New csf v7.12

Changes:

  • Reverted PACKET_FILTER rule changes
  • OPEN added as an option to PS_PORTS so that TCP_IN and UDP_IN ports will be ignored by Port Scan Tracking by default, but can be added if desired

 

New csf v7.09

Changes:

  • Set scripts (.pl,.cgi,.php,.sh,.py) in /etc/csf/ to chmod 700
  • Simplified PACKET_FILTER rules for dropping INVALID connection tracking states. This feature now only applies a single rule for incoming INVALID packets
  • DROP_PF_LOGGING enabled by default on new installs
  • INVALID added as an option to PS_PORTS so that PACKET_FILTER logs will be ignored by Port Scan Tracking by default, but can be added if desired
  • Modified ST_ENABLE locking
  • Regex updates to cater for Plesk 12 – thanks to Marcel Evenson
  • Fixed issue with temporary allow/deny comment not being parsed correctly when port * specified

 

New cmc v1.13

Changes:

  • Added support for Concurrent logs stored in the cPanel directory:
    /usr/local/apache/logs/modsec_audit/
  • Added cmc user/domain configuration map

New csf v7.07

Changes:

  • Modified lfd to silently drop ST_ENABLE lock queue entries unless DEBUG is enabled
  • Modified ST_ENABLE logging to append to data file and only truncate when needed