Server Software and Configuration Services
Changes: Modified INPUT and OUTPUT chain rules to always specify the ethernet device csf now re-applies temporary IP blocks on restart Added new CLI command to add temporary IP bans. See csf -h for the new csf -td command Added…
Changes: Fixed missing copy for the portscan.txt report for generic installations Added new option PS_EMAIL_ALERT to enable/disable Port Scan Tracking email alerts Added a sample of the port blocks that trigger the Port Scan to the report. This new report…
Changes: Modified Port Scan Tracking to ignore blocked IP addresses incase DROP_IP_LOGGING is enabled
Changes: Added Apache Server Status report to PT_LOAD for load average report monitoring. To benefit from this feature you will need to rename the new report file to loadalert.txt. The reports (ps, vmstat and apache) are now included as…
Changes: Added System Exploit Checking. This enables lfd to check for the Random JS Toolkit and may check for others in the future: compares md5sums of the binaries listed in the exploit above for changes and also attempts to create…
Changes: Added perl regex checking to csf.pignore with the new options puser, pexe and pcmd. Text added to csf.pignore for new installations: # Or, perl regular expression matching (regex):## pexe:/full/path/to/file as a perl regex[*]# puser:username as a perl regex[*]# pcmd:command…
Changes: Added two new options ICMP_IN_RATE and ICMP_OUT_RATE which allow you to set the incoming and outgoing ICMP rate limits independently, or to disable rate limiting in either direction completely for ICMP packets
Changes: Modified LF_DIRWATCH_FILE to use the output from “ls -lAR” instead of
If you’re still using our old exim_deny dictionary attack solution in cPanel you should stop doing so and exclusively use the one provided by cPanel in cPanel v11. An exploit vector has been found and published for our old method:,…
On servers that are running the perl modules that are a part of PathTools, MailScanner breaks with the recently released v3.26. If you’re suffering from this issue you’ll see MailScanner continually restarting. If you run MailScanner in –debug you’ll see…