+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Development Area (/forum-1.html)
+--- Forum: General discussion (/forum-11.html)
+--- Thread: phoning home for updates (/thread-3345.html)
Pages: 1 2
phoning home for updates - ispcomm - 05-21-2008 09:58 AM
I just discovered that each time the admin logs in the ispcp panel, a call is made to http://www.ispcp-control.net to check for updates.
While I'm not contrary to this, I'd like to have an option in ispcp to turn this feature off because I don't like the idea of phoning ispcp-control every time I log in a server.
Also, when the ispcp-control web server is busy, there's a significant delay during the login process (that's the way I discovered it). The following code
Code:
$timeout = 2;
$old_timeout = ini_set('default_socket_timeout', $timeout);
$dh2 = @fopen($last_update, 'r');
ini_set('default_socket_timeout', $old_timeout);Also, on production servers I disallow the URI parts of fopen etc, because they're a serious security risk in shared hosting env.
shall we put an option in ispcp??
ispcomm
RE: phoning home for updates - BeNe - 05-21-2008 03:46 PM
We already had such a problem a time ago when isp-control.net was down.
But a function to disable would be good.
Greez BeNe
RE: phoning home for updates - ispcomm - 05-21-2008 06:10 PM
Ok.. I'll go ahead and put a new var in ispcp.conf, then attach the patch to a ticket.
ispcomm
RE: phoning home for updates - BioALIEN - 05-21-2008 08:45 PM
Major +1 to this. Today's downtime caused unnecessary delay for us today.
RE: phoning home for updates - ispcomm - 05-22-2008 06:55 PM
I created a ticket with the patch http://www.isp-control.net/ispcp/ticket/1277
The new parameter to ispcp.conf is CHECK_FOR_UPDATES (yes/no) which by default is yes (current behaviour). Also, the patch is made in a way not to break current ispcp.conf installations that miss it (simply defaults are used in this case).
The parameter has effect only on the login page of the administrator. If you manually go to system tools->ispcp updates a check will be made regardless the status of CHECK_FOR_UPDATES parameter (which is good to have).
I'm pushing one more feature with this patch, which is the possibility to specify password parameters in the ispcp.conf file instead of modifying the source (PASSWD_STRONG and PASSWD_CHARS added).
I needed this as some of my accounts have long text-only passwords and will not be validated with the current ispcp.
ispcomm
RE: phoning home for updates - ephigenie - 05-22-2008 09:47 PM
yeah - sry about the downtime - i had a race-condition in my script for zone-transfers to the slave servers
RE: phoning home for updates - kilburn - 05-23-2008 12:28 AM
Well... sorry about the "wasted" work ispcomm :S In fact, before your patch there where those "strong password" options in the gui and probably the best way to implement the "auto-check-for-updates" feature is do it the same way (stored in the db).
If you don't want to re-make the patch I'll do it for you.
RE: phoning home for updates - ispcomm - 05-23-2008 12:55 AM
Well, it's not lost work as I get to understand how things work.
I wasn't aware of the gui options (oops), but I must file a bug because sometimes that settings are ignored completely. For example editing a password for a mysql user always requires strong passwords regardless of the gui setting.
Another problem is creating mail user: strong password is required on creation, but if the user is already there, then strong password is not enforced (i.e. the setting is respected).
This was why I modded it in the first place. On a closer examination, the default ispcp installation database is missing these values and they're inserted only when a "save" is done in the edit settings page. ouch... a little inconsistent but it works.
I have to redo my patch
ispcomm.
RE: phoning home for updates - Zothos - 05-23-2008 02:02 AM
hm, could you post the standard values for every setting in here? So i can write a update function and modify the database.sql.
RE: phoning home for updates - ispcomm - 05-23-2008 04:43 AM
I would but I changed some of them. Out of my memory the values should be these:
Code:
LOSTPASSWORD 1
LOSTPASSWORD_TIMEOUT 30
PASSWD_CHARS 6
PASSWD_STRONG 1
BRUTEFORCE 1
BRUTEFORCE_BETWEEN 1
BRUTEFORCE_MAX_LOGIN 5
BRUTEFORCE_BLOCK_TIME 30
BRUTEFORCE_BETWEEN_TIME 30
BRUTEFORCE_MAX_CAPTCHA 5
CREATE_DEFAULT_EMAIL_ADDRESSES 1
HARD_MAIL_SUSPENSION 1
USER_INITIAL_LANG lang_English
ISPCP_SUPPORT_SYSTEM 1
DOMAIN_ROWS_PER_PAGE 10
LOG_LEVEL 512The defaults can be found in of them are in ispcp-lib.php
ispcomm