Server Software and Configuration Services
We are in the process of adding IPv6 connectivity to all of our domains. This has been enabled on www.waytotheweb.com and www.configserver.com so far. Due to the way implementation of IPv6 often works over protocols and applications, connections and requests…
Changes: Fix for temporary denies allowing duplicate IP/Port blocks/allows Speedup csf –grep [ip] when searching IPSET sets. Note: This does mean that partial IP queries will no longer match IPSET entries Added new options LF_IPSET_HASHSIZE and LF_IPSET_MAXELEM to allow for…
Changes: Upgraded MailWatch to v1.2.0
Changes: Added new option PT_SSHDHUNG. Terminate hung SSHD sessions. When under an SSHD login attack, SSHD processes are often left hung after their connecting IP addresses have been blocked. This option will terminate such processes. See csf.conf for more info…
Changes: Modify cPanel install.txt to add the ConfigServer ModSecurity Vendor option Added new advanced PHP decoders Exploit fingerprint definitions database additions
Changes: Added warning on cPanel servers for GreyListing Fixed issue with RedHat/CentOS/CloudLinux v7 where local IPs were not being successfully detected from IFCONFIG
We have created a ModSecurity Vendor that you can now use to import the cxs ModSecurity rules. To use this new feature you need to: 1. Remove the cxs ModSecurity rule block from 2. Use the inbuilt cPanel ModSecurity…
If you are using ModSecurity v2.9 with Apache you will need to add an extra ModSecurity directive to the cxs upload scanning rule for it to function as ModSecurity have changed the way that the @inspectFile function works: SecUploadKeepFiles RelevantOnly…
Changes: Modified documentation to address changes in ModSecurity v2.9 that requires the following is set as part of the ModSecurity config: SecUploadKeepFiles RelevantOnly Exploit fingerprint definitions database additions
Changes: Added options to bulk show/enable/disable GreyListing, if WHM option enabled Added options to show/enable/disable GreyListing per domain, if WHM option enabled