InterWorx Version 5.0.14 Released on Beta Channel!

Version 5.0.14 is a large bug fix release, and it is now live on the beta channel! If you’d like to try it out on your system, change the update repository on your system to Beta (

Below is a summary of the changes included in 5.0.14 build 577:


  • Changed default password hashing algorithm to more secure bcrypt for InterWorx logins.
  • Updated php-iworx to 5.3.28, fixing CVE-2013-4073 and CVE-2013-6420
  • Fixed an issue with a possible SQL Injection vector in Payloads - thanks to Eric Flokstra
[B] New Features: [/B]
  • NodeWorx users may now enter an optional message when suspending a SiteWorx account
  • API functions to detect VPS environments
  • Added the ability to edit existing scheduled backups
  • Made the default interworx webserver redirect configurable via iworx.ini: [iworx] index="/nodeworx/index"
[B] Enhancements: [/B]
  • Upgraded APF to 1.7.5
  • Added second-level-quota notifications during InterWorx install on OpenVZ, etc
  • Increased the maximum qmail process concurrency that is configurable, from 120 to 255
  • For PCI compliance requests, the InterWorx login pages can now be configured as no-autofill, so browsers won't save the logins. Configuration is in NodeWorx > Server > Settings. Off by default
  • Djbdns RPM now does not start services on update, unless it needs to
  • Added support for relative (../) and homedir (~/) paths in InterWorx CLI commands
  • Minor interface cleanups on the heliotrope theme login page
  • New httpd package compiled for support with prefork and worker mpms
  • Improved InterWorx license expiration messages
  • Updated SimpleScripts plugin configuration to reflect changes made to their service. Specifically, the removal of "new web host" accounts
  • Added support for "" subdelegation format in DNS Record interfaces
  • Fixed an issue with importing e-mail boxes from cpanel with extra-long hashed passwords
  • Significant DirectAdmin importer improvements. The importer now: [LIST]
  • imports email groups
  • recognizes email box copy-to
  • recognizes vacation responders
  • recognizes domain local delivery status
  • imports email auto-responders
  • recognizes existing quotas for groups and auto-responders
  • Updated ClamAV to 0.98.1
  • Added ability for real email boxes to have multiple forwarders
  • Added the ability for auto-responders to forward to multiple emails [/LIST] [B] Bug Fixes: [/B]
    • VPS InterWorx Licenses are not permitted use Load Balanced Cluster functionality - made this requirement explicit
    • Due to incompatibility issues, OpenVZ/Virtuozzo platform is now blocked from accessing Clustering functionality
    • Fixed an issue during install wherein APF could incorrectly detect the presence of a monokernel, breaking FTP
    • Fixed "Not logged in" error when trying to use the password generator in SiteWorx
    • Fixed an issue with theme debugging causing broken HTML output
    • Fixed Bug: unable to control system services on cluster nodes
    • Fixed an issue with pointer domain redirect configuration not being cascaded to nodes
    • Fixed an issue with VIPs not being properly unbound from cluster nodes when IPs are removed from the cluster, in certain cases
    • Local e-mail relaying via IPv6 localhost now enabled by default, same as it was before for IPv4
    • Prevented adding email boxes when local delivery is off
    • Disabled webmail when an account has local delivery disabled
    • Fixed an issue with the command queue when a SiteWorx account has moved to a reseller with lower limits
    • Fixed an issue with opening already-open firewall ports on cluster nodes bring down the command queue
    • Improved command-queue resiliency regarding the IP Management: Default Sites settings
    • Prevented a situation that allowed deleting VIPs on a cluster node
    • Modified the problem detector email to be more clear about hostnames on cluster nodes
    • Fixed an issue with cluster node adding reporting failure occasionally, until the cluster node page was refreshed
    • Fixed an issue with certain cluster command queue actions being run twice instead of once on nodes
    • Removed 35-character hash limitation within email disable function
    • Prevented unnecessary redirection when deleting a Siteworx DNS record
    • Fixed an issue with theme caching breaking theme syncing in clusters
    • Fixed an issue with InterWorx trying to load IP addresses from backup files in /etc/sysconfig/network-scripts
    • Fixed an issue with visible HTML code in the System Health page
    • Fixed a stacktrace when attempting to edit SPF records in SiteWorx
    • Fixed an issue with parent theme fallback when a child theme is missing
    • Fixed MySQL server management related to remote MySQL servers.
    • Fixed an issue wherein a payload refresh would not honor a user's language setting, reverting to the default instead
    • Fixed an issue with the appearance of multi-line inputs with auto-complete

    Feel free to discuss this release or ask questions here, but for the serious issues, open a ticket at the support desk.

  • Hi Brett

    Excellent work, you guys so rock and lovely to see some of the improvement is from feedback.

    I’ll have a better look tommorow as it’s late.

    Many thanks


    Love it guys, I think I’m going to upgrade to the Beta just to try the new stuff :smiley:

    Great fixes/enhancements. Just came across this. I remember answering Brett’s WHT post about verifying second-level quotas actually. :slight_smile:

    A bit about the Virtuozzo/OpenVZ containers and clustering – I’ve been testing this on my own time, recently actually, and I can get NFSv3 up an running on an OpenVZ container running SL 6.4 and RHEL (CentOS) 6.5.

    Kernel-space NFS server is supported by latest RHEL5 and RHEL6 based kernels and since vzctl-3.0.24 –

    It’s a little disheartening to read that the Clustering feature is now blocked for containers. I’d (quite literally last night) just completed another install of *worx and was hoping to pick up a license for it next week.
    Would clustering still be impossible on the container level even if I were able to get the NFS mounts set correctly inside of the CT?

    John Edel
    Jetfire Networks

    Hi John

    You may want to ask for a test licence first to try, and if I have read your post correctly, I don’t think it is IW who blocked clustering on virtuoso, but if your setup works, that would be lovely.

    I hope you don’t mind my thoughts

    Many thanks


    Clustering should be possibly. Both DirectAdmin, and cPanel offer clustering on vps licenses. With testing, maybe InterWorks could add support?

    I think there might be a misunderstanding here. Clustering still works on VPS – you just need an Unlimited license for it. The issue with OpenVZ/Virtuozzo is there are certain limitations in the environment that prevent clustering from working.

    When you’re talking about clustering with DA and cPanel, though, what do you mean? I think the clustering you’re talking about there is DNS clustering, which is very different and much more limited than InterWorx clustering. Their DNS clustering basically lets you setup DSN publishers and listeners, which is something that any InterWorx server can do with or without clustering enabled.