New csf v2.13

Some additions:

  • Added cPanel version check to Security Check
  • Added suspicious symlink checking to LF_DIRWATCH
  • Added a Display All Comments to Security Check
  • Added hyperlinks to WHM URLs in Security Check comments
  • Fixed the Apache Limits comments of the Security Check
  • Added shell limit checks to Security Check
  • Added Background Process Killer to Security Check

New MailScanner Script v2.42


  • New version of MailScanner v4.55.10
  • Set “Find Phishing Fraud = no” on new installations – the feature can add excessive load to a server

If you want to disable this for existing installations, the quickest way would be to:

replace “Find Phishing Fraud = yes” “Find Phishing Fraud = no” — /usr/mailscanner/etc/MailScanner.confservice MailScanner reload

New csf v2.02

Some bugfixes and changes to LF_DIRWATCH:

  • In LF_DIRWATCH, allow wildcard matching at the end of a file name in csf.fignore, such that /tmp/clamav* will ignore any files starting with /tmp/clamav, e.g. /tmp/clamav-1234
  • Added a throttle to LF_DIRWATCH – if more than 10 emails are being emailed in one pass, LF_DIRWATCH will create the file /etc/csf/csf.dwdisable and then disable itself. To get it watching again, either restart lfd or delete that file
  • Fixed a bug where LF_DIRWATCH always reported the same file when different files had been detected in a pass

New csf v2.00

Brand new feature:

  • New feature: Directory Watching. LF_DIRWATCH enables lfd to check /tmp and /dev/shm and other pertinent directories for suspicious files, i.e. script exploits. These can optionally be moved into a tarball
  • Directory Watching false-positives can be listed in csf.fignore which is accessible from the WHM UI

New csf v1.98

New version with a nice new feature for those with multiple NICs:

  • Modified code to allow for multiple ethernet NICs so that all rules are applied to all NICs, for example, if you have IP’s spread over eth0 and eth1. To do this you have to set ETH_DEVICE = “eth+”