General

New cxs v6.10

Changes:

  • On cPanel servers, ensure all document roots are scanned when using –www not just ~/public_html/ (i.e. domains, SSL, addons, subdomains)
  • Fix pure-uploadscript init script to exit with appropriate status code
  • Exploit fingerprint definitions database additions

New csf v8.26

Changes:

  • Added more dovecot binaries to csf.pignore for new and existing cPanel servers
  • Updated lfd-cron to use the csf startup routines to restart lfd on systemd servers correctly, existing cron jobs are also modified
  • HTTP::Tiny upgraded to v0.058

New cxs v6.09

Changes:

  • Fixed quarantine store of file group ownership used for display purposes only. The problem manifests when a users uid != gid and the incorrect group is used for display purposes
  • Fixed Wmonitor display of file group ownership. The problem manifests when a the users uid != gid and the incorrect group is used for display purposes

New cxs v6.08

Changes:

  • Replace /etc/cxs/test/ files with a single non-threatening script that will test trigger cxs and can be used to check the cxs ModSecurity rule is working. See /etc/cxs/install.txt for details
  • Modified ModSecurity integration Install/Remove options in cxs UI for EA4
  • Exploit fingerprint definitions database additions

New csf v8.25

Changes:

  • Modified Config loading to check for valid ip6tables location before attempting to use it
  • Modify Server Report to support checking of cPanel MultiPHP configurations when using EasyApache v4
  • Removed PHP check for suhosin from Server Report
  • Improved cipher check for pure-ftpd in Server Report
  • Added password reset check for subaccounts in Server Report on cPanel servers
  • Added cPanelID check in Server Report on cPanel servers

New cxs v6.07

Changes:

  • Added text field in UI for PureFTPd/ModSecurity to indicate whether the options is currently enabled or disabled

New cxs v6.06

Changes:

  • Fixed crond restart in UI on RHEL/CentOS/CloudLinux v7 which left pages blank
  • Exploit fingerprint definitions database additions

New csf v8.23

Changes:

  • On cPanel servers ensure the lfd service is always correctly appended to chkservd.conf on csf installation

New csf v8.22

Changes:

  • Fix csf –tempdeny from allowing blocking of local IPs
  • Fix problem where LF_NETBLOCK was no longer affective after blocking a its first netblock until it timed out from csf.tempip
  • Modify UI table spacing

New cxs v6.05

Changes:

  • Added version detection for Drupal v8
  • Added PureFTPd integration Enable/Disable/Restart options to cxs UI
  • Added ModSecurity integration Install/Remove options to cxs UI
  • Mute perl lc UTF-16 warnings where necessary
  • New –options [U]. This option will match PHP scripts that allow uploading files to the server via the HTTP POST method. This option requires that –options [m] is also specified
  • Added –options [U] to the Restricted Mode UI options
  • UI updates and improvements
  • Exploit fingerprint definitions database additions