General

New csf v7.69

Changes:

  • Modified LF_CSF on cPanel servers to detect a change in the cPanel version and then trigger a restart of ConfigServer scripts (added cxs pure-uploadscript restart)

New cxs v5.25

Changes:

  • Trigger pure-uploadscript restart

New cxs v5.24

Changes:

  • Added new advanced PHP decoders
  • Exploit fingerprint definitions database additions

New cxs v5.23

Changes:

  • Added the ability to use positive –options [+][], i.e. the default list of options is used in addition to those listed when prefixed with a plus
  • Improvements to –decode ([D])
  • Added atime, ctime and mtime to newly quarantined file descriptions viewable from the UI and the CLI via –qview [file].restore4
  • Ensure /var/log/cxswatch.log ownership and permissions are set on each update in case of rotation
  • File md5sum added to cgi and ftp alert email

New csf v7.68

Changes:

  • Added Debian v8 and Ubuntu v15 support
  • HTTP::Tiny upgraded to v0.054

New csf v7.67

Changes:

  • Added a workaround for Plesk sendmail wrapper SIGCHLD problem

New csf v7.66

Changes:

  • Fixed UI status form tags
  • Added new option LF_SPI. This option configures csf iptables as a Stateful Packet Inspection (SPI) firewall – the default. If the server has a broken stateful connection tracking kernel then this setting can be set to 0 to configure csf iptables to be a Static firewall, though some funtionality and security will be inevitably lost
  • Added common systemd logs to csf.logignore for new installs
  • Modify LF_IPSET in csf to print failure messages instead of aborting on error
  • On servers using systemd if firewalld found to be active, csf and lfd will not start until is is stopped and disabled as csf cannot be used with firewalld
  • Added option SYSTEMCTL to csf.conf as the location of the systemctl binary for use with servers using systemd

New cxs v5.22

Changes:

  • Ensure timestamp and cxs command are prepended to –report [file]
  • Fix cxs Watch Timestamp in report emails
  • When using –options W ensure that resource is a directory and not a symlink or socket

New cxs v5.21

Changes:

  • Fixed issue in cxs Watch when –www is used and a new account is created through restore on cPanel servers
  • cxs Watch now tracks the parent directories for all users when –allusers is used and will add them back if they disappear and are recreated