Originally, this release was supposed to be a nip-and-tuck release that primarily fixed and cleaned up a few items. However, as time passed in July we added more new features and so here we are again – another release chock-full of stuff for you.
Important: This release includes new files and directives that need to be added to existing servers. Before applying this update to your WPCD server, please contact our support team so that we can update your existing servers with the new nginx files and directives. This is our first release with changes that break backwards compatibility – sometimes one just has to bite the bullet to set the stage for significant future improvements.
New: Delete A Site & Backups
In the past when you deleted a site, its local backups remained on the server. Now, you have the option to delete those backups at the time the site is deleted.
Even with this new option, remote backups are never deleted.
Cosmetic: New Logo
We have a brand-spanking new logo and we’ve incorporated it into a couple of screens:
New Cache and PHP columns
We found ourselves wanting to quickly figure out which sites had caches enabled and what version of PHP was installed on them. So we added them as columns to the App list.
We also color coded the PHP version – red to show outdated or unsafe versions, green to show acceptable versions and orange as a warning that the version might soon be outdated.
Now we can quickly scan down the list of our sites and view outdated PHP versions or sites without caches enabled.
We’ve added a separate STATISTICS tab to the server detail screen. Click a single button and you can view the output of four different server-level commands that provide disk, memory and network traffic information.
With this new Statistics tab on the server screen, we removed the VNSTAT statistics from the APP screen since its data is aggregated server level data and is now shown on the server screen. But we also added an option in the settings screen to put it back there if you wish.
You can now install the MonitorIX data collection utility on servers. This utility allows for monitoring a large number of metrics. But, of course, we provide sensible defaults – if you want to change them you’ll need to drop to the command line and modify the configuration files there.
We include the following charts upon installation:
- System load
- Kernel usage
- Filesystem usage
- Network traffic
- Netstat statistics
- System services demand
- Port traffic
- Nginx statistics
- MySQL statistics
The utility allows you to view the data in chart intervals of one day, weekly, monthly and yearly.
Quick Start & Documentation
We’ve added a new button on the SETTINGS Welcome screen that takes you directly to the quick-start documentation.
Additionally, if you check our documentation you’ll see a large number of new and updated items.
Updated Bash Scripts
We’ve updated some of the scripts used to execute server level tasks.
The backup script has a number of new options:
- Prune local backups without running the backup process.
- Clean up backups on a server. It can now identify local backup files that have no corresponding sites on the server and to optionally delete those backups.
- Delete all local backups for a single site or for all sites.
None of the new backup script changes can be accessed from the UI at this time. But for those of you that are comfortable on the command line these new options are available today – just execute the 08-backup.sh script and follow the prompts.
New Security Rules
New servers will enable new security rules and new sites on those servers will automatically be opted into the new security rules.
Some of these new rules are:
- Limit the number of login attempts per second on the wp-login.php screen.
- Deny access to files with a ‘.log’ extension.
- Deny access to files that start with a period.
- Prevent execution of any cgi script that’s not a php file.
- Prevent execution of any php script in the WordPress uploads folder.
- Prevent downloads from files in the updraft folder if UpdraftPlus is installed.
Additionally, on the settings screen we hide data in certain fields by default – including the API KEY fields and the PRIVATE KEY fields. Even when entering data in these fields, the default is to hide the newly entered data.
We changed the title of the ADD button on the Applications/Sites screen to make it clearer what the button does:
We also added the provider to the top of the primary app metabox:
For MemCached you now have the option to remove it from the server completely. Before, we only had the option to restart it or to clear the cache. But, if you install it and then change your mind you can now uninstall it to save some memory and CPU cycles.
For the REDIS add-on we changed the REDIS plugin that is automatically installed when a site is enabled for Redis. The new plugin is the one from Till Kruss.
We also updated it (REDIS) to add the option to remove it from the server completely. Just like MemCached, we only had the option to restart it or to clear the cache. But, if you install it and then change your mind you can now uninstall it to save some memory and CPU cycles.
We updated the default list of WordPress versions to their latest point releases and added version 5.5 scheduled for release in August 2020.
We updated relevant BASH scripts to allow admins to add new NGINX directives without directly modifying our default NGINX configuration. You can learn more about this in our Adding Custom NGINX Configs help document.
We also added a filter to allow the logo to be replaced when adding a server or site – wpcd_popup_header_logo. This is useful for admins and installations that are white-labeling the plugin.
- The experimental e-mail gateway feature that was released with 2.6.0 would not show an error message if a test email failed to be sent. That is now resolved in this update.
- The page cache confirmation message always said “cache has been disabled” even when the action was to “enable” it.
- There was an issue with storing custom bucket names for the all-sites backup.
- There was also a related issue with storing retention days for the all-sites backup.
- PHP Warning about invalid commands or index for certain backup operations – it didn’t hurt anything but was just annoying to see in the log files.
- There was an issue with the 6G firewall where, if there was a colon in the URL you would get an http forbidden error. This would affect common scenarios where you have redirects in the url such as this: http://subdomain.domain.com/logout?redirect_to=http://subdomain.domain.com/login. Notice the colon in the query args section of the url – in the past that would cause a forbidden error if the 6G firewall was turned on.
- Enabling multisite SSL would always show as successful even when it sometimes failed.
- Updated the BASH script for server-sync to resolve an issue where lock files would sometimes be left behind if the server-sync process failed – which would prevent future syncs from running.
Keep sending your feedback so we can keep nipping and tucking to polish the existing features. We’re currently focusing on improving the existing features instead of adding massive new features – sometimes you just have to slow down in order to make something great in the long run.
Follow us on Twitter! We post a lot of cool things there first. Click the bird below!