Since the version 1.61.0 of DirectAdmin a jailed shell and jailed cron are supported. This can be achieved with a help of BubbleWrap the unprivileged sandboxing tool. On Linux servers it gives another layer of a security, and restricts users.
At the moment of the publication DirectAdmin can install the following PHP extensions: gmp, ioncube, imagick, imap, opcache, phalcon, suhosin, xmlrpc, zend. The listed extensions can be installed server-wide for all PHP versions.
The directive "disable_functions" allows to disable certain functions. It takes on a comma-delimited list of function names. DirectAdmin uses the directive for security purposes, and here is a way how to customise it.
Why is that a bad idea to use whitelist_domains and whitelist_senders on DirectAdmin servers? Check the article to learn details.
Should you need to install old and unsafe PHP 5.x on FreeBSD 12.x server with DirectAdmin here you can find a short guide on how to achieve it.
The Custombuild script from DirectAdmin can be used to install a phalcon extension for PHP 7+.
If PHP scripts running under an old version of the language fail to connect to SMTP server under Directadmin, and in logs can you see lines containing "TLS error on connection from hostname", here is a possible fix.
DirectAdmin supports an application programming interface (API), which can be used for integration of your products or other 3rd party software with the control panel. Here we list all the possible API commands supported by DA.
Delivery status notifications do not seem to work for us and I want to hide it in RoundCube interface. How can I do it?
Fixing an error which one might face with CustomBuild 2, when running secure_php: Backslash found where operator expected at -e line 1, near "s##disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open,ini_set#disable_functions \"