What’s New In WPCloudDeploy 4.6.0

We’ve spent the last couple of months testing WPCloudDeploy 4.6.0 and, after taking it through our fast-ring process for a couple of months, it’s finally ready for general distribution. The new features impact many areas including:

• Performance
• Security
• Aesthetics
• Server scripts
• and more

Some of the new features require that we introduce breaking changes. This means you will be required to run upgrade scripts on your servers.

If you have not manually updated any of the server configuration files, then the upgrade should be relatively painless – a single click of a button for each server.

This release also also sets the stage for support of MULTISITE with subfolders and MULTISITE wildcard SSL certificates.

Note: As with all development projects, the final release may or may not include everything we mention here.

New: “Push” Notifications

You can now send alerts on important server events to multiple email addresses, multiple Slack hooks and multiple Zapier hooks.

Events supported in this release are:

• Power events (server start up, server shutdown)
• MONIT (“Healing”) alerts.
• Server restart needed
• Backup start and end
• When malware has been detected (if Maldet is installed)

Each user/admin can create multiple alerts for different types of events, server and site combinations. Or you can create a single alert for all servers and sites (quick way to get started!)

New Backup Option

WPCD currently offers two backup options for your WordPress sites. With this release we are starting to focus on backing up critical files that are outside of your WordPress data folders.

Under the BACKUP tab on your servers you will see a new backup option: LOCAL SERVER CONFIGURATION BACKUPS

As you can see, a simple toggle is all you need to turn it on.

If you’ve ever made an errant update to a configuration file and wished you could go back in time without doing a full restore of your server or site, you’ll appreciate this feature.

The following files are backed up to another folder:

• NGINX configuration files from /etc/nginx
• php.ini
• LetsEncrypt “live” folder
• mysql configuration files from /etc/mysql
• wp-config.php files from all sites

We still recommend that you turn on your providers’ server image level backups – this new feature does not replace those images.

New: Redirect Rules

You can now set up simple redirect rules for each site at the server level. We say “Simple” because we can only handle direct URL -> URL redirection within the UI, i.e.: No NGINX regex rules can be used.

The reason for the restriction is simple – we can’t reliably escape and make safe the regex data entered into our browser-based UI before applying it on the Linux command line.

Still, there are many scenarios where being able to do simple redirects at the server level is useful.

If you really need to apply a REGEX based redirect, you’ll still need to log into the server via SSH and edit or create the redirect file (contact our support staff for instructions on creating a redirect rules file).

New: HTTP/2 Option

We’ve exposed the option to enable or disable HTTP/2 so that you no longer have to drop to the command line for it.

New: Change PHP Workers

Admins can now change PHP workers without needing to ssh into the server.

Only full WPCD admins can do this – even if a regular user has been granted permission to make site changes they will not see this option. The reason is that, in shared environments, it would be too easy for one user to set these options to hog all the server resources or break the server by requesting more resources than what’s available.

New: Security and Optimization Tweaks

We’ve now provided a UI for some commonly used NGINX options.

New: UI For Installing Fail2Ban

We added an option to allow the admin to install fail2ban on the server. We’ve provided a server level script for a while now – with this release we’ve provided a UI for that script.

We also added options to change some basic Fail2Ban parameters. These should work for most use cases.

And, for each site, you can now install the WP FAIL2BAN WordPress plugin that will allow certain WordPress related events to trigger IP blocks.

New: Set / Reset Root Password

We now allow you to set or reset the root password. But we don’t allow you to specify the password – we generate it for you to prevent using weak passwords. (Of course, we can’t do anything if you decide to go directly to the command line and apply a weak password.)

WPCD does not use the root password for normal operations. But, if, for some reason, you lock yourself out of a server, most cloud server providers provide a recovery console where you are required to login with a root password (not a key-pair).

If you’re experimenting with Fail2Ban now that it’s available in the UI, you might consider setting up a root password first. If you lock yourself out of the server with fail2ban then you can use the root password along with your server providers’ console to regain access.

New: GoAccess

You can now install the GOAccess dashboard from WPCD.

Not familiar with GoAccess? Here is a brief description, taken directly from their website:

GoAccess is an open source real-time web log analyzer and interactive viewer that runs in a terminal in *nix systems or through your browser.

It provides fast and valuable HTTP statistics for system administrators that require a visual server report on the fly.

Visual Tweaks

The server detail screen now uses vertical tabs just like the site detail screen.

And, both server and site screen tabs now include icons – a completely functionally useless change but it does make things a bit more visually appealing.

Multisite Updates

This release adds the core changes necessary to support WordPress multisite subdirectory configurations as well as wildcard SSLs for sub-domain based multisites.

New Permissions

We added explicit permissions that can be applied to five tabs on the server screen:

Most users will have no need to use these permissions. But if you’re selling server subscriptions using an SaaS style service where you manage the servers for your clients, then you might need access to these new permissions.

