Changed –options [s] to be –[no]sversionscan (Script Version Scanning) to make it independent of –[no]exploitscan, allowing a fast scan for old script installs. This option is enabled by default. Use –nosversionscan to disable
Added the following to Script Version Scanning (see cxs POD):
Typo3, Invision Power Board, WebCalendar, MyBB, Dolphin, SMF, OpenX Source, SugarCRM Community Edition, Contao CMS, PrestaShop, PHP-Fusion, phpPgAdmin, SquirrelMail, Roundcube, Kayako, osTicket
Added new –soptions [a] for –[no]sversionscan to report all versions of found scripts, not just old versions
Added new –soptions [d] for –[no]sversionscan to report the directory containing the script, not the trigger file
Load DYNDNS and GLOBAL_DYNDNS from last known values when restarting csf instead of waiting for lfd to load the initial rules
Improved performance of file slurping
Cluster documentation correction in readme.txt
UI button style modifications
Added specific check for Spamhaus drop lists so that retrieval is never attempted beofer 2 hours elapses between attempts whether those retrieval attempts are successful or not
Improvements to SSHD regexes
Modified mod_security logging to include the last triggered rule id if present
Added to RECOMMENDATIONS to still run a regular scan without –ctime [hours] to ensure new scan techniques and exploit signatures are used to check all existing files
Fixed directory creation on installation for unofficial DA plugin
Improved performance of file slurping and therefore scanning
Added new –options [s] that will search for a few common web script installations and report if older than the latest version on record. See documentation for more information
