phoning home for updates

[ispcomm]

I just discovered that each time the admin logs in the ispcp panel, a call is made to http://www.ispcp-control.net to check for updates.

While I'm not contrary to this, I'd like to have an option in ispcp to turn this feature off because I don't like the idea of phoning ispcp-control every time I log in a server.

Also, when the ispcp-control web server is busy, there's a significant delay during the login process (that's the way I discovered it). The following code

Code:

$timeout = 2;
        $old_timeout = ini_set('default_socket_timeout', $timeout);
        $dh2 = @fopen($last_update, 'r');
        ini_set('default_socket_timeout', $old_timeout);

is not actually setting the timeout to 2 seconds (fastcgi-php4).
Also, on production servers I disallow the URI parts of fopen etc, because they're a serious security risk in shared hosting env.

shall we put an option in ispcp??

ispcomm

[BeNe]

We already had such a problem a time ago when isp-control.net was down.
But a function to disable would be good.

Greez BeNe

[ispcomm]

Ok.. I'll go ahead and put a new var in ispcp.conf, then attach the patch to a ticket.

ispcomm

[BioALIEN]

Major +1 to this. Today's downtime caused unnecessary delay for us today.

[ispcomm]

I created a ticket with the patch http://www.isp-control.net/ispcp/ticket/1277

The new parameter to ispcp.conf is CHECK_FOR_UPDATES (yes/no) which by default is yes (current behaviour). Also, the patch is made in a way not to break current ispcp.conf installations that miss it (simply defaults are used in this case).

The parameter has effect only on the login page of the administrator. If you manually go to system tools->ispcp updates a check will be made regardless the status of CHECK_FOR_UPDATES parameter (which is good to have).

I'm pushing one more feature with this patch, which is the possibility to specify password parameters in the ispcp.conf file instead of modifying the source (PASSWD_STRONG and PASSWD_CHARS added).

I needed this as some of my accounts have long text-only passwords and will not be validated with the current ispcp.

ispcomm

[ephigenie]

yeah - sry about the downtime - i had a race-condition in my script for zone-transfers to the slave servers

[kilburn]

Well... sorry about the "wasted" work ispcomm :S In fact, before your patch there where those "strong password" options in the gui and probably the best way to implement the "auto-check-for-updates" feature is do it the same way (stored in the db).

If you don't want to re-make the patch I'll do it for you.

[ispcomm]

Well, it's not lost work as I get to understand how things work.

I wasn't aware of the gui options (oops), but I must file a bug because sometimes that settings are ignored completely. For example editing a password for a mysql user always requires strong passwords regardless of the gui setting.

Another problem is creating mail user: strong password is required on creation, but if the user is already there, then strong password is not enforced (i.e. the setting is respected).

This was why I modded it in the first place. On a closer examination, the default ispcp installation database is missing these values and they're inserted only when a "save" is done in the edit settings page. ouch... a little inconsistent but it works.

I have to redo my patch

ispcomm.

[Zothos]

hm, could you post the standard values for every setting in here? So i can write a update function and modify the database.sql.

[ispcomm]

I would but I changed some of them. Out of my memory the values should be these:

Code:

LOSTPASSWORD          1    
LOSTPASSWORD_TIMEOUT     30
PASSWD_CHARS         6
PASSWD_STRONG         1
BRUTEFORCE         1
BRUTEFORCE_BETWEEN     1
BRUTEFORCE_MAX_LOGIN     5
BRUTEFORCE_BLOCK_TIME     30
BRUTEFORCE_BETWEEN_TIME 30
BRUTEFORCE_MAX_CAPTCHA     5
CREATE_DEFAULT_EMAIL_ADDRESSES     1
HARD_MAIL_SUSPENSION     1
USER_INITIAL_LANG     lang_English
ISPCP_SUPPORT_SYSTEM     1
DOMAIN_ROWS_PER_PAGE     10
LOG_LEVEL         512

The defaults can be found in of them are in ispcp-lib.php

ispcomm