This month we’ve released some big updates across our platform, especially over the past 7 days. This post is a summary of these updates, along with the links to the corresponding knowledge base articles. There’s a lot to cover, so let’s dive right in.
Table of Contents
- Multi API
- New, Additional IP Address to Whitelist (and Fixing Orange Dots)
- Rate Limiting Whitelisting – Oxygen is now Whitelisted by Default
- Dashboard Notification Timezone Customization
- PHP $Sockfile Variable
- Additional Security Measure Nginx Includes
- Routing and Cloudflare APO
- GP-CLI for Monit
- New Knowledge Base Articles
Hurray! This is one that I myself am particularly excited about, and I’m sure many of you are too. If you’re on the Developer plan or above, you can now add more than one API key for different providers.
Need to add a client’s Cloudflare API keys to your account? No problem! You can now add their key along with your own. Learn about all the details here:
Also, now all of your API keys can be named so that you can easily distinguish between them within your account. However, as all previously added keys had no assigned name, these have been autogenerated using a Star Wars name generator. So, if you see that your SendGrid key is named “Hired Gun Flyboy” are were wondering what the hell was going on, this is why 😉
New, Additional IP Address to Whitelist (and Fixing Orange Dots)
We now have an additional IP address that you may need to whitelist if you’re using the firewall at either Vultr or DigitalOcean. If you’re seeing an orange dot next to your servers within your account, this is likely the cause.
Whitelisting information can be found in this article:
Also, one of our clients also reported that they had to add the IP under the API Access Control (and not firewall).
Rate Limiting Whitelisting – Oxygen is now Whitelisted by Default
You can now whitelist specific URIs and IP addresses from our rate limiting measures.
With this new update, we’ve also whitelisted Oxygen Builder and the Better Search Replace plugin so that they are both now whitelisted from our Zone WP rate limiting and no additional configuration is now required for either of these plugins.
The specifics can all be found in this updated knowledge base article:
Dashboard Notification Timezone Customization
You can now set your dashboard notification timezone directly inside your Settings page.
This will ensure that all of the notifications within your account have the correct timestamp relative to your local time.
Also, notifications now include the Server Time as well as the dashboard notification time. See how to set your timezone here:
PHP $Sockfile Variable
This one will fly under the radar for most, but for you Nginx wizards, this update is a cool one.
PHP .sock files are now handled via the
$sockfile variable, which has numerous benefits, including ensuring any custom PHP location blocks persist when changing your website’s PHP version.
This knowledge base article has all the details, including some background on how it works and why this it’s important (and awesome):
Additional Security Measure Nginx Includes
Our Additional Security Measures configuration files now include an additional Nginx include which allows you to customize their behaviour, including adding whitelisting.
For example, you could whitelist one very specific file to execute PHP while the keeping the Disable wp-content PHP execution measure active for all other PHP files. The knowledge base article below details the includes and an example of how to actually whitelist a specific PHP file when the disable PHP execution in the /wp-content directory security measure is active:
Routing and Cloudflare APO
Cloudflare doesn’t allow server-based www routing for its APO offering. To take this into account, we’ve released an update for our server-based routing that takes this into account. This new change means that websites set to www routing will now function correctly with Cloudflare API.
Details can all be found in this updated knowledge base article:
GP-CLI for Monit
We now have GP CLI that allows you to manage and store Monit configurations. This means that you can customize your warning notification thresholds.
Full documentation for this will be released in the very near future!
New Knowledge Base Articles
The above covers the major new releases and updates for the GridPane application. We’ve also published some pretty cool knowledge base articles recently (as well as some other helpful, but not so sexy ones).
- Getting Started with GridPane OpenLiteSpeed (OLS)
- Running GridPane on a Local Virtual Machine (VM) Demo
- Blocking Specific Pages for Specific Countries with GeoIP
- Country-Specific Redirects with GeoIP
- Server Provider Attack Warnings: How to Find Brute Force Malware (generously contributed by Thomas Raef)
- Migrating Websites Away from GridPane
The changelog is up-to-date and you can view this here:
Below is a quick rundown of these changes.
- Multi API integrations – Dev & Agency
- Bundles API – full bundle Management
- API Cloning – new site ID in response
- Agency Kiosk Support – direct to GP central
- App Instances updated to Ubuntu 20.04
- Server Build Selection warnings
- Panel Notification Timezone
- Failover Management UI Update
- Cache Tab button reactivity
- Enable Multisite Warning Modal
- Server Backups Tab KB links
- API 401 error handling
- Client Logs Restrictions (Agency whitelisting)
- SSO toggle link opening
- Team Client pricing
- Beta Features Availability
- gpmonit – cli management
- Run Ramdisk Monitoring and healing
- External DB tolerance for full featureset
- GP Routing – allow for CF APO
- Server datetime in notifications
- Monit Syntax False Positives – double check
- DNSME NS checks – match updated NS
- UpdateSafely and WWW routing
- gpupdate refactor – faster, systemd timer based
- gpworkers refactor – faster, lower resource
- 7G firewall rules fix (OLS)
- PHP-FPM sockfile variable storage
- Additional Security Measures – includes before
- Rate Limit whitelisting