NethServer 7.5 RC1 released

I'm excited to announce that NethServer 7.5 RC1 as been released and is publicly available.

We’re confident that it will be as always a great release and it will achieve our mission: making sysadmin’s life easier with Open Source. This is thanks to the most vibrant, supportive and friendly community in the Open Source space (and not only Open Source).

About NethServer

NethServer is an Open Source operating system for the Linux enthusiast, designed for small offices and medium enterprises. It’s simple, secure and flexible.

NethServer is ready to deliver your messages, to protect your network with the built-in firewall, share your files and much more, everything on the same system.

Release highlights

Many new features were added since the last NethServer ISO was released, they are all available today with NethServer 7.5 RC! Let’s see the most important improvements:


The NethServer Subscription by Nethesis enables exclusive access to the Stable Updates repository, monitoring tools and immediate professional support services for your NethServer deployments.

The NethServer subscription module is available by default in new installations

ba9c205e644e08a5fca8fabed19091aae4b32cb4_1_443x500 png  443×500


A new email server and filter alternative based on Rspamd has been released and is now available from software center. What’s new? New antispam engine, DKIM signature, Greylist threshold, Rspamd web UI.

rspamd screenshot

OpenDKIM signature for outbound messages

Signing outbound mail messages with a DKIM key increases the trust of other mail servers with ours! It is now available from Email > Domains page


Software center configuration and system upgrade panels

We have deployed a new panel to manage the Software center. It allows to select how NethServer deals with upstream updates and configures automatic software updates


The “Locked” policy is selected automatically when CentOS releases a new minor version. It limits updates to repositories specific to the current version When NethServer is ready to upgrade, the new upgrade procedure can be started:

The Software center section of the Admin’s manual was updated accordingly. Read it carefully!

Icaro Hotspot

Hotspot main goal is to provide internet connectivity via wi-fi to casual users. Users are sent to a captive portal from which they can access the network by authenticating themselves via social login, sms or email. Icaro is a complete Hotspot written in Go and Vue.js. It uses CoovaChilli as access controller which can be configured and installed inside NethServer.

Fail2Ban is now part of the core

Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs – too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc). Fail2Ban is able to reduce the rate of incorrect authentications attempts however it cannot eliminate the risk that weak authentication presents.

Backup data: include log files

The user is now able to add system log files inside the data backup. This behavior is useful when the sysadmin must complain to strict rules about log retention policy GDPR

NextCloud 13.02

Latest version is now integrated in NethServer. Some improvements have been added to improve performance and security: new php 7.1 version, "Strict-Transport-Security” HTTP header, opcache and others…


Open source, private cloud, Slack-alternative is now included in NethServer.
Workplace messaging for web, PCs and phones. Increase productivity while reducing shadow IT with a secure, configurable, scalable enterprise messaging solution on an open source platform.

NethServer HotSync

NethServer HotSync aims to reduce downtime in case of failure. Normally users are able to start working again with data from the night before failure after a few hours/days. Using hotsync, time 1 and 3 are 0, 2 is 5 minutes (time to activate spare server). Users are able to start working again in few minutes, using data from a few minutes before the crash.

Improved Quality of Service (QoS)

We improved current QoS implementation for better incoming and outgoing bandwidth control.
You’re able to limit and reserve the bandwith for specific host or protocol, examples:

  • 1Mb/s reserved for SIP protocol
  • 10Mb/s maximum speed for HTTP downloads


Wildcard DNS record

This is a new DNS override rule that matches the given host name (domain) and any sub-domain of it.


Manage TLS Security

TLS security can be hardened easily with the new policy selector


Each policy is described in detail in the Admin’s manual: TLS policy.

Windows File server page

Essential shared folder priviliges are now manageable via the web interface.


And so much more

These are just the major highlights in 7.5 RC1— there are literally hundreds of other tiny improvements, refinements, and bugfixes that we aren’t covering here like:

  • MX DNS record override for LAN hosts has been removed. Removed postfix/MxRecordStatus prop
  • Host name aliases are converted into hosts DB records. See Additional host name aliases
  • /etc/fstab is no longer an expanded template. See Requirements and User home directories for details
  • Default Server Manager session idle timeout is 60 minutes, session life time is 8 hours
  • The WebVirtMgr project is no longer maintained and the corresponding module has been removed along with nethserver-libvirt package.

What does the RC release mean?

A release candidate (RC) is a testing version with potential to be a final product, which is ready to release unless significant bugs emerge. RC releases can be used in production, especially if new features are not used on mission critical systems. Upgrades to the final release will be supported

Feature freeze phase

This release is already in a core feature freeze phase, all work on adding new core features is suspended, shifting the effort towards fixing bugs and improving the stability and user experience.

This RC1 release contains all the exciting features of NethServer 7.5 in a form that anyone can help test. This testing, guided by the NethServer team, helps us target and identify bugs.

