v1.24.3 — HTTP/1.1 origin hardening + port-collision & multi-PHP fixes

iNetPanel v1.24.3

Bug-fix release hardening multi-tenant isolation and fixing per-domain PHP switching.

Fixed

• Cross-vhost content contamination. The Cloudflare→Apache origin hop is now pinned to HTTP/1.1 via a managed conf-available/inetpanel-origin.conf (Protocols http/1.1), applied idempotently on update (configtest + safe reload, auto-revert on failure) and by the installer for new installs. This prevents HTTP/2 connection coalescing from ever serving one domain's content (e.g. sitemap.xml) under another. Visitors keep HTTP/2/3 from Cloudflare's edge — only the origin hop changes.
• Port-collision isolation. add_domain now allocates each vhost port atomically (flock) and scans real usage (ports file + live vhosts), refusing to co-locate two domains on one port. Backup restore re-derives unique, free ports server-side instead of trusting client-submitted values.
• Per-domain PHP version switch. Switching a domain's PHP version now runs through a root multiphp_manage --action set_domain action using the correct {user}_{domain} pool naming, and validates the domain first.

Upgrade

• Existing installs apply the hardening and fixes automatically on update; new installs include them in the installer.

Full changelog: v1.24.2...v1.24.3