New: Email Alerts For Server & Site Owners

This feature is probably only going to be of interest to agencies with a lot of servers and sites scattered across various server providers. With it you can specify one or more “owners” of a server by setting up email addresses directly on the server or site record.

Then, you can choose one or more servers and sites and compose emails to those owners.

This is useful when you receive a maintenance notification from a server provider. You can then just choose all the servers or sites located at that provider and send out an alert email to the respective owners – without having to wonder if the server provider field in your CRM is up to date.

---

Server Level Changes

---

As mentioned at the top of this article, WPCloudDeploy 4.6.0 includes some breaking changes that will require upgrade scripts to be run on your servers. Lets take a look at some of them:

PHP OpCache

OPCache is now enabled by default on new servers and configured to assume multiple sites that should not be exposed to each other (Shared hosting environment).

If you are dedicating a site to a single server or multiple sites that belong to the same user then you can disable a couple of the OPCache directives to get slightly better performance.

Server Changes

New servers will enable GZIP on additional file types and also enable AIO and PCRE JIT, all of which will increase performance slightly.

For Existing servers: You will need to run the update script available in the UPGRADES tab on each server screen.

Prior versions of the server stack actually had GZIP enabled but not for many common file types. This new version of the stack includes all the usual suspects.

Site Changes

New sites will enable automatic browser caching of images and certain other static assets.

In the past we assumed that a CDN or other proxy (such as Cloudflare) would be used to facilitate this functionality but it doesn’t really hurt to enable it anyway. It’s still a good idea for you to enable a CDN or proxy on production sites – if those sites have decent traffic a CDN will usually be faster than going directly to your servers for static assets.

Tweaks & Fixes

Our Best Fix Yet

Regular users of our product know there was a very very annoying issue with tabs – when the page refreshed you were always taken back to tab #1 instead of returning you to where you were. This was a limitation of the metabox.io library which we used to rapidly build things out.

Since it didn’t seem as if metabox.io was going to fix this trait anytime soon, we applied a JavaScript band-aid of our own in this version. So, in most cases, after applying a setting and refreshing the screen, you will be returned to the tab you were on.

We can’t claim that it will work 100% of the time since it is a band-aid but it’s a lot lot better than it used to be!

Tweaks

• Tweak: Show the initial WP login credentials under the MISC tab.
• Tweak: In the NOTES section for servers and sites, there is a new tab that can only be seen by admins. The other tabs can be seen and used by regular users if they’ve been assigned rights to the server or site. This new tab allow admins to add notes without fear that they will be seen by regular users.
• Tweak: Add support for Monitorix for Ubuntu 20.04.
• Tweak: If a site is disabled, show a disabled message in most site tabs instead of allowing the admin to perform operations that might fail because of missing Nginx config files.
• Tweak: Removed Ubuntu 20.04 from limited release – it’s now fully supported in this version.
• Tweak: Add an option to the select drop-down for WP versions to support WP 5.6.1.
• Tweak: Make sure domain names are always lowercase when changing domains or cloning a site.
• Tweak: Lock down the ability to change advanced php.ini options to system admins.
• Tweak: Lock down the ability to reset the restricted set of PHP functions to system admins.
• Tweak: When setting a “common” php option, validate it against a known good list.
• Tweak: Add option to hide the NOTES column in general tab in the SERVER screen. Most experienced users don’t need to see this column so it’s nice to just get it off the screen.
• Tweak: New option to hide the instance id from the server list screen. This is useful for SaaS situations where you don’t want the customer to know the server instance ID for security reasons. However, it will ALWAYS show for admins.
• Tweak: Add option to remove the email gateway package after it’s been installed. Before you had no option to remove it other than with an ssh login.
• Tweak: Add the disk size to the Digital Ocean server size description.
• Tweak: Add option to remove Digital Ocean as a provider in the list of providers that is displayed to end users.
• Tweak: Add in 7G firewall scripts
• Tweak: Remove the “Show Old Logs” dropdown from the server list. Can still be shown by turning on an option in settings.
• Tweak: Remove the “Install WordPress” link under the title column. It’s redundant. But it can still be shown by turning on an option in settings.

Fixes

• Fix: Sometimes a required entry for page caching was not automatically added to the wp-config.php file.
• Fix: Prophylactic code added to the bash scripts to prevent user names from being greater than 32 chars.
• Fix: A function was returning incorrect data about the existence of a domain.
• Fix: The primary server callback might sometimes fail if there’s a space in the UPTIME data
• Fix: The toggle for turning on and off the UFW firewall never really worked – the toggle logic was actually inversed.
• Fix: Silly bug in the push-commands.php file where we used add_action instead of do_action.
• Fix: When changing the PHP version on the SERVER TOOLS tab, we now set a meta that shows the new version.
• Fix: Enabling Memcached was causing websites to crash.
• Fix: Call the proper function to get a list of server providers in our demo apps (VPN, BASIC SERVER)

Wrapup

Existing customers running prior versions of WPCD should review the upgrade documentation.

We’ve also updated our performance metrics – view the latest metrics!