Overview
Some highlights of the 21.5 release are:
- Password expiration. You can configure automatic password expiration after a defined number of days for users with a specific role. Learn more.
- Ubuntu 18.4 LTS support for Atomia Agents. The latest versions of atomia agents have support for Ubuntu 18.4 LTS.
- MySQL 8.0 support. The MySQL cloud hosting module is updated to work with the MySQL 8.0 version.
- Security, stability, and performance. All Atomia applications are upgraded to .NET Framework 4.8. JavaScript libraries are also updated (KnockoutJS, JQuery*) in the control panels (except admin panel). Several security improvements are done in all control panels. Cloud hosting modules for FTP and Mail have better security options.
- Support for DNSSEC in OpenSRS plugin. Domain Registration plugin for OpenSRS has DNSSEC support now.
Software Versions
The 21.5 release consists of the software versions listed below. Please note that you should always use the latest version available at the stable package repository to make sure you get the latest security and stability updates.
- Atomia Action Trail: 21.5.7802.15971
- Atomia Admin Panel: 21.5.7807.35765
- Atomia Automation Server: 21.5.7802.16483
- Atomia Automation Server Client: 21.5.7802.16495
- Atomia Billing API: 21.5.7802.16700
- Atomia Billing Customer Panel: 21.5.7807.35759
- Atomia Cloud Hosting Modules: 21.5.7810.42252
- Atomia GDPR Web API: 21.5.7802.17268
- Atomia Hosting Control Panel: 21.5.7807.35736
- Atomia Identity: 21.5.7802.15287
- Atomia Store: 21.5.7801.30161
- Atomia Setup Tools: 21.5.0.0
- Atomia Domain Registration: 1.1.220
- Atomia DNS: 1.1.50
- Atomia Agents: 21.5.1
Atomia agents
With the 21.5 release, we are also officially releasing the new Atomia Agents Linux package.
The main idea with this package is:
- to add support for Ubuntu 18.4 LTS for all agents that currently don’t support it
- to refactor API of some agents to be RESTful
- to switch underline technology to the more release stable Python language
Currently, this package includes the following agents:
- Atomia Cron Agent
- Atomia AWStats Agent
- Atomia Apache Agent
- Atomia File System Agent
- Atomia SSLRedirects Agent
- Atomia Quota Agent
Note: Atomia Quota agent can also replace Atomia Daggre Agent if it is used only for storage usage measurement. Also, it is no longer required that you have xfs_quota storage calculation on your environment in order to use quota agent. However, it is still highly recommended and much faster if XFS is used.
Instructions on how to do the upgrade and perform data migration can be found here.
Changes
This release also includes several changes that are not backward compatible:
- .NET Framework 4.8 – All Atomia windows applications have been upgraded to use .NET Framework 4.8. .NET Framework 4.8 should be installed on the server before upgrading the Atomia application. Otherwise, you will get the following error during installation:
The framework is available on the following link: https://dotnet.microsoft.com/download/dotnet-framework/thank-you/net48-offline-installer.- All customizations need to be updated to target .NET 4.8, and all referenced Atomia assemblies should be updated to the latest version.
- The value for Store/DotNetVersion in the C:\Program Files (x86)\Atomia\Common\unattended.ini file can be removed – it’s not used anymore.
- TLS flags – The flags
DisableUsingServicePointManagerSecurityProtocols
,DontEnableSystemDefaultTlsVersions
,DontEnableSchUseStrongCrypto
have been added by default to all applications. If you have transformation files that are inserting these flags, you need to remove them. You can find the list of transformation files that should be removed on the page Disabling weak TLS protocols. - Sensitive data logging – The service properties with sensitive data are no longer filtered based on the setting
ExcludePropertiesForLogging
that is defined in the file C:\Program Files (x86)\Atomia\AutomationServer\Web\web.config. Instead of using this setting, you should addlog="false"
attribute in the provisioning description to service properties that you do not want to log into action trail logs and audit logs. - Mail password hash – As of this version, the mail passwords will be hashed with the SHA512 algorithm. Existing passwords, hashed with the old algorithm, will still work provided that all dovecot-sql.conf files are updated as explained below. All new or updated passwords will use the new algorithm. To return it to the previous algorithm or to change it to another algorithm (SHA265) the following property should be added under the
PostfixAndDovecot
resource (in the C:\Program Files (x86)\Atomia\AutomationServer\Common\Resources.xml)
<property name="EncryptionMethod">sha256</property>
Thepassword_query
property in the postfix config file (/etc/dovecot/dovecot-sql.conf) should be replaced on all mail servers with the new one. To get the new SQL query, please contact our support (use support code PROD-2524). - FTP password hash – As of this version, the FTP passwords will be hashed with the SHA512 algorithm. Existing passwords, hashed with the old algorithm, will still work provided that all MySQL configuration files and tables are updated as explained below. All new or updated passwords will use the new algorithm. To return it to the previous algorithm or to change it to another algorithm (SHA265) the
EncryptionMethod
property should be changed to the desired algorithm value under thePureFTPD
resource (in the C:\Program Files (x86)\Atomia\AutomationServer\Common\Resources.xml).
