General

New cxs v5.29

Changes:

  • Modified documentation to address changes in ModSecurity v2.9 that requires the following is set as part of the ModSecurity config: 
    SecUploadKeepFiles RelevantOnly
  • Exploit fingerprint definitions database additions

PayPal Donations

Our recent decision to no longer accept PayPal Donation payments is two-fold:

1. We were starting to get a large number of “fake” donations, presumably from compromised PayPal accounts which were subsequently contested (No, we don’t get it either!). This cost us not only in time, but also in money for each payment refunded.

2. We have been aware of a change in PayPal’s policy on using the “Donate” button and accepting donations. This change means that accumulated donations over $10,000 requires that an accepting account is a verifiable non-profit organisation:

https://www.paypal.com/webapps/mpp/get-started/donate-button

While we’re not near that figure yet, we have been in business for a long time so we have had to make the disappointing decision to stop accepting donations for our free products.

We do know that many people want to keep supporting us in our development of our products, so we will look into alternatives. For now we have cancelled all subscription payments and will no longer accept future PayPal donations.

We do sincerely appreciate everyone who has donated to us in the past to help continued development in our free products.

New csf v7.70

Changes:

  • Removed PayPal Donation buttons due to recent abuse

New cxs v5.28

Changes:

  • Added new option –[no]ssl. When enabled (the default) all cxs URL functions, such as updating, bayes corpus retrieval and license checking will be done over an SSL connection to ConfigServer servers
  • Added /var/run/clamd.scan/clamd.sock as another default clamd socket location for –clamdsock [socket]
  • Added unsupported option –YSKIPCGI. See POD for more information
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

Server Move – Completed

We have finished moving to our new server.

If you have odd blocking in your firewall and any of our licensed products installed, you should ensure that you update access to license.configserver.com so that it uses the new IP address:

host license.configserver.com

Server Move

We will be moving some our sites to a new server tomorrow 30th May 2015. This might cause some issues connecting to some of our sites during the move and while DNS propagation takes place. This will affect:

  • Email sent to us @waytotheweb.com
  • Our HelpDesk
  • The main configserver.com site
  • The main waytotheweb.com site
  • The product licensing site (should not prevent products functioning – cxs/MSFE)

It will not affect download.configserver.com, the store, the forums or this blog.

New cxs v5.27

Changes:

  • Fixed call for the now removed cxswatch.pm from –Wstop

New cxs v5.26

Changes:

  • Added /scripts/postftpup to restart pure-uploadscript after an ftp server upgrade

cPanel v11.50 cxs and pure-ftp startup/login problems

If you are running cPanel CURRENT and have just upgraded to v11.50 and have cxs installed with ftp upload scanning and pure-ftpd is not restarting correctly, you may need to run the following to ensure pure-ftpd starts correctly:

service pure-uploadscript restart

or

/etc/init.d/pure-uploadscript restart

New csf v7.69

Changes:

  • Modified LF_CSF on cPanel servers to detect a change in the cPanel version and then trigger a restart of ConfigServer scripts (added cxs pure-uploadscript restart)