Future release

No new modules will be added or modified before the final release, we invite to stay tuned with our community for fresh news and updates about the forthcoming Stable Release

Thank the overall NethServer community

As usual, we’d like to first thank the overall NethServer community for contributions toward these improvements — whether it was in feedback, bug reports and suggestions or our personal favorite, feedback based on participation in your very own NethServer community.

Download and Test

We need your help to make NethServer 7.5 the best release yet, so please take some time to download and try out the Beta1 and make sure the things that are important to you are working.

  • You can install it on a virtual machine or on a bare-metal server using a DVD or USB stick
  • Upgrade from Beta1 is supported through the Software center

If you find a bug, please report it replying to this topic - every bug you uncover is a chance to improve the experience for thousands of NethServer users worldwide, also our amazing beta testers team will be called upon to give its support on that!

Together, we can make NethServer rock-solid. We have a culture of coordinating new features and pushing fixes upstream as much as possible, and your feedback will help improve not only NethServer but Linux and free software as a whole.

Ready to check it out? Then head to the docs and download:

NethServer 7.5 RC1 (784MB)


  • md5 82a4357c7fc8f0d9a331975ded7048a8
  • sha1 278f03bd56cba9049ba26ea3cfc34d60a9a04b48




I upgraded my NS7.4 proxy/gateway server to 7.5. Currently checking system journal and reading manual, so far I’m unable to find the [Enable TOS optimizations] and [Reserve bandwidth for VoIP] options

Thank you for your incredible work. Just right now in Friuli at a conference.


I took the jump. Only for my main homeserver and I did make a snapshot before removing the repo lock.
650packages updated and now running a new and shiny NS 7.5 RC!


A post was split to a new topic: FreePBX 14 proxy error

Because both options have been removed before final package release.
The firewall should be able to do a good QoS without any special options.

I removed the section from the manual.
Thank you for pointing it out!


Back on the bleeding (or unstable? :laughing:) edge…

I need to find a solution for my scapegoat to reboot without power-cord-operations…

This is where I love’s a little Cisco router trick for making updates:

  1. Plan your updates and have the commands ready in a text editor.
  2. When you log into the Cisco router, set an automatic restart for x number of minutes time (x being the number of minutes + an extra 2-3 spare minutes).
  3. Run the various commands to update the router config.
    4a) If everything works, save the new configuration and either cancel the router restart or allow the router to restart.
    4b) If the config breaks and you still have access to the router, revert out your changes and start again
    4c) If the config breaks and you loose access to the router, wait for the router to restart and you’re back with the original config

Now the fun past is to get Numbers 2 and 4c working for when things go wrong…:grin:

The magic word: Snapshot :rofl:

To keep things clear: scapegoat (my NethServer installation test) is a crappy Acer Veriton with AMD CPU that don’t seems to handle at best the reboot. I don’t remember the kernel version which started to do the trick (installation started with 7.3) but i don’t think the issue come by CentOS. It’s just crappy hardware, which is silent, powerful and low consumption enough to play with the toy.
It’s expendable.

Maybe in a couple of months i will get in touch with a SFF Optiplex 790, with an i3 CPU. And i will try the death and resurrection of my scapegoat (also known as Backup and Restore…)

1 Like

Installed 7.5 RC at two servers, installation was a little bit tricky, but the systems work without problems now.
At the first server I had a generally update problem, because I tested subscription before. See here:

The second one missed some PHP dependency for dokuwiki. Enable @stephdl -repo for update did the trick:

yum update --enablerepo=stephdl

@dev_team, @alefattorini and all other who did some work for it. Thanks for your great work

Unfortunately I had to revert to the snapshot I did before because Nextcloud was not working any more…I already tried twice…

We have nextcloud installation on our production server and it’s working since beta without problems.

Do you mind to open another thread and report the problem? Please let us know if you’re using a virtualhost or not and what are the errors inside /var/log/http/ directory along with errors from /var/opt/rh/rh-php71/log/php-fpm/error.log.

1 Like

We added serveral fuctions like notes calender and prepared for OnlyOffice- probably that the problem- I´ll report in a new topic…

1 Like

Upgraded a virtualbox 7.4 test server with NextCloud from the software center successfully.

Tried to upgrade a virtualbox 7.4 production server with Nextcloud from the software center… was presented with dc errors… no time to troubleshoot, restored snapshot…
Haven’t dared to try the update with any of my other production servers.
Very short of free time, one of the reasons I haven’t been active here.

Now the production servers are held up for updates because they are still all or nothing upgrades from the gui. It’s time consuming to figure out which security related updates can be applied without triggering a dependency based, full distro upgrade to 7.5.

5 posts were split to a new topic: WebVirtMgr alternatives

Hi to all!

-NethServer: 7.5.1804 final?? :scream::smiley:


A post was merged into an existing topic: WebVirtMgr alternatives

ISO Image download ?