New osm v1.22

Changes:

  • Fixed gid group lookup during cwdcheck
  • Fixed UI typo
  • Improved packet detection for outgoing connections by checking against local IP addresses only. This should improve packet inspection resource load issues on servers with high SMTP network traffic
  • Normalise IPv4 and IPv6 addresses to ensure a match in the network protocol connection lists

New cxs v11.09

Changes:

  • Added official BETA CyberPanel support. While this should now integrate and work on CyberPanel, there may be bugs which should be reported and features either missing or not working correctly. We do not offer free installation on CyberPanel until it is out of BETA (only tested on CentOS v7). Note: Support is ONLY for non-EOL RHEL/CentOS/CloudLinux and CyberPanel v1.9.1+
  • Added alternative path check for systemctl and the cron service for some Debian versions
  • Modified systemd service to cater for RHEL/CentOS v7.7 pidfile symlink check changes

New cxs v11.07

Changes:

  • On DirectAdmin, enabled UI support for OpenLiteSpeed/LiteSpeed configuration
  • Updated –test to include cxscgi configuration on non-cPanel servers
  • Modified install.txt to make it even clearer that the EPEL is needed on most systems for the required perl modules
  • Improved domain document root lookups for Plesk when using –www

New csf v13.07

Changes:

  • Added format requirements for ASN entries in CC_* settings
  • Removed SSHDSPAM exploit check as it’s no longer critically relevant
  • Modifications to support RHEL/CentOS v8
  • Modified systemd service to cater for RHEL/CentOS v7.7 pidfile symlink check changes
  • Fixes and improvements to UI Ajax code
  • Removed legacy bandmin code for cPanel servers and LF_CPANEL_BANDMIN setting
  • Modified default InterWorx csf.conf to set SMTP_ALLOWGROUP appropriately for SMTP_BLOCK

Official cxs InterWorx Support

We’re pleased to announce that our ConfigServer Exploit Scanner application is now fully supported on the InterWorx control panel. This means that installation is now included (see the cxs FAQ for conditions).

cxs exploit scanning:

  • Actively scans all modified files within user accounts using the cxs Watch daemon regardless of how they were uploaded
  • PHP upload scripts (via a ModSecurity hook)
  • Perl upload scripts (via a ModSecurity hook)
  • CGI upload scripts (via a ModSecurity hook)
  • Any other web script type that utilises the HTML form ENCTYPE multipart/form-data (via a ModSecurity hook)

The active scanning of files can help prevent exploitation of an account by malware by deleting or moving suspicious files to quarantine before they become active. It can also prevent the uploading of PHP and perl shell scripts, commonly used to launch more malicious attacks and for sending spam.

cxs also allows you to perform on-demand scanning of files, directories and user accounts for suspected exploits, viruses and suspicious resources (files, directories, symlinks, sockets). You can run scans of existing user data to see if exploits have been uploaded in the past or via methods not covered by the active scanning. It has been tuned for performance and scalability.

More information is available on the product page:

https://www.configserver.com/cp/cxs.html