XtendWeb upgrade

  • May 20, 2018 by Anoop Alias

Greetings,

We are happy to announce the availability of XtendWeb 4.5.11 and Nginx 1.13.12 on the yum channel

To upgrade

##

yum --enablerepo=ndeploy upgrade nDeploy nginx-nDeploy*

/opt/nDeploy/scripts/attempt_autofix.sh

nginx -t 

 # if all OK

service nginx restart

##

The major changes apart from various improvements and version upgrade in upstream nginx and modules are

1. Support for branding 

XtendWeb is now 100% white-label plugin and you can brand the plugin to your liking boosting your brand visibility and customer satisfaction

To setup branding, you will need to copy a 48x48px icon for your plugin to /opt/nDeploy/nDeploy_cp/ and /opt/nDeploy/nDeploy_whm/ folder

cp -p mybrandicon.png /opt/nDeploy/nDeploy_cp/

cp -p mybrandicon.png /opt/nDeploy/nDeploy_whm/

cp -p /opt/nDeploy/conf/branding.yaml.sample /opt/nDeploy/conf/branding.yaml

Edit the file /opt/nDeploy/conf/branding.yaml in your favourite text editor

/opt/nDeploy/scripts/setup_brand.sh

You can change the plugin name (brand:) visible in WHM and cPanel, The footer link (brand_footer:) visible in cPanel plugin, the icon visible in cPanel and WHM ( brand_logo:), and the plugin group visible in cPanel ( brand_group:)

If any of the above keys are removed from the branding.yaml file, the default value is taken

Setting up the branding.yaml is a one time process and the file and your branding are retained in future plugin upgrade as well.


2. Integration of Brute force mitigation template (the default) with CSF firewall. repeated brute force attempts will now get  TEMP_BLOCK ed in CSF

You can see the IP's blocked in /var/log/lfd.log 

May 20 11:32:32 XXXX lfd[30676]: (xtendweb) xtendweb blocked brute force attack from y.y.y.y  (CN/China/-): 3 in the last 3600 secs - *Blocked in csf* for 300 secs [LF_CUSTOMTRIGGER]

XtendWeb installer will automatically detect CSF if installed and set up the custom trigger 

NOTE: if there are false positives or if a user do not wish to avail this feature, they can easily switch the PROXY template from "Proxy+Brute mitigate" to " Proxy to httpd" and this will stop the LFD custom trigger from being activated for the domain

*************************************************

NB:: for customers who have a self-managed cluster - We are working on some more improvements to the system including documentation - so an upgrade is not recommended at this moment.  A separate notification will be generated in future when you can upgrade the cluster. 

***************************************************


Thank you and Have a great day ahead.