Merge pull request #1660 from unraid/disable-updatedns

Disable UpdateDNS
2026-01-06 17:49:58 -06:00 · 2024-03-13 09:44:03 -07:00
parent d53598a1fe 69fe39720c
commit 1228a1976a
4 changed files with 20 additions and 388 deletions
--- a/emhttp/languages/en_US/helptext.txt
+++ b/emhttp/languages/en_US/helptext.txt
@@ -1203,7 +1203,7 @@ SSL certificate.  Use this URL to access your server:
 Note that use of a self-signed SSL certificate will generate a browser
 warning.

-Select **Strict** to enable *exclusive* use of an Unraid.net SSL
+Select **Strict** to enable *exclusive* use of a myunraid.net SSL
 certificate for https access (see **Provision** below).  Note that a DNS
 server must be reachable.

@@ -1267,10 +1267,10 @@ To adjust URLs or redirects, see the help text for "Use SSL/TLS".
 :end

 :mgmt_certificate_expiration_help:
-**Provision** may be used to install a *free* Unraid.net SSL Certificate from
+**Provision** may be used to install a *free* myunraid.net SSL Certificate from
 [Let's Encrypt](https://letsencrypt.org/).

-The Unraid.net SSL certificate can be used in two ways.  First,
+The myunraid.net SSL certificate can be used in two ways.  First,
 having the certificate present enables your server to respond to an
 alternate URL of the form:

@@ -1284,24 +1284,20 @@ set to `*.<hash>.myunraid.net` thus validating the https connection.
 You may enable this URL exclusively on your LAN by setting **Use
 SSL/TLS** to **Strict**.

-The second use for an Unraid.net certificate is to enable secure
-remote access available through the My Servers plugin feature.  Note
+The second use for a myunraid.net certificate is to enable secure
+remote access available through the Unraid Connect plugin feature.  Note
 that it is possible to use secure remote access in conjunction with
 insecure local access.

-After an Unraid.net SSL Certificate has been installed, two
-background services are activated while the server is signed in to unraid.net:
-
- *updatedns* - This starts 30 seconds after server reboot has completed and contacts the Lime Technology
-DNS service to register the servers local IP address. Thereafter it wakes up every 10 minutes in case
-the local IP address has changed.
+After a myunraid.net SSL Certificate has been installed, a
+background service is activated:

 - *renewcert* - This starts 60 seconds after server reboot has completed and contacts the Lime Technology
-certificate renewal service to determine if your Unraid.net SSL certificate needs to be renewed.
+certificate renewal service to determine if your myunraid.net SSL certificate needs to be renewed.
 Thereafter it wakes up every 24 hours. If within 30 days of expiration, a new certificate is automatically
 provisioned and downloaded to your server.

-**Delete** may be used to delete the Unraid.net certificate file.
+**Delete** may be used to delete the myunraid.net certificate file.

 **nginx certificate handling details**

@@ -1309,7 +1305,7 @@ nginx makes use of two certificate files stored on the USB flash boot device:<br

 - a self-signed certificate: `config/ssl/certs/<server-name>_unraid_bundle.pem`

- an Unraid.net certificate: `config/ssl/certs/certificate_bundle.pem`
+- a myunraid.net certificate: `config/ssl/certs/certificate_bundle.pem`

 The self-signed SSL certificate file is automatically created when nginx
 starts; and re-created if the server hostname or local TLD is changed.
--- a/emhttp/plugins/dynamix/ManagementAccess.page
+++ b/emhttp/plugins/dynamix/ManagementAccess.page
@@ -5,8 +5,8 @@ Icon="icon-key"
 Tag="expeditedssl"
 ---
 <?PHP
-/* Copyright 2005-2023, Lime Technology
- * Copyright 2012-2023, Bergware International.
+/* Copyright 2005-2024, Lime Technology
+ * Copyright 2012-2024, Bergware International.
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License version 2,
@@ -164,7 +164,6 @@ $cert_time_format   = $display['date'].($display['date']!='%c' ? ', '.str_replac
 $provisionlabel     = $isWildcardCert ? _('Renew') : _('Provision');
 $disabled_provision = $keyfile===false || ($isWildcardCert && $retval_expired===0) || !$addr ? 'disabled' : '';
 $disabled_provision_msg = !$addr ? _('Ensure the primary network card eth0 has an IP address.') : '';
-$disabled_updatedns = $keyfile!==false && $isWildcardCert ? '' : 'disabled';
 $disabled_delete    = $cert2Present && $var['USE_SSL']!='auto' ? '' : 'disabled';
 $disabled_auto      = $isWildcardCert && !$dnsRebindingProtection && $dnsValid ? '' : 'disabled';

