
3. Default permissions set on upload through FTP, or file creation via PHP script
When a customer upload directory/file through FTP, or when a directory/file is created by a PHP script, owner, group and permissions are set as follow:
These permissions correspond to the umask 027.
Important
It's not recommended to change permissions on Web folders or any of the directories/files stored inside them manually (default directories and files as created by i-MSCP). Instead, you should run the /var/www/imscp/engine/setup/imscp-setup script that will do that for you, according the i-MSCP httpd server implementation you are using.
III. Web folder skeletons
Web folders are now created using skeletons located under eg. /etc/imscp/apache/skel. This allow the administrator to customize Web folders in easy way. For now, the following skeletons were added:
- One for Web folders of domains (named domain)
- One for Web folders of subdomains (named subdomain)
- One for Web folders of domain aliases (named alias)
The administrator is free to customize the Web folder skeletons as he want by adding directories and files in it, but must not remove those already present, excepted if he known what he is doing.
Any directory/file added in Web folder skeletons will be added in Web folders of the customers (either on creation or change).
IV. Domain, domain alias and subdomain deletion
From now, when a domain, domain alias or subdomain is being deleted, only directories and files that are part of the Web folder skeleton are removed. Any other file is kept, and it's the responsibility of the customer to remove them.
