General

New cxs v6.13

Changes:

  • Fixed some incorrect file locks
  • Removed Bareword file handles

New csf v9.07

Changes:

  • Fixed removal of complex allow and deny rules
  • Fixed IPv6 implementation of CC_ALLOW_PORTS_* and CC_DENY_PORTS_*
  • Fixed file upload in cse via the integrated UI
  • Fixed “csf –cfile [file]”
  • Removed setting: OLD_REAPER
  • Localised SIGNALs
  • Localised uid and gid change in MESSENGER
  • Removed Bareword file handles
  • Where ip6tables <= v1.3.5 and IPV6 is enabled, disable USE_CONNTRACK if enabled as ip6tables does not support the conntrack module in older versions. This will force the use of the state module instead

New cxs v6.11

Changes:

  • Ensure all file opens are properly flocked
  • Switch to using require instead of eval/use to load runtime modules where possible
  • Code review – started addressing perl critic suggestions in all scripts and modules
  • Fixed incorrect –summary when subdomains outside of public_html while using –www
  • Memory and CPU optimisations
  • PHP script decoding up to 15% faster
  • PHP fingerprint regex matching up to 50% faster
  • postftpup converted to a cPanel Hook
  • Exploit fingerprint definitions database additions

New csf v9.06

Changes:

  • Fixed incorrect inclusion of cPanel Free SSL service include entries on new non-cPanel installations

New csf v9.05

Changes:

  • Fixed RT_AUTHRELAY_LIMIT detection

New csf v9.04

Changes:

  • Fixed issue with custom regex rules where log hash was not being passed to regex.custom.pm
  • Fixed issue with custom regex rules where “use strict” was used incorrectly

New csf v9.03

Changes:

  • Fixed issue with LF_ALERT_TO and LF_ALERT_FROM not being used when set

New csf v9.02

Changes:

  • Fixed Reseller UI command execution

New csf v9.01

Changes:

  • Fixed graph display when using integrated UI

New csf v9.00

Changes:

  • Convert csfui.pl, csfuir.pl and cseui.pl to perl modules and modify the calling UI specific scripts
  • Updated cseUI so that is passes perl strict module checks
  • Fixed issue with deny removal of some IPv6 addresses
  • Ensure /etc/chkservd/lfd is recreated when lfd is enabled via csf -e on cPanel servers
  • Added exes to csf.pignore on existing and new cPanel server:
    /usr/libexec/dovecot/lmtp
    /usr/local/cpanel/3rdparty/php/54/bin/php-cgi
    /usr/local/cpanel/3rdparty/php/56/bin/php-cgi
    /usr/local/cpanel/3rdparty/php/56/sbin/php-fpm
  • Ensure all file opens are properly flocked
  • Switch to using require instead of eval/use to load runtime modules where possible
  • Code review – started addressing perl critic suggestions in all scripts and modules
  • Moved regex.pm to a seperate perl module
  • Moved email sending to a seperate perl module
  • Moved lfd logging to a seperate perl module
  • Add allow and ignore Include files for the cPanel Free SSL service from Comodo in cPanel v58+. These are included on new installations and added to existing files on cPanel installations
  • Fixed spurious Include error in lfd for csf.ignore