@@ -189,23 +188,6 @@ function provisionHandler(event, form) { // provisions and renewals require bein
  if (event.submitter.value === 'Renew') return true; // always allow renewals
 };

-function updateDNS(button) {
-  $(button).prop("disabled", true).html("<i class='fa fa-circle-o-notch fa-spin fa-fw'></i>_(Update DNS)_");
-  var failure = function(data) {
-    var status = data.status;
-    var obj = data.responseJSON;
-    var msg = "_(Sorry, an error occurred updating unraid.net DNS records)_. _(The error is)_: "+obj.error+".";
-    $(button).prop("disabled", false).html("_(Update DNS)_");
-    swal({title:"_(Oops)_",text:msg,type:"error",html:true,confirmButtonText:"_(Ok)_"});
-  };
-  var success = function(data) {
-    $(button).prop("disabled", false).html("_(Update DNS)_");
-    <?$text = _('Your local IP address %s has been updated for unraid.net')?>
-    swal({title:"",text:"<?=sprintf($text,$addr)?>",type:"success",html:true,confirmButtonText:"_(Ok)_"});
-  };
-  $.post("/webGui/include/UpdateDNS.php",success).fail(failure);
-}
-
 function checkPorts(form) {
  var portsInUse = [<?=implode(',',$portsInUse)?>];
  var range = [], list = [], duplicates = [];
@@ -429,7 +411,7 @@ _(CA-signed certificate file)_:

 <?endif;?>
 &nbsp;
-: <button type="submit" name="changePorts" value="Provision" <?=$disabled_provision?>><?=$provisionlabel?></button><button type="submit" name="changePorts" value="Delete" <?=$disabled_delete?> >_(Delete)_</button><!-- <button type="button" onclick="updateDNS(this)" <?=$disabled_updatedns?>>_(Update DNS)_</button> --><?=$disabled_provision_msg?>
+: <button type="submit" name="changePorts" value="Provision" <?=$disabled_provision?>><?=$provisionlabel?></button><button type="submit" name="changePorts" value="Delete" <?=$disabled_delete?> >_(Delete)_</button><?=$disabled_provision_msg?>

 :mgmt_certificate_expiration_help:

