Release Notes

Version 1.9.0

Prerequisites and limitations

• This update requires Acronis Cyber Protect Cloud and the protection agent to be updated to version C24.05.
• Agentless backup of cPanel & WHM installed within virtual machines running the Ubuntu operating system has a limited QA coverage.

What's new

Application-aware agentless backup of cPanel servers within Virtuozzo Hybrid Server 7.5 virtual machines

With the new application-aware agentless backup and recovery functionality, users can seamlessly back up and restore multiple virtualized cPanel servers using just one protection agent installed on the virtualization host, without the need for dedicated agents within each virtual machine.

This feature mirrors the capabilities of the traditional agent-based configuration, covering full cPanel server recovery in disaster scenarios and recovery of individual cPanel objects such as accounts, domains, and databases.

This new functionality streamlines the transition from agent-based to agentless configurations, optimizing resource utilization and reducing maintenance costs.

Reworked plugin configuration flow

The revamped plugin configuration flow accommodates the requirements of the application-aware agentless backup functionality, while also improving overall flexibility.

Authentication forms within the plugin have been eliminated for agentless setups, including both virtual machines and containers. Authentication now takes place through a script provided with the protection agent installed on the virtualization host.

Additionally, the configuration wizard now offers the flexibility to skip protection agent installation as well as providing a choice of creating an individual protection plan or assigning an existing shared protection plan within the console.

Metadata collection via built-in executable binary

The cPanel metadata collection method for application-aware backup has been transitioned from plugin scripts to a dedicated executable binary included with the protection agent. This change offers faster performance as well as enhanced security and improved reliability. Despite the transition, the metadata will continue to be collected in the same format.

Active cPanel toggle in the Application backup

The cPanel toggle within the Application Backup section of the protection plan replaces the previous approach of using scripts triggered in the 'pre/post data capture commands' section. This enhancement offers a more robust approach, reducing the risk of human error in configuring the 'pre/post data capture commands.'

By default, this option will be enabled for all protection plans generated within the plugin. However, the legacy script-based method remains available for backward compatibility and to accommodate scenarios where a shared protection plan is used to back up multiple servers with various supported hosting control panels.

Settings to hide entire server recovery and account recovery operations from the Dashboard

The settings to hide the buttons for restoring the entire server and restoring own accounts help prevent accidental triggering of heavy and irreversible operations by administrators or users, reducing and mitigating the risk of human error.

Updated plugin configuration preset

The plugin configuration preset has been updated to collect file system metadata two levels deep inside an account's home directory, and to retain cached metadata for the last three recovery points on the local filesystem. These adjustments aim to improve dashboard responsiveness during backup browsing, ensuring a smoother user experience with negligible impact on the backup operation time.

Dedicated cloud component for hosting control panel integrations

A new dedicated cloud service offloads several functions from the protection agent and plugin, such as listing recovery points, managing protection plans and backup jobs, and creating tasks for mounting and unmounting recovery points and recovering cPanel objects. This cloud service reduces the load on local components and unifies the workflow for both agentless and agent-based scenarios.

Improved backup and recovery operations

This update introduces significant changes to database backup and recovery operations. On MariaDB servers version 10.4.1 and newer, BACKUP STAGE commands will replace the classical global read lock (FLUSH TABLES WITH READ LOCK, FTWRL) to enhance the efficiency and reliability of the backup process.

Additionally, whenever feasible, database recovery will now use file copying from backups instead of real-time dumping and restoring from SQL dumps. This new approach improves performance by speeding up recovery operations and reduces resource consumption by eliminating the need for additional temporary storage for SQL dumps. However, this improvement will not apply to InnoDB databases with `innodb_file_per_table=OFF`, where classical mysqldump commands will be used.

Fixed issues

• [CI-24745] Recovery of MySQL databases fails on a MySQL server with replication enabled to an offsite server.
• [CI-25229] Emails are not visible after successful mailbox recovery until the mailbox index is manually rebuilt.
• [CI-25390] Improper removal of MySQL files on the host may result in database recovery failures on certain configurations.
• [CI-25495] Database recovery fails with the error "Too many open files".
• [CI-25525] Recovery failures occur due to an inconsistent state of mounted partitions.
• [CI-25688] Recovery of a database with user accounts fails if a second mysqld instance is running before termination of the first.
• [CI-26094] Unattended plugin configuration fails if a protection agent was installed but not registered prior to plugin configuration.
• [CI-26242] The Recovery Operations Log window sticks on loading when rendering records with large amounts of data.
• [CI-26331] Database recovery fails due to a file with immutable attributes in the MySQL data directory blocking mysqld execution.
• [CI-26643] Running mysqld with 'su' instead of 'sudo' causes database recovery performance degradation on some systems.
• [CI-26911] Presence of duplicated sections in /etc/my.cnf during backup leads to recovery failure from this backup.

