A new stable release has been published few days ago : v3.9.9
What’s New ?
In this release, the most important part was refactoring acme.sh integration to make it more modular and to be able to support incoming features.
We added support for another acme challenge : DNS Alias. It’s pretty similar to DNS API, and it provide the ability to use a domain with DNS API to secure another one. You can read more about this feature in acme.sh wiki.
In WordOps, you can use DNS Alias mode this way :
wo site update site.tld -le --dns=dns_cf --dnsalias=aliasdomain.tld
We also improve error log in case of failure during certificate issuance and DNS check to make sure the domain is pointing to the server IP.
To harden server security, we previously added UFW setup in our install script. It’s now available with the command
wo stack install --ufw and has been removed from the install script.
We also added two flags to the command
wo secure :
--ssh : harden ssh security with a sshd_config template following the Mozilla Infosec guidelines
--sshport : update SSH port to any custom port
- [STACK] UFW now available as a stack with flag
wo secure --sshto harden ssh security
wo secure --sshportto change ssh port
- [SITE] check domain DNS records before issuing a new certificate without DNS API
- [STACK] Acme challenge with DNS Alias mode
- [APP] WordOps dashboard updated to v1.2, shipped as a html file, it can be used without PHP stack
- [STACK] Refactor Let’s Encrypt with acme.sh
- [STACK] Log error improved with acme.sh depending on the acme challenge (DNS API or Webroot)
- [INSTALL] Removed UFW setup from install script
- [APP] phpMyAdmin updated to v4.9.1
- [STACK] Commit possible Nginx configuration changes into Git before and after performing tasks (in
wo securefor example)
- [CORE] Update deprecated handlers and hooks registration
wo stack purge --allfailure if mysql isn’t installed
- [INSTALL] Fix EEv3 files cleanup
- [SECURE] Incorrect variable usage in
wo secure --port
- [INSTALL] Fix backup_ee function in install script