The value forMYSQLCrypt
property in the configuration file for pureftpd (/etc/pure-ftpd/db/mysql.conf) should be changed toany
on all FTP servers. This is the required modification in order to support older hashing algorithms. Also, the users table should be altered to support new SHA512 hashes. To get the alter SQL query, please contact our support (use support code PROD-2526). - Password reset REGEX – Regex for validating passwords on the reset password page in Atomia Identity has been removed from the resource file C:\Program Files (x86)\Atomia\Identity\STS\Themes\NewDefault\Views\Home\App_LocalResources\PasswordReset.aspx.resx. If your custom theme in the Atomia Identity overrides the file C:\Program Files (x86)\Atomia\Identity\STS\Themes\NewDefault\Views\Home\PasswordReset.aspx you will need to edit it and replace
Html.Resource("PasswordRequirements")
withViewData["PasswordRequirements"]
. The default REGEX that existed in the PasswordReset.aspx.resx is not changed. The override is possible by adding a rulepassword_requirements.user.identity
in C:\Program Files (x86)\Atomia\Common\atomiaConfigurationStore.overrides as explained in this article. - Default payment plugin – The default payment method in Atomia Billing Customer Panel is now selected based on the choice made on the reseller configuration page in Atomia Admin Panel (Admin Panel > Settings > Reseller Configuration) on all payment pages. To return to the previous behavior, where some pages (Buy domain, Transfer domain, Mass transfer domain, Extra services) were ignoring reseller configuration and were using the method set in the C:\Program Files (x86)\Atomia\BillingCustomerPanel\App_Data\appConfig.config (option name
DefaultPaymentPlugin
), create a transformation file to change the option in this file to the old value (by default it used to bePayWithInvoice
). In case there is some transformation file changingDefaultPaymentPlugin
option toUseResellerConfiguration
value – the file can be removed since that is the default value now. - JQuery, jquery.cookie and knockout.js – We have updated the jQuery library to version 3.5.1. jQuery 3.5.0 has a breaking change that may affect customizations for HCP and BCP. If that happens, you can temporarily disable the breaking change as explained on the jQuery website. Knockout.js is upgraded to the latest version in all GUI panels (except admin panel) so you might want to check your customization pages if you rely on the knockout library. Deprecated library jquery.cookie has been replaced with library js-cookie. If you use jquery-cookie in customizations, you should rename method calls in the code like this:
$.cookie('name', 'value')
toCookies.set('name', 'value')
$.cookie('name')
toCookies.get('name')
$.removeCookie('name')
toCookies.remove('name')
$.cookie()
toCookies.get()
- Unused tasks entries removed from the dashboard page – If there is a customization for the tasks loader partial view (C:\Program Files (x86)\Atomia\HostingControlPanel\Themes\NewDefault\Views\Tasks\TasksPartials\Loader.ascx) that expects keys AddWebsites and AddHosting to be set in the list (List<string>)ViewData[“TasksToShowList”], then the setting SetWebsitesAndHostingTasks in the file C:\Program Files (x86)\Atomia\HostingControlPanel\bin\Atomia.Web.Plugin.Tasks.dll.config should be set to true. These entries were not used in default Atomia and were slowing down the dashboard page unnecessarily.
- “Include sub-users” filter on the user’s pages – prior to this release, users tab in the Admin panel customer card was displaying both direct account users and sub-users. This was leading to displaying all users in the customer card for the main reseller account. Users tab now lists only direct users by default. If you want to see sub-users as well, then you should check Include sub-users checkbox. A similar checkbox is available on the main Users page in Admin Panel. The filter exists on the Users page in the billing control panel as well but is visible only to Resellers and Administrators.
- Favicons – Atomia will now by default display the …/Content/img/favicon.ico from the theme folder. Make sure that you have the correct icon in the active theme folder in Atomia Billing Customer Panel, Atomia Hosting Control Panel, and Atomia Identity.
The full changelog for the 21.5 release can be seen here.