--- a/emhttp/plugins/dynamix/include/UpdateDNS.php
+++ b/emhttp/plugins/dynamix/include/UpdateDNS.php
@@ -1,6 +1,6 @@
 <?PHP
-/* Copyright 2005-2023, Lime Technology
- * Copyright 2012-2023, Bergware International.
+/* Copyright 2005-2024, Lime Technology
+ * Copyright 2012-2024, Bergware International.
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License version 2,
@@ -11,354 +11,12 @@
 */
 ?>
 <?
-$docroot ??= ($_SERVER['DOCUMENT_ROOT'] ?: '/usr/local/emhttp');
-require_once "$docroot/webGui/include/Helpers.php";
-
-// add translations
-$_SERVER['REQUEST_URI'] = 'settings';
-require_once "$docroot/webGui/include/Translations.php";
-
-function host_lookup_ip($host) {
-  $result = @dns_get_record($host, DNS_A);
-  $ip = $result ? _var($result[0],'ip') : '';
-  return($ip);
-}
-function rebindDisabled() {
-  global $isLegacyCert;
-  $rebindtesturl = $isLegacyCert ? "rebindtest.unraid.net" : "rebindtest.myunraid.net";
-  // DNS Rebind Protection - this checks the server but clients could still have issues
-  $validResponse = ["192.168.42.42", "fd42"];
-  $response = host_lookup_ip($rebindtesturl);
-  return in_array(explode('::',$response)[0], $validResponse);
-}
-function format_port($port) {
-  return ($port != 80 && $port != 443) ? ':'.$port : '';
-}
-function anonymize_host($host) {
-  global $anon;
-  if ($anon) {
-    $host = preg_replace('/.*\.myunraid\.net/', '*.hash.myunraid.net', $host);
-    $host = preg_replace('/.*\.unraid\.net/', 'hash.unraid.net', $host);
-  }
-  return $host;
-}
-function anonymize_ip($ip) {
-  global $anon;
-  if ($anon && filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE)) {
-    $ip = "[redacted]";
-  }
-  return $ip;
-}
-function generate_internal_host($host, $ip) {
-  if (strpos($host,'.myunraid.net') !== false) {
-    $host = str_replace('*', str_replace('.', '-', $ip), $host);
-  }
-  return $host;
-}
-function generate_external_host($host, $ip) {
-  if (strpos($host,'.myunraid.net') !== false) {
-    $host = str_replace('*', str_replace('.', '-', $ip), $host);
-  } elseif (strpos($host,'.unraid.net') !== false) {
-    $host = "www.".$host;
-  }
-  return $host;
-}
-function verbose_output($httpcode, $result) {
-  global $cli, $verbose, $anon, $plgversion, $post, $var, $isRegistered, $myservers, $reloadNginx, $nginx, $isLegacyCert;
-  global $remoteaccess;
-  global $icon_warn, $icon_ok;
-  if (!$cli || !$verbose) return;
-
-  if ($anon) echo "(Output is anonymized, use '-vv' to see full details)".PHP_EOL;
-  echo "Unraid OS "._var($var,'version','???').((strpos($plgversion, "base-") === false) ? " with My Servers plugin version {$plgversion}" : '').PHP_EOL;
-  echo ($isRegistered) ? "{$icon_ok}Signed in to Unraid.net as {$myservers['remote']['username']}".PHP_EOL : "{$icon_warn}Not signed in to Unraid.net".PHP_EOL ;
-  echo "Use SSL is "._var($nginx,'NGINX_USESSL','No').PHP_EOL;
-  echo (rebindDisabled()) ? "{$icon_ok}Rebind protection is disabled" : "{$icon_warn}Rebind protection is enabled";
-  echo " for ".($isLegacyCert ? "unraid.net" : "myunraid.net").PHP_EOL;
-  if ($post) {
-    $wanip = trim(@file_get_contents("https://wanip4.unraid.net/"));
-    // check the data
-    $certhostname = _var($nginx,'NGINX_CERTNAME');
-    if ($certhostname) {
-      // $certhostname is $nginx['NGINX_CERTNAME'] (certificate_bundle.pem)
-      $certhostip = host_lookup_ip(generate_internal_host($certhostname, _var($post,'internalip')));
-      $certhosterr = ($certhostip != _var($post,'internalip'));
-    }
-    if (_var($post,'internalhostname') != $certhostname) {
-      // $post['internalhostname'] is $nginx['NGINX_LANMDNS'] (no cert, or Server_unraid_bundle.pem) || $nginx['NGINX_CERTNAME'] (certificate_bundle.pem)
-      $internalhostip = host_lookup_ip(generate_internal_host(_var($post,'internalhostname'), _var($post,'internalip')));
-      $internalhosterr = ($internalhostip != _var($post,'internalip'));
-    }
-    if (!empty($post['externalhostname'])) {
-      // $post['externalhostname'] is $nginx['NGINX_CERTNAME'] (certificate_bundle.pem)
-      $externalhostip = host_lookup_ip(generate_external_host($post['externalhostname'], $wanip));
-      $externalhosterr = ($externalhostip != $wanip);
-    }
-    // anonymize data. no caclulations can be done with this data beyond this point.
