11.46 FrontPage® Update Blocker


Background Information

Microsoft® deprecated the FrontPage® extensions for Linux in 2006. Since this time, the FrontPage® extensions have received no security support.

cPanel & WHM continued to install Microsoft FrontPage extensions by default until February, 2014. At that time, FrontPage was removed from EasyApache. In August, 2014 with the cPanel & WHM version 11.44 release, cPanel provided tools for removing the FrontPage® extensions and announced that FrontPage would no longer be supported in future releases.

The cPanel & WHM version 11.46 release is the first where all FrontPage functionality has been removed. To ensure that this change does not interrupt service for end users, upgrades to cPanel & WHM version 11.46 are blocked when the FrontPage extensions are still installed. They must be removed before an update to cPanel & WHM version 11.46 is allowed.

Impact

Customers that do not remove Microsoft FrontPage extensions from their servers will continue to run the cPanel & WHM version 11.44 release of cPanel & WHM. All major releases of cPanel & WHM receive one year of security support once the next major release is issued. Customers that do not remove the FrontPage® extensions during this timeframe will cease to receive updates to their server.

The usage of FrontPage extensions is limited. Microsoft ended client support in April 2014 with FrontPage 2003.

How to determine if your server is affected

You can determine if the FrontPage extensions are installed on cPanel & WHM version 11.44 and earlier by running the following command:

if [ -e /usr/local/frontpage/version5.0/bin/owsadm.exe ] ; then echo "Frontpage installed"; else echo "Frontpage not installed"; fi

You can get a list of the specific cPanel accounts on your server that have used the FrontPage extensions in the past by running the following command:

find /home/ -wholename '/_vti_cnf/' -type f | grep -E -v 'htaccess|virtfs' | cut -d '/' -f 3 | sort | uniq
Note:
If you have different, or multiple /home partitions you will want to replace /home/ noted in the above command with any different or additional home partitions

Resolution

If your system has no users that appear to be using the FrontPage extensions, you can remove them by running the below command via command line as root:

/scripts/unsetupfp4 --all

If there are users on the system that have used the FrontPage® extensions recently, cPanel recommends you contact them and migrate to WebDAV instead.

For Microsoft FrontPage, this can be done by the recommended article:

http://www.iis.net/learn/publish/using-webdav/how-to-migrate-fpse-sites-to-webdav

Automatic unused FrontPage installation removal

To help our customers stay on the most up-to-date version of cPanel & WHM, version 11.44.2.3 introduces an automatic removal system that automatically removes unused Microsoft FrontPage installations. This system should resolve blocker issues for most cPanel & WHM servers that this blocker affected.

We released this build on January 12, 2015.

Important:
This process will only affect servers that do not use the Microsoft FrontPage installation.

If, when you upgrade to cPanel & WHM version 11.44.2.3, the cPanel & WHM upgrade process determines that FrontPage is installed on your server, it invokes the FrontPage automatic removal feature. This feature determines whether the FrontPage installation is in active use.

To determine whether a Microsoft FrontPage installation is in use on a cPanel & WHM server, the system calls the/scripts/unsetupfp4 script with the --only-if-unused flag.

This causes the script to run the following checks:

  1. The system will check whether the frontpage-2002-SR1.2 RPM is installed on the server.

  2. The system will check any *.cnf files in the /usr/local/frontpage/ directory, to determine which domains on the server currently use FrontPage.

  3. The system will check whether the /var/cpanel/dynamicui/fp file exists. (If this file exists, FrontPage is already disabled.)

If the system determines that any of the server’s domains use FrontPage, the upgrade process remains blocked and no change occurs. System administrators can use the following command to manually remove FrontPage from these servers:

/scripts/unsetupfp4 --all

If the system determines that none of the server’s domains use FrontPage, it uninstalls FrontPage from the system and performs the following actions to clean the system of FrontPage-related data:

  • The system uninstalls and removes the FrontPage RPM.

  • The system removes the FrontPage ACL from all of the server’s ACL lists. This includes the reseller ACL lists in the /var/cpanel/resellers/ directory.

  • The system removes FrontPage options from all hosting plan (package) configurations.

  • The system removes FrontPage options from all feature lists.

  • The system deletes the /usr/local/frontpage/ directory and its contents.

  • The system removes the FrontPage related features from the WHM and cPanel user interfaces.

  • The system deletes any FrontPage-related information in the httpd.conf file.

  • The system deletes the _vti_* and _private directories, and their contents, from every user’s www directory.

  • The system removes all FrontPage-related directives from all of the server’s .htaccess files.

  • If the system’s Apache configuration includes an installation of the mod_frontpage opt mod, a notification will display.

After Microsoft FrontPage is uninstalled and its files are removed, the system’s FrontPage upgrade blocker will no longer block the upgrade to cPanel & WHM version 11.46.