New cxs v5.07

Changes:

  • Modified new installs to better initially update to the latest fingerprints
  • Ignore and Xtra files can now use an Include statement to include additional files. If cxswatch is running then it will also watch the included files for changes and reload if necessary
  • Added new quarantine option –qignore [method] which used when restoring a file using –qrestore [file] will create an entry in –ignore [file] before restoring the file. See POD for more info
  • Optimised fingerprint database to remove duplicates and old entries of no value reducing the size without reducing effectiveness
  • Exploit fingerprint definitions database additions

New csf v7.56

Changes:

  • Fixed issue with Restricted UI item sanity checks failing
  • Modified LF_CSF on cPanel servers to detect a change in the cPanel version and then trigger a restart of ConfigServer scripts (lfd, MailScanner cxs Watch). Restart triggers are limited to every 12 hours and will only trigger if upcp is not running

cPanel v11.46 and csf/lfd

With the release of cPanel v11.46, changes in the cPanel provided Perl environment may cause errors in lfd with URL retrieval. To resolve the problem all that should be required is a restart of lfd. This can be done either from within the WHM csf UI or from the root shell with:

/etc/init.d/lfd restart

Check /var/log/lfd.log afterwards. This should only occur on time after the initial upgrade into cPanel v11.46.

To pre-empt the issue, you could add the above command to /scripts/postupcp

cPanel v11.46 and MailScanner

With the release of cPanel v11.46, changes in the cPanel provided Perl environment may cause problems with email delivery immediately following the upgrade. To resolve the problem all that should be required is a restart of MailScanner. This can be done either from within the WHM MailScanner UI or from the root shell with:

/etc/init.d/MailScanner restart

Check /var/log/maillog to ensure emails are processing afterwards. This should only occur on time after the initial upgrade into cPanel v11.46.

To pre-empt the issue, you could add the above command to /scripts/postupcp

New csf v7.55

Changes:

  • If LF_SELECT is enabled the port(s) listed in PORTS_* can now be specifed as port;protocol,port;protocol, e.g. “53;udp,53;tcp” to allow for protocol specific port blocks. This port format can also now be used in regex.custom.pm  and csf –td/–ta to allow udp port blocks
  • PORTS_bind now defaults to “53;udp,53;tcp” on new installations
  • PORTS_directadmin added for DA installs to allow for per port blocks if LF_SELECT is enabled
  • Ports 993 and 995 now added to TCP_OUT and TCP6_OUT on new installs
  • LF_IPSET taken out of BETA as it is proving stable
  • Modified Server Check to skip checking xinetd on Plesk servers
  • Modified UI_SSL_VERSION for new installations to use the new IO::Socket::SSL default SSL_version setting of SSLv23:!SSLv3:!SSLv2 so that SSLv3 is disabled
  • If systemd is running the installer disables firewalld using systemctl