-    if ($anon) {
-      if (!empty($certhostip)) $certhostip = anonymize_ip($certhostip);
-      if (!empty($certhostname)) $certhostname = anonymize_host($certhostname);
-      if (!empty($internalhostip)) $internalhostip = anonymize_ip($internalhostip);
-      if (!empty($externalhostip)) $externalhostip = anonymize_ip($externalhostip);
-      if (!empty($wanip)) $wanip = anonymize_ip($wanip);
-      if (!empty($post['internalip'])) $post['internalip'] = anonymize_ip($post['internalip']);
-      if (!empty($post['internalhostname'])) $post['internalhostname'] = anonymize_host($post['internalhostname']);
-      if (!empty($post['externalhostname'])) $post['externalhostname'] = anonymize_host($post['externalhostname']);
-      if (!empty($post['externalport'])) $post['externalport'] = "[redacted]";
-    }
-    // always anonymize the keyfile
-    if (!empty($post['keyfile'])) $post['keyfile'] = "[redacted]";
-    // output notes
-    if (!empty($post['internalprotocol']) && !empty($post['internalhostname']) && !empty($post['internalport'])) {
-      $localurl = $post['internalprotocol']."://".generate_internal_host($post['internalhostname'], _var($post,'internalip')).format_port($post['internalport']);
-      echo 'Local Access url: '.$localurl.PHP_EOL;
-      if ($internalhostip) {
-        // $internalhostip will not be defined for .local domains, ok to skip
-        echo ($internalhosterr) ? $icon_warn : $icon_ok;
-        echo generate_internal_host($post['internalhostname'], _var($post,'internalip'))." resolves to {$internalhostip}";
-        echo ($internalhosterr) ? ", it should resolve to "._var($post,'internalip') : "";
-        echo PHP_EOL;
-      }
-      if ($certhostname) {
-        echo ($certhosterr) ? $icon_warn : $icon_ok;
-        echo generate_internal_host($certhostname, _var($post,'internalip')).' ';
-        echo ($certhostip) ? "resolves to {$certhostip}" : "does not resolve to an IP address";
-        echo ($certhosterr) ? ", it should resolve to "._var($post,'internalip') : "";
-        echo PHP_EOL;
-      }
-      if ($remoteaccess == 'yes' && !empty($post['externalprotocol']) && !empty($post['externalhostname']) && !empty($post['externalport'])) {
-        $remoteurl = $post['externalprotocol']."://".generate_external_host($post['externalhostname'], $wanip).format_port($post['externalport']);
-        echo 'Remote Access url: '.$remoteurl.PHP_EOL;
-        echo ($externalhosterr) ? $icon_warn : $icon_ok;
-        echo generate_external_host($post['externalhostname'], $wanip).' ';
-        echo ($externalhosterr) ? "does not resolve to an IP address" : "resolves to ".($externalhostip??'');
-        echo PHP_EOL;
-      }
-      if ($reloadNginx) {
-        echo "IP address changes were detected, nginx was reloaded".PHP_EOL;
-      }
-    }
-    // output post data
-    echo PHP_EOL.'Request:'.PHP_EOL;
-    echo @json_encode($post, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT) . PHP_EOL;
-  }
-  if ($result) {
-    echo "Response (HTTP $httpcode):".PHP_EOL;
-    $mutatedResult = is_array($result) ? json_encode($result) : $result;
-    echo @json_encode(@json_decode($mutatedResult, true), JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT) . PHP_EOL;
-  }
-}
-/**
- * @name response_complete
- * @param {HTTP Response Status Code} $httpcode https://developer.mozilla.org/en-US/docs/Web/HTTP/Status
- * @param {String|Array} $result - strings are assumed to be encoded JSON. Arrays will be encoded to JSON.
- * @param {String} $cli_success_msg
- */
-function response_complete($httpcode, $result, $cli_success_msg='') {
-  global $cli, $verbose;
-  $mutatedResult = is_array($result) ? json_encode($result) : $result;
-  if ($cli) {
-    if ($verbose) verbose_output($httpcode, $result);
-    $json = @json_decode($mutatedResult,true);
-    if (!empty($json['error'])) {
-      echo 'Error: '.$json['error'].PHP_EOL;
-      exit(1);
-    }
-    exit($cli_success_msg.PHP_EOL);
-  }
-  header('Content-Type: application/json');
-  http_response_code($httpcode);
-  exit((string)$mutatedResult);
-}
-
+// This is a stub, does nothing but return success
 $cli = php_sapi_name()=='cli';
-$verbose = $anon = false;
-if ($cli && ($argc > 1) && $argv[1] == "-v") {