Known issues

Fixes to the following known issues will be delivered in the protection agent version C24.07:

• [CI-27879] Databases recovery fails when the suffix option is used.
• [CI-27905] Backup mounting fails on Virtuozzo Hybrid Server containers.
• [CI-27932] Plugin reinstallation in agentless scenarios fails due to issues in the create_hosting_panel_client.py script.
• [CI-27990] Database views and triggers are not restored upon database recovery.

Version 1.8.2

Fixed issues

• [CI-27668] The backup feature cannot be enabled from the plugin's dashboard if pre/post backup commands are also enabled.

Version 1.8.1

What's new

This update introduces support for AlmaLinux 9, CloudLinux 9, and Rocky Linux 9 operating systems in the plugin.

Note that it is critical to update the protection agent to at least version C24.04 (build 24.4.37758 or later) in order to ensure seamless backup and recovery of the cPanel application on these operating systems.

Version 1.8.0

What's new

Individual protection plans

To provide an additional layer of security within the integration, each server will now have an individual protection plan created automatically. These protection plans will be specifically associated with the workloads that initiated their creation during integration configuration and cannot be revoked or assigned to other workloads.

If you need to protect multiple servers with a single plan, you can create a protection plan in the Cyber Protection console and assign the respective workloads from there. Note that protection plans shared by multiple workloads can only be edited through the Cyber Protection console and respective API calls, but not within the integration using the configurator.sh script.

The introduction of individual protection plans would not require changes to current setups.

New low-privileged role

To ensure secure and limited communication between integrations and the backup service, a new, low-privileged role is introduced. This role will be tied to specific integration instances and will have restricted access — allowing each integration to handle only its own archives and protection plans. Upon updating with this security release, existing tokens will be seamlessly replaced with new ones, ensuring a smooth transition with no impact on the user experience.

Obligatory plugin registration upon installation

To further enhance security, the integrations are reworked to require mandatory authentication with Acronis Cyber Protect Cloud during the configuration process. This authentication will be necessary regardless of whether the protection agent has already been registered.

Decreased account privileges for plugin registration and configuration

The changes described above allowed us to decrease the minimum privilege level required to install and configure these hosting control panel integrations. Now the 'protection user' role is sufficient for such tasks.

Dynamic default protection plan naming

To make it easier to identify and distinguish protection plans associated with specific cPanel servers in the Cyber Protection console, we have updated the default protection plan naming convention. The default protection plan name will now be dynamically generated as 'cPanel %HOSTNAME%' instead of the generic 'webcp'.

Fixed issues

• [CI-11631] The activity log for a failed pre-capture command is filled with irrelevant or unhelpful messages
• [CI-22834] Custom MySQL data directory is ignored
• [CI-22837] MySQL grants are missing from the account dump produced by the cPanel plugin
• [CI-22854] The mysqld_safe process exits with a status of 0 without creating any log files
• [CI-23003] The last and next backup times are displayed in the UTC timezone instead of the server time zone
• [CI-23064] Quoted values in my.cnf cause mysqld execution failure
• [CI-23129] MySQL database download and recovery fail if innodb_data_home_dir=<path> is added to my.cnf
• [CI-23155] Database recovery fails with error "Can't find message file '/share/mysql/errmsg.sys'."
• [CI-23247] The restorepkg utility attempts to restore an account into a folder inside the mounted recovery point
• [CI-23303] The mysqld process fails to start if the log file does not exist
• [CI-23638] The plugin does not clean frontend artifacts upon uninstallation, leading to re-installation problems
• [CI-23849] Corrupted ib_logfile0 content leads to "InnoDB: Missing MLOG_CHECKPOINT at _ between the checkpoint _ and the end."
• [CI-24102] Dumping databases with the use_required_dbs mode loads all databases
• [CI-24624] Incorrect pre-capture command in a plan causes recovery points to load anyway

Security fixes

Find information about the security issues fixed in this release at https://security-advisory.acronis.com/updates/UPD-2308-37a7-b89c.

Known issues

• [CI-24692] Spinner animation is missing when updating plugin from UI, from 1.7.3 to 1.8.

Version 1.7.3

Fixed issues

• [CI-24444] Database recovery fails on MariaDB version 10.6 if database server does not support connection via TCP
• [CI-24504] Duplicate plugin instances are installed when updating the plugin via the Dashboard

Known issues

• [CI-24559] Endless spinner animation is displayed after updating the plugin via the Dashboard. Refreshing the web page fixes the issue.

