GitLab

* we need a2enmod and apache2-mpm-itk is no more provide since at least stretch

add exit 1 to inotify scripts, goes around the serious incrond bug in debian

This reverts commit 1ba7a2f4, reversing
changes made to a85ccd04.

* If we want only IP from remote then we must disable Lookup option
* Prevent problem with remote_ip (is not installed by default) and it's better to set proxy allowed and return correctly %h value

[fix] rather log %a [IP addr] than %h [HOSTNAME]

proftpd.conf: Default to modern TLS protocols

The current comparison can only work on debian stretch, that ships php
7.0, but debian buster has a more recent version and bullseye will have
an even more recent version.

This change was suggested by @ulvida (Daniel Viñar Ulriksen) on Github.
Thanks!

Closes: #459
Co-authored-by: Gabriel Filion <gabriel@koumbit.org>

# Rationale

TLSv1.2 has been out for more than 10 years, and is now widely available. TLSv1.0 and TLSv1.1 are known to be unsufficient for a few years and have been officially deprecated by the IETF recently.

TLSv1.3 is starting to be widely available, however it had implementation bugs, such as https://github.com/proftpd/proftpd/issues/959. This is fixed upstream, but fixed versions are not available in Debian 10 yet.

# Changes

* ProFTPd now defaults to TLSv1.2
* Add a comment for suggesting other values like TLSv1.3, but with a comment about buggy versions
* Add a comment for downgrading to deprecated TLSv1 TLSv1.1

API: instantiate m_message for logging

Without this global instance, nothing works during the bootstrap: all
calls to log() crash because the instance does not exist.

closes: #419

* Use only 2.4 authorization rules
* Restore server-status protection with 2.4 rules only
* close #426

* finish #263

Fix #326 - Minor detail in form

Add a notice in the README about upgrading from 3.3.11 to 3.5.x

Manual fix about ssl vhost support

Merge pull request #398 from Koumbit/bugs/374-follow_debian_policy_on_replacing_packages_using_breaks

Use Breaks instead of Conflicts with alternc-ssl and alternc-admintools

@see https://www.debian.org/doc/debian-policy/ch-relationships.html#conflicting-binary-packages-conflicts

This follows the Debian policy on using Breaks when moving files from one
package to another.

@see https://www.debian.org/doc/debian-policy/ch-relationships.html#conflicting-binary-packages-conflicts

If apt/apt-get are used to install the new package, it will know to automatically
remove alternc-ssl (or alternc-admintools) instead of refusing to proceed at all.

[fix] Ok is not allowed in level message

Should be solve https://github.com/AlternC/alternc-certbot/issues/51

Matomo integration fixes

[fix] apache2 template: typo and rephrase comment

Fix domain deletion query

Fixes #335: Fix PHPMyAdmin Single-signon errors

Fixes #370: Fix insert query failure during import_cert

The sslcsr is just set to an empty string so that the query works properly.
Without it, queries fail since sslcsr does not have a default value set.

Improved the detail of the messages logged during the failure of that query as well.

Refs #335

Refs #335

Refs #335

Refs #335