Featured post

ConfigServer scripts on cPanel v11.56

cPanel are upgrading the embedded version of perl on cPanel v11.56 (v56) from perl v5.14 to v5.22, which is a good thing. However, any daemons running under the cPanel embedded version of perl must be restarted after cPanel upgrades otherwise they will start to fail with obscure messages.

To avoid this, you should ensure that any such daemon processes are restarted soon after the upgrade to cPanel v11.56. In the case of ConfigServer products, this means: lfd, cxs and MailScanner.

Fortunately, if you are running csf/lfd on your server then lfd automatically does this for you (for lfd, cxs and MailScanner) whenever upcp runs and upgrades the cPanel version, so you should not need to do anything.

However, if you do have problems or you do not run csf/lfd but do use MailScanner or cxs, then you will need to restart those services manually once your installation of cPanel upgrades to this new release.

New csf v8.22


  • Fix csf –tempdeny from allowing blocking of local IPs
  • Fix problem where LF_NETBLOCK was no longer affective after blocking a its first netblock until it timed out from csf.tempip
  • Modify UI table spacing

New cxs v6.05


  • Added version detection for Drupal v8
  • Added PureFTPd integration Enable/Disable/Restart options to cxs UI
  • Added ModSecurity integration Install/Remove options to cxs UI
  • Mute perl lc UTF-16 warnings where necessary
  • New –options [U]. This option will match PHP scripts that allow uploading files to the server via the HTTP POST method. This option requires that –options [m] is also specified
  • Added –options [U] to the Restricted Mode UI options
  • UI updates and improvements
  • Exploit fingerprint definitions database additions

New csf v8.20


  • Modify Relay Alert email to specify “localhost” rather than “Local Account” when localhost IPv6 address detected as it currently does for IPv4 localhost
  • Improvement to lfd restart routine for MailScanner and pure-ftpd when cPanel upgrades on RHEL/CentOS/CloudLinux v7+ servers

New csf v8.17


  • Fixed 12 month statistics pie chart rendering
  • Increased default value and sanity range for PT_USERMEM
  • Modified SMTP_BLOCK to use iptables multiport
  • Added new feature: SMTP_REDIRECT. This redirects non-authorised outbound SMTP connections to the local SMTP server
  • Ensure LF_PERMBLOCK IP’s are removed from csf.tempip when rotating csf.deny after reaching DENY_IP_LIMIT
  • Remove stale csf.tempip entries on lfd startup
  • Added IPv6 support to RT_LOCALHOSTRELAY tracking
  • Update binary locations for new installations on DirectAdmin Debian
  • Improved fix for detection of ip6tables nat chains
  • Added UI Firewall Configuration On/Off buttons
  • Added UI Firewall Configuration dropdowns for some value ranges
  • Updated UI restricted list
  • Updated sanity checks
  • Various UI updates and modifications
  • Added a warning when using mod_cloudflare to Server Check Report

csf no longer processing LF_SCRIPT_ALERT

Due to the changes by exim caused by CVE-2016-1531, exim no longer reports the script location that it was initiated from. This now means that LF_SCRIPT_* will no longer function.

EDIT: We have just be informed by cPanel that they have developed a workaround that will be released imminently for EXIM that should restore the functionality. Yay!