Version 1.7.2

What's new

• Disabled the functionality for sending events and usage statistics to Google Analytics

Fixed issues

• [CI-19664] Resolved an issue where the plugin user interface would break upon updating the cPanel application to version 110.x.x
• [CI-22872] Fixed an issue where the plugin would cause the acronis_mms service to repeatedly restart after updating from version 506 to version 542 on some systemd machines

Known issues

• [CI-24504] Duplicate plugin instances are installed when updating the plugin via the Dashboard

Version 1.7.1

What's new

• An optional "innodb_use_native_aio" setting can now be added to the [mysql] section of the /usr/local/cpanel/base/3rdparty/acronisbackup/srv/config.ini file. This addition can resolve the "io_setup() failed with EAGAIN after 5 attempts" error that may occur during MySQL execution while performing database or account recovery operations. In order for this setting to take effect, make sure to restart the plugin service by running the "/usr/local/cpanel/base/3rdparty/acronisbackup/scripts/acronis-backup-srv.sh restart" command.

Fixed issues

• [CI-19664] cPanel Resellers without an associated domain cannot open backup archives
• [CI-20491] cPanel account recovery fails with the error 'RecoveryPointFindRootError' if the backup is created via a misconfigured protection plan
• [CI-21440] cPanel Resellers are unable to restore files that don't exist in the destination folder
• [CI-21679] Domain download from the archive fails for terminated cPanel accounts
• [CI-22338] Recovered database users have missing privileges
• [CI-22369] Account recovery task stacks in state 'Created' if recovery has been started before the backup is mounted
• [CI-22372] Service restart doesn't update the value of ACRONIS_MOUNT_DIR in the protection agent config file
• [CI-22373] Database recovery task stacks in state 'In queue' if recovery has been started before the backup is mounted
• [CI-22391] Failed backup status isn't updated on the dashboard if backup fails due to metadata capture errors
• [CI-22489] Service user (API client) creation fails when authenticating in the plugin via login and password
• [CI-22546] Plugin installation and update fail with the PHP fatal error "PHP Fatal error: Uncaught TypeError: reset(): Argument #1 ($array) must be of type array, null given in /usr/local/cpanel/base/3rdparty/acronisbackup/lib/ActiveOperationsContainer.php:71" when PHP 8.1.x is used on the system
• [CI-22549] Backup tab stacks on loading because the allocated memory has been exhausted by file log.php on recovery points listing
• [CI-22691] Only first 100 recovery points are shown in list on the Backups tab
• [CI-22708] The recovery point limit in the self-service recovery functionality fails to apply to customer accounts
• [CI-22729] Backup cannot be enabled from the plugin dashboard if pre-post backup commands are defined in the protection plan options
• [CI-22749] A new webcp plan is created instead of applying a revoked plan when the Backup toggle is switched on in the plugin dashboard
• [CI-22760] The plugin dashboard fails to load a list of the recovery points because PHP memory gets exhausted when the tenant has 5K registered resources

Message about future releases

Starting with the release of version 1.8.0 in May 2023, we are launching an Early Access program. This program will allow users to try out new features and ensure compatibility with their systems before the updates are rolled out to the entire fleet.

To participate in the Early Access program, you will need to switch the plugin repository on your servers. The exact implementation details will be communicated as we release version 1.8.0.

Users who wish to continue using the acronis-cpanel-stable repository don't have to make any changes to their systems. The update will be available in the stable repository approximately 4 weeks after it is released in the Early Access repository.

Version 1.7.0

What's new

• Support of Rocky Linux 8 and Ubuntu 20.04 TLS

  Now the plugin is compatible with two more flavors of the Linux operating system: Ubuntu 20.04 LTS and Rocky Linux 8.
  
  

• New mechanism of running MySQL instances

  Upon database or account recovery operation, the MySQL daemon runs from within the backup archive rather than on the live system. This change solves multiple issues related to database recovery in Virtuozzo Hybrid Server 7.5 containers. It also removes the hard requirement for MySQL version match in the archive and on the target system, thus making it possible to smoothly recover a database after MySQL server system update.
  
  

• Improved MySQL 8 support

  The logic of processing system databases was reworked to cover a wide range of non-typical database configurations available with MySQL 8 and third-party extensions. All non-customer databases are processed as system ones now.
  
  

• Safe extension uninstallation

  Upon uninstallation, the extension calls the protection agent uninstaller with the --no-purge key defined in order to keep the association between the server, its protection plan and backup chain upon re-installation.
  
  

• Unified temporary directory

  The location of the temporary directory was unified across the protection agent and the plugin. Now the value specified in /usr/lib/Acronis/system_libs/config will be overwritten with the value from the /usr/local/cpanel/base/3rdparty/acronisbackup/srv/config.ini file.
  
  

• Database user recovery upon database recovery

  The database recovery procedure was supplemented with an option to recover database users together with the database content.