-  $verbose = true;
-  $anon = true;
-}
-if ($cli && ($argc > 1) && $argv[1] == "-vv") {
-  $verbose = true;
-}
-$var = (array)@parse_ini_file('/var/local/emhttp/var.ini');
-$nginx = (array)@parse_ini_file('/var/local/emhttp/nginx.ini');
-$is69 = version_compare(_var($var,'version'),"6.9.9","<");
-$reloadNginx = false;
-$dnserr = false;
-$icon_warn = "⚠️  ";
-$icon_ok = "✅  ";
-
-$myservers_flash_cfg_path='/boot/config/plugins/dynamix.my.servers/myservers.cfg';
-$myservers = (array)@parse_ini_file($myservers_flash_cfg_path,true);
-// ensure some vars are defined here so we don't have to test them later
-if (empty($myservers['remote']['apikey'])) {
-  $myservers['remote']['apikey'] = "";
-}
-if (empty($myservers['remote']['wanaccess'])) {
-  $myservers['remote']['wanaccess'] = "no";
-}
-if (empty($myservers['remote']['wanport'])) {
-  $myservers['remote']['wanport'] = 443;
-}
-// remoteaccess, externalport
 if ($cli) {
-  $remoteaccess = empty($nginx['NGINX_WANFQDN']) ? 'no' : 'yes';
-  $externalport = $myservers['remote']['wanport'];
-} else {
-  $remoteaccess = _var($_POST,'remoteaccess','no');
-  $externalport = intval(_var($_POST,'externalport',443));
-
-  if ($remoteaccess != 'yes') {
-    $remoteaccess = 'no';
-  }
-
-  if ($externalport < 1 || $externalport > 65535) {
-    $externalport = 443;
-  }
-
-  if ($myservers['remote']['wanaccess'] != $remoteaccess) {
-    // update the wanaccess ini value
-    $orig = file_exists($myservers_flash_cfg_path) ? parse_ini_file($myservers_flash_cfg_path,true) : [];
-    if (!$orig) {
-      $orig = ['remote' => $myservers['remote']];
-    }
-    $orig['remote']['wanaccess'] = $remoteaccess;
-    $text = '';
-    foreach ($orig as $section => $block) {
-      $pairs = "";
-      foreach ($block as $key => $value) if (strlen($value)) $pairs .= "$key=\"$value\"\n";
-      if ($pairs) $text .= "[$section]\n".$pairs;
-    }
-    if ($text) file_put_contents($myservers_flash_cfg_path, $text);
-    // need nginx reload
-    $reloadNginx = true;
-  }
+  exit("success".PHP_EOL);
 }
-$isRegistered = !empty($myservers['remote']['username']);
-
-// protocols, hostnames, ports
-$internalprotocol = 'http';
-$internalport = _var($nginx,'NGINX_PORT');
-$internalhostname = _var($nginx,'NGINX_LANMDNS');
-$externalprotocol = 'https';
-// keyserver will expand *.hash.myunraid.net or add www to hash.unraid.net as needed
-$externalhostname = _var($nginx,'NGINX_CERTNAME');
-$isLegacyCert = preg_match('/.*\.unraid\.net$/', _var($nginx,'NGINX_CERTNAME'));
-$isWildcardCert = preg_match('/.*\.myunraid\.net$/', _var($nginx,'NGINX_CERTNAME'));
-$internalip = _var($nginx,'NGINX_LANIP');
-
-if (_var($nginx,'NGINX_USESSL')=='yes') {
-  // When NGINX_USESSL is 'yes' in 6.9, it could be using either Server_unraid_bundle.pem or certificate_bundle.pem
-  // When NGINX_USESSL is 'yes' in 6.10, it is is using Server_unraid_bundle.pem
-  $internalprotocol = 'https';
-  $internalport = _var($nginx,'NGINX_PORTSSL');
-  if ($is69 && _var($nginx,'NGINX_CERTNAME')) {
-    // this is from certificate_bundle.pem
-    $internalhostname = _var($nginx,'NGINX_CERTNAME');  
-  }
-}
-if (_var($nginx,'NGINX_USESSL')=='auto') {
-  // NGINX_USESSL cannot be 'auto' in 6.9, it is either 'yes' or 'no'
-  // When NGINX_USESSL is 'auto' in 6.10, it is using certificate_bundle.pem
-  $internalprotocol = 'https';
-  $internalport = _var($nginx,'NGINX_PORTSSL');
-  // keyserver will expand *.hash.myunraid.net as needed
-  $internalhostname = _var($nginx,'NGINX_CERTNAME');
-}
-
-// My Servers version
-$plgversion = file_exists("/var/log/plugins/dynamix.unraid.net.plg") ? trim(exec('/usr/local/sbin/plugin version /var/log/plugins/dynamix.unraid.net.plg 2>/dev/null'))
-  : (file_exists("/var/log/plugins/dynamix.unraid.net.staging.plg") ? trim(exec('/usr/local/sbin/plugin version /var/log/plugins/dynamix.unraid.net.staging.plg 2>/dev/null'))
-  : 'base-'._var($var,'version'));
-
-// only proceed when when signed in or when legacy unraid.net SSL certificate exists
-if (!$isRegistered && !$isLegacyCert) {
-  response_complete(406, ['error' => _('Nothing to do')]);
-}
-
-// keyfile
-$keyfile = empty($var['regFILE']) ? false : @file_get_contents($var['regFILE']);
-if ($keyfile === false) {
-  response_complete(406, ['error' => _('Registration key required')]);
