Poweradmin v4.0.5 is now available with 25+ fixes across security, API, DNS management, Docker, and web server configurations.

🛠️ What’s Fixed

🔒 Security Improvements

• Secure Delete Flows: Replaced GET confirmation links with POST forms to prevent CSRF attacks on delete operations

• Debug Output Protection: Properly escape debug output and use modern cryptographic functions

• Docker Security: Updated base packages to resolve security vulnerabilities

🌐 API & Core System

• API Crash Prevention: Fixed crash when PowerDNS API returns zone errors

• HTTP 204 Compliance: Return empty body for HTTP 204 responses per RFC 7231

• PHP 8.1 Compatibility: Removed PHP 8.3+ #[Override]attributes that broke older PHP versions

• Router Fix: Prevent page parameter collision with API pagination

• PostgreSQL Sequences: Sync sequences after explicit ID inserts (#942)

🌍 DNS Management

• HTML in TXT Records: Allow HTML characters in TXT records (#953)

• IDN Validation: Validate empty strings in IDN conversion

• Zone Templates: Fixed TypeError when zone_templ_id is NULL in PostgreSQL (#935)

• Record Ordering: Add table prefix to ORDER BY clause (#919)

• Template Lookup: Use domain_id for zone list lookup (#945)

🔒 DNSSEC

• Reverse Zone Detection: Add missing is_reverse_zonevariable to DNSSEC controllers

🐳 Docker & Infrastructure

• FrankenPHP Update: Upgraded to 1.10-php8.4-alpine base image (#877)

• Health Checks: Improved container health check and database initialization

• Admin User Creation: Fixed admin user insert capture before case statement ends

• PostgreSQL Config: Updated packages and removed baked-in config

🔧 Web Server Configuration

• API Routes: Added proper API routes and 204 response handling in Caddy/nginx configs

📧 Email & SMTP

• TLS/STARTTLS: Corrected connection handling for mail delivery (#861)

📦 Installation & Forms

• XML Extension Check: Added missing xml extension check in requirements step

• DNSSEC Default: Make DNSSEC opt-in instead of enabled by default

• Theme Fallback: Gracefully handle removed legacy themes (#899)

📊 Database Migration Required

This release includes database schema updates. Run the appropriate script for your database before upgrading:

# MySQL/MariaDB
mysql -u root -p powerdns < sql/poweradmin-mysql-update-to-4.0.5.sql

# PostgreSQL
psql -U postgres -d powerdns -f sql/poweradmin-pgsql-update-to-4.0.5.sql

# SQLite
sqlite3 /path/to/pdns.db < sql/poweradmin-sqlite-update-to-4.0.5.sql

The migration adds a primary key to the records_zone_templtable, required for MySQL InnoDB Cluster compatibility (#906).

📦 Upgrade Steps

1. Back up your database and configuration

2. Run the database migration script for your database type

3. Download and extract the new version

4. Copy your config/settings.php to the new installation

5. Verify web server configuration (especially if using Caddy)

🧪 Quality Assurance

This release has been thoroughly tested with 3,900 E2E tests across all three supported databases (MySQL, PostgreSQL, SQLite), ensuring stability and reliability.

🚀 What’s Next: v4.1.0

The 4.0.x branch will keep getting maintenance updates and critical fixes, but my main focus now shifts to v4.1.0. Here’s what’s coming:

• Modernized routing system with Symfony Router and API v2

• SAML Authentication with automatic user provisioning (#789)

• Generic OIDC Support for Authentik, Keycloak, and Okta (#918)

• Forgot Username feature (#578)

• Interactive DNS Wizards for DKIM, SPF, and DMARC records (#685)

• Separate Zone Deletion Permission from edit permissions (#97)

• Symfony Mailer replaces custom SMTP implementation (#774)

• Immutable Container Deployments support (#939)

I expect about a month to stabilize the release, finalize UI changes, and finish testing. Thanks for your patience!

🙏 Thank you to everyone who reported issues and contributed to this release!

Download: GitHub Releases

Documentation: docs.poweradmin.org

Docker: docker pull poweradmin/poweradmin:4.0.5