Changes since Webmin version 1.400
- Webmin Core
- Big Czech translation updates, thanks to Petr Vanek and the Czech translation team.
All popups in Webmin are now XSS-safe, and thus do not need protection from unknown referers which prevented them from working in some browsers.
All Webmin session IDs are now stored MD5 hashed, to prevent sessions from being captured if the sessiondb DBM is somehow read by an attacker.
Many Dutch updates, thanks to Gandyman.
MD5 encryption for Webmin and Unix passwords can be used on systems that have either the MD5 or Digest::MD5 perl module, or support it in the crypt() function.
- Webmin Users
- Fixed the display of modules granted to groups.
Added a per-user option to opt out of forced password changes after a certain number of days.
A human-readable description of the password restrictions regular expression can be entered, for use in error messages.
Webmin users can now be given temporary passwords, which they are forced to change at the next login. Thanks to GE Medical Systems for supporting this feature.
- Apache Webserver
- Moved the SSL password option to the global settings level, to correspond with the way Apache expects it.
- Bandwidth Monitoring
- Fixed several bugs that prevented bandwidth monitoring from working properly on FreeBSD and OSX.
- BIND DNS Server
- Keys in ACL sections are no long mangled by Webmin. This means that each IP or key must be entered on a separate line in the Access Control Lists page.
- Scheduled Cron Jobs
- Fixed a bug that prevented new cron jobs from being created unless the 'Date range to execute' setting was changed.
Added a check for a valid module configuration, especially the cron jobs directory, to prevent accidental deletion of jobs.
- Custom Commands
- Added a popup progress tracker to commands with file upload fields.
- Fetchmail Mail Retrieval
- Added an access control option to limit access to the Fetchmail daemon.
- Linux Firewall
- Show SNAT and masquerade inputs in custom NAT chains.
- Filesystem Backup
- Fixed remote tar backups via FTP on OSX.
Files and directories to exclude can be specified for TAR format backups on Linux.
- GRUB Boot Loader
- Multiple module lines in menu.lst are now preserved and editable. This prevents breakage sometimes seen on kernels using Xen.
- Bootup and Shutdown
- Updated the API used by other modules to allow new actions to be created on MacOS X systems, such as the firewall startup script.
- LDAP Client
- On Debian/Ubuntu systems with separate PAM and NSS LDAP config files, offer to link them with a new button.
- LDAP Server
- Added an option to create an example LDAP group, and made the example user a person.
- LDAP Users and Groups
- By default, all new Unix users are given the person object class too, as this seems to be needed in most new LDAP schemas.
Added support for LDAP SSHA passwords, thanks to Bill Moyers and John Gray.
- Read User Mail
- Fixed a bug that broke searching by message body contents.
- MySQL Database Server
- Added a Module Config option to show databases and tables using just their names, which is much faster under MySQL 5 as it avoids the need to count their tables, fields and rows.
- Postfix Mail Server
- Changed the default LDAP class for maps to inetLocalMailRecipient.
- PostgreSQL Database Server
- Added a Module Config option to show databases and tables using just their names.
- Procmail Mail Filter
- Improved checking for Procmail support in Sendmail and Postfix.
- Disk Quotas
- If a user to email is a Virtualmin domain owner, send email to the domain's contact address.
- Sendmail Mail Server
- Added an access control page option to prevent creation and editing of catchall address mappings.
- Squid Proxy Server
- Use the cache directive instead of no_cache for Squid 2.6.
Allow request and reply headers access control rules to be configured separately in Squid 3.0.
Added a page for editing cache manager passwords and the actions that they apply to.
Comments at the end of lines are now preserved when Webmin changes directives in squid.conf.
- System and Server Status
- Email, SMS and SNMP messages sent by Webmin can be customized, with multiple message templates defined and a different one selected for each monitor.
- Webmin Configuration
- Use the gzip -d command to extract Webmin modules, if gunzip is missing (such as on Windows).
Users with too many failed logins can be locked until the administrator unlocks them.
The default scheduled update time is now randomly selected.
- Webmin Actions Log
- Added a section to the Action Details page for viewing raw log data, which can show more detail.