[comment]: # ({1ea3e2c5-1ea3e2c5}) # 11 What's new in Zabbix 5.0.6 [comment]: # ({/1ea3e2c5-1ea3e2c5}) [comment]: # ({e9c07864-e9c07864}) #### Disabled autocomplete attribute for sensitive fields To avoid potential exposure of data, the autocomplete attribute is now turned off for many fields containing sensitive information, such as a user's password for logging into Zabbix, pre-shared keys (PSK), usernames and passwords used for data collection by various items and hosts, SNMPv3 authentication and privacy passphrases, passwords for media types; SSL key password and HTTP proxy fields used in web scenarios and HTTP items; usernames, passwords and key passphrases in remote commands. This setting shall prevent most browsers from using autocompletion in the affected fields. [comment]: # ({/e9c07864-e9c07864}) [comment]: # ({9c2e254c-9c2e254c}) #### Systemd discovery based on unit state [Zabbix agent 2](/manual/config/items/itemtypes/zabbix_agent/zabbix_agent2) item **systemd.unit.discovery** now also returns the current enablement status of unit files under the {\#UNIT.UNITFILESTATE} [low-level discovery macro](/manual/config/macros/lld_macros). As a use case example, these data may be used in the discovery rule filter to filter out all disabled systemd units and discover only enabled ones. [comment]: # ({/9c2e254c-9c2e254c}) [comment]: # ({d57c485b-d57c485b}) #### iTop webhook integration A new integration is available allowing to use the [webhook](/manual/config/notifications/media/webhook) media type for pushing Zabbix notifications to [iTop](https://git.zabbix.com/projects/ZBX/repos/zabbix/browse/templates/media/itop). [comment]: # ({/d57c485b-d57c485b}) [comment]: # ({07188e22-07188e22}) #### New templates The following templates are now available for out-of-the-box monitoring: [comment]: # ({/07188e22-07188e22}) [comment]: # ({7cf47249-7cf47249}) ##### Apache projects - *Apache Cassandra by JMX* - see [setup instructions](/manual/config/templates_out_of_the_box/jmx) for JMX templates; - *Apache Kafka by JMX* - - see [setup instructions](/manual/config/templates_out_of_the_box/jmx) for JMX templates; - *Hadoop by HTTP* - see [setup instructions](/manual/config/templates_out_of_the_box/http) for HTTP templates; - *ZooKeeper by HTTP* - see [setup instructions](/manual/config/templates_out_of_the_box/http) for HTTP templates. [comment]: # ({/7cf47249-7cf47249}) [comment]: # ({86affff5-86affff5}) ##### Morningstar - *Morningstar ProStar MPPT SNMP* - monitoring of Prostar MPPT solar charge controller via SNMP; - *Morningstar ProStar PWM SNMP* - monitoring of ProStar pulse width modulation (PWM) solar charge controller via SNMP; - *Morningstar SunSaver MPPT SNMP* - monitoring of SunSaver MPPT solar charge controller via SNMP; - *Morningstar SureSine SNMP* - monitoring of SureSine pure sine wave inverter via SNMP; - *Morningstar TriStar MPPT 600V SNMP* - monitoring of TriStar MPPT 600V solar charge controller via SNMP; - *Morningstar TriStar MPPT SNMP* - monitoring of TriStar MPPT solar charge controller via SNMP; - *Morningstar TriStar PWM SNMP* - monitoring of TriStar PWM solar charge controller via SNMP. These templates are specifically designed for monitoring Morningstar devices; a step-by-step [User guide](https://git.zabbix.com/projects/ZBX/repos/zabbix/browse/templates/net/morningstar_snmp/README.MD) to setting up Zabbix monitoring of the Morningstar products is also available. You can get new templates: - In *Configuration* → *Templates* in new installations; - If you are upgrading from previous versions, you can download new templates from Zabbix [Git repository](https://git.zabbix.com/projects/ZBX/repos/zabbix/browse/templates) or find them in the `templates` directory of the downloaded latest Zabbix version. Then, while in *Configuration* → *Templates* you can import them manually into Zabbix. [comment]: # ({/86affff5-86affff5}) [comment]: # ({23405b93-23405b93}) #### Protection against user enumeration attacks To make sure an attacker may not guess valid user names because temporary account blocking after consecutive failed login attempts is only applied to existing user names, the account blocking is now also enforced if non-existing user names are used. To further obscure the possibility of such attacks, a unified generic message is now displayed for all problems related to incorrect login: Incorrect user name or password or account is temporarily blocked. [comment]: # ({/23405b93-23405b93})