Fixed issues

• [CI-10826] File recovery fails because of rsync warning with code 24
• [CI-19138] Successive recovery and download operations cause the /tmp directory to overflow
• [CI-19367] Mount points cannot be unmounted in some scenarios when the cPanel account has jailed shell enabled
• [CI-20379] cPanel accounts recovery fails on decoding the output of cPanel utilities
• [CI-21488] Metadata collection ignores all accounts, but "localhost" ones
• [CI-21944] Misleading messages in the data capture log

Known issues

• cPanel Reseller without an associated domain cannot open backup
• cPanel Reseller is unable to restore files that do not exist in the destination folder
• Recovered database users have missing privileges
• Service restart does not update the value of ACRONIS_MOUNT_DIR in the protection agent config file
• Database recovery task stucks in state 'In queue' if recovery has been started before the backup got mounted

Version 1.6.12

What's new

• Protective mechanism in the self-service recovery function that ensures exposure of at least as many recovery points as the number of backup days specified in the plan’s service level. Customers with recovery points exposure limit will see backups even if another backup job was missed or took too long to complete.

Fixed issues

• [CI-21486] cPanel plugin generates excessive load on protection plan management API
• [CI-20259] Account recovery fails with error "Insufficient disk space is available" although there's enough space in the temporary directory

Version 1.6.11

What's new

• Improved compatibility with MySQL 8

• Case-insensitive login field in the configurator.ini file
• Prompt to keep or delete newer emails upon mailbox recovery was removed for mdbox mailboxes as the functionality is available for maildir mailboxes only

Fixed issues

• [CI-19605] Canceling a backup task in the cloud console produces error messages in the plugin dashboard
• [CI-19606] "Account is disabled" error message pops up after the entire server recovery

Version 1.6.10

What's new

• Mailbox recovery can now preserve emails generated after backup creation.
• cPanel account recovery time was improved by means of optimized cPanel metadata processing.
• Recovery task handling was reworked to include the archive mounting step into the recovery task and report its status accordingly.
• Compatibility with the security improvements, introduced in Acronis Cyber Protect Cloud Update 22.07.

  The following requirements should be met:

  • Update both the protection agent and the cPanel & cPanel extension to their latest versions

  • Re-authenticate to Acronis Cyber Protect Cloud in order to generate an internal service user for protection plan management via the extension.

  Operations, related to protection plan management via the extension, including protection plan configuration and revocation as well as manual backup start, will be prohibited until then.

Detailed instructions are provided in the corresponding Knowledge Base article.

Version 1.6.9

Fixed issues

• [CI-9908] Recovery points may fail to unmount automatically. Fixed by adding a configurable option to forcibly unmount idle recovery points

Version 1.6.8

What's new

• cPanel metadata browsing flow for "Domains" and "Files" was unified for better consistency
• Logic to retry cPanel tools execution was implemented to avoid backup failures due to sporadic breakdown of these tools

Version 1.6.7 HF2

What's new

• The cPanel home file tree collection into cPanel metadata was disabled by default. This is done in order to control its impact on the backup job performance on certain systems.

Fixed issues

• [ED-666] cPanel home file tree collection causes the backup job to freeze due to namespaces' conflicts and also when accounts without web hosting are present on the system

Version 1.6.7 HF1

Fixed issues

• [ED-663] Backup fails if MySQL freeze is disabled in the pre-data capture scripts

Version 1.6.7

What's new

• cPanel metadata in the backup archive now includes the cPanel home file tree for faster recovery point browsing

Version 1.6.6

Fixed issues

• [CI-16308] cPanel accounts self-service permission misconfiguration

Version 1.6.5 HF2

Fixed issues

• [CI-15903] Plugin installation fails on cPanel v94
• [CI-15904] Plugin registration check fails if there are 100+ machines registered under a single tenant

Version 1.6.5 HF1

Fixed issues

• [CI-15750] Plugin installation and update fails with Jupiter theme

Version 1.6.5

What's new

AlmaLinux Support

Starting from version 1.6.5, the plugin will support the AlmaLinux OS (Electric Cheetah 8.4 and higher). Instances with CentOS 8 converted to AlmaLinux are supported as well.

New configuration options

• New parameters added for the unattended configuration scripts:
  • retention_number_of_backups: this is the number of backups to keep. It allows to enable "by number of backups" retention scheme in the protection plan during initial setup or by updating the existing backup plan.
  • reattempts: number of times the backup task will be re-executed in case of failure
  • reattempt_period: time between reattempts
  • alert_period: number of days without single successful backup, after which the "No successful backups for a specified number of consecutive days" alert will be triggered.

Known issues and limitations

• Cannot enable protection for Virtuozzo containers running AlmaLinux through the plugin. To resolve this, please follow the instructions, provided at https://kb.acronis.com/content/69769.

Version 1.6.4

What's new

Self-service feature management for cPanel and cPanel Reseller accounts