New cxs v11.04

Posted on by Chirpy

Changes:

  • Moved cxs in InterWorx to the Advanced section in Plugins UI
  • Improved system binary location checks
  • Deprecated pure-ftpd integration. The system provided for by pure-ftpd introduces excessive performance limitations and is of limited use compared to using cxs watch
  • Added cxs information option to UI for support purposes (it runs cxs –test)

New csf v13.06

Posted on by Chirpy

Changes:

  • Removed debugging code from log file globbing routine
  • Fixed reseller UI HTML text for each supported control panel
  • Replaced the need in InterWorx for a custom Firewall.php with a preAction to intercept calls instead
  • Moved csf in InterWorx to the Advanced section in Plugins UI
  • Updated the InterWorx plugin.ini information to be more descriptive

New cxs v11.03

Posted on by Chirpy

Changes:

  • Modified Plesk Onyx installation to check for supported OS and Plesk version for UI extension. If you want to disable installation of the Plesk UI extension, you can create a touch file as: /etc/cxs/cxs.disableui
  • Improvements to PHP string decoding
  • Updated control panel dependent install.txt files
  • Improvements to submitting exploits using –wttw (version check)

New csf v13.05

Posted on by Chirpy

Changes:

  • Added official CentOS Web Panel (CWP) integration and CWP panel specific configuration. See /etc/csf/readme.txt for more information (only tested on CentOS v7)
  • Added official VestaCP integration and VestaCP specific configuration (only tested on CentOS v7)
  • Additional entries to csf.pignore for new DirectAdmin installations
  • Corrected DirectAdmin UI link text
  • Fixed UI presentation HTML
  • Fixed vsftpd regex for single character date of the month
  • Modified Debian installation to detect ip(6)tables-legacy and use update-alternatives to switch to using them
  • Modified InterWorx installation to not use chattr on /etc/apf/apf stub which was preventing apf upgrading. The lfd daemon will now reapply the stub if needed
  • Modified Server Check on DA to get case-insensitive config from the binary rather than the directadmin.conf file
  • Modified csf warning text on cPanel DNSONLY servers regarding the smtpgidonlytweak to disable it from CLI as it is not currently possible from the DNSONLY WHM UI

New cxs v11.02

Posted on by Chirpy

Changes:

  • Added official BETA Plesk support. While this should now integrate and work on Plesk, there may be bugs which should be reported and features either missing or not working correctly. We do not offer free installation on Plesk until it is out of BETA (only tested on CentOS v7). Note: Support is ONLY for non-EOL RHEL/CentOS/CloudLinux and Plesk Onyx v17.8.10+
  • Added official BETA VestaCP support. While this should now integrate and work on VestaCP, there may be bugs which should be reported and features either missing or not working correctly. We do not offer free installation on VestaCP until it is out of BETA (only tested on CentOS v7). Note: Support is ONLY for non-EOL RHEL/CentOS/CloudLinux and VestaCP v0.9.8+
  • Added official BETA CentOS Web Panel (CWP) support. While this should now integrate and work on CWP, there may be bugs which should be reported and features either missing or not working correctly. We do not offer free installation on CWP until it is out of BETA (only tested on CentOS v7). Note: Support is ONLY for non-EOL RHEL/CentOS/CloudLinux and CWP v0.9.8+
  • Improvements to Universal Decoder
  • Improvements to InterWorx and DirectAdmin BETA integration

New csf v13.04

Posted on by Chirpy

Changes:

  • Fixed issue with ConfigServer::CheckIP generating incorrect IPv6 addresses during validation using Net::CIDR::Lite
  • Added UI entry for editing csf.reseller for DirectAdmin and InterWorx

IPv6 issues with exim and SMTPAUTH_RESTRICT/CC_ALLOW_SMTPAUTH [Fixed in v13.04]

Posted on by Chirpy

We have identified an issue with exim rejecting what are valid IPv6 representations in the generated /etc/exim.smtpauth file. This problem manifests with errors in /var/log/exim_paniclog (on cPanel) as:

2019-07-18 08:00:22 Internal error: invalid IPv6 address "2001:470:1f0b:a9:9dc3:6ed8:e840::/106" passed to host_aton()

This innocuous error actual causes exim to defer (error 421) all email originating from IPv6 sources. This prevents its delivery inbound.

While we look into mitigating the issue exim has with the generated IPv6 CIDRs we would suggest disabling  SMTPAUTH_RESTRICT/CC_ALLOW_SMTPAUTH and removing the exim.conf line used to refer to it (see csf docs).

This issue has now been fixed in csf v13.04.

New cxs v11.01

Posted on by Chirpy

Changes:

  • Improved UI display in DirectAdmin
  • Added alternative clamd location to UI for DirectAdmin
  • Added ModSecurity hook configuration to UI for DirectAdmin
  • Updated POD to reflect support for DirectAdmin and InterWorx
  • Created cronjob to check for new product versions for the UI (/etc/cron.daily/csget). A manual check is still available if needed. This does not affect the daily upgrade check if enabled
  • Fixed PATH issue in DirectAdmin installer when used from within the UI to upgrade