-}
-$keyfile = @base64_encode($keyfile);
-
-// build post array
-$post = [
-  'keyfile' => $keyfile,
-  'plgversion' => $plgversion
-];
-if ($isLegacyCert) {
-  // sign in not required to maintain local ddns for unraid.net cert
-  // enable local ddns regardless of use_ssl value
-  $post['internalip'] = $internalip;
-  // if host.unraid.net does not resolve to the internalip and DNS Rebind Protection is disabled, disable caching
-  if (host_lookup_ip(generate_internal_host(_var($nginx,'NGINX_CERTNAME'), $post['internalip'])) != $post['internalip'] && rebindDisabled()) $dnserr = true;
-}
-if ($isRegistered) {
-  // if signed in, send data needed to maintain My Servers Dashboard
-  $post['internalhostname'] = $internalhostname;
-  $post['internalport'] = $internalport;
-  $post['internalprotocol'] = $internalprotocol;
-  $post['remoteaccess'] = $remoteaccess;
-  $post['servercomment'] = _var($var,'COMMENT');
-  $post['servername'] = _var($var,'NAME');
-  if ($isWildcardCert) {
-    // keyserver needs the internalip to generate the local access url
-    $post['internalip'] = $internalip;
-  }
-  if ($remoteaccess == 'yes') {
-    // include wanip in the cache file so we can track if it changes
-    $post['_wanip'] = trim(@file_get_contents("https://wanip4.unraid.net/"));
-    $post['externalhostname'] = $externalhostname;
-    $post['externalport'] = $externalport;
-    $post['externalprotocol'] = $externalprotocol;
-    // if wanip.hash.myunraid.net or www.hash.unraid.net does not resolve to the wanip, disable caching
-    if (host_lookup_ip(generate_external_host($post['externalhostname'], $post['_wanip'])) != $post['_wanip']) $dnserr = true;
-  }
-}
-
-// if remoteaccess is enabled in 6.10.0-rc3+ and WANIP has changed since nginx started, reload nginx
-if (_var($post,'_wanip') != _var($nginx,'NGINX_WANIP') && version_compare(_var($var,'version'),"6.10.0-rc2",">")) $reloadNginx = true;
-// if remoteaccess is currently disabled (perhaps because a wanip was not available when nginx was started)
-//    BUT the system is configured to have it enabled AND a wanip is now available
-//    then reload nginx
-if ($remoteaccess == 'no' && _var($nginx,'NGINX_WANACCESS') == 'yes' && !empty(trim(@file_get_contents("https://wanip4.unraid.net/")))) $reloadNginx = true;
-if ($reloadNginx) {
-  exec("/etc/rc.d/rc.nginx reload &>/dev/null");
-}
-
-// maxage is 36 hours
-$maxage = 36*60*60;
-if ($dnserr || $verbose) $maxage = 0;
-$datafile = "/tmp/UpdateDNS.txt";
-$datafiletmp = "/tmp/UpdateDNS.txt.new";
-$dataprev = @file_get_contents($datafile) ?: '';
-$datanew = implode("\n",$post)."\n";
-if ($datanew == $dataprev && (time()-filemtime($datafile) < $maxage)) {
-  response_complete(204, null, _('No change to report'));
-}
-file_put_contents($datafiletmp,$datanew);
-rename($datafiletmp, $datafile);
-
-// do not submit the wanip, it will be captured from the submission if needed for remote access
-unset($post['_wanip']);
-
-// report necessary server details to limetech for DNS updates
-$ch = curl_init('https://keys.lime-technology.com/account/server/register');
-curl_setopt($ch, CURLOPT_POST, 1);
-curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
-curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
-$result = curl_exec($ch);
-$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
-$error = curl_error($ch);
-curl_close($ch);
-
-if ( ($result === false) || ($httpcode != "200") ) {
-  // delete cache file to retry submission on next run
-  @unlink($datafile);
-  response_complete($httpcode ?? "500", ['error' => $error]);
-}
-
-response_complete($httpcode, $result, _('success'));
+header('Content-Type: application/json');
+http_response_code(204);
+exit(0);
 ?>
--- a/etc/rc.d/rc.nginx
+++ b/etc/rc.d/rc.nginx
@@ -686,8 +686,6 @@ nginx_reload(){
    if nginx_check; then
      log "Reloading $DAEMON configuration..."
      kill -HUP $(cat $PID)
-      # update DNS
-      php -f /usr/local/emhttp/webGui/include/UpdateDNS.php
      sleep 3
    else
      log "Invalid configuration, $DAEMON not reloaded"
@@ -705,8 +703,6 @@ nginx_renew(){
  build_ssl
  # start unconditionally
  $NGINX -c $CONF 2>/dev/null
-  # update DNS
-  php -f /usr/local/emhttp/webGui/include/UpdateDNS.php
 }

 nginx_update(){