Fixed UI issue with some settings sent via the Cluster Config option
Modified CONNLIMIT_LOGGING rule insertion point
Added new feature: Outgoing UDP Flood Protection. This option limits outbound UDP packet floods. These typically originate from exploit scripts uploaded through vulnerable web scripts. The feature is controlled by: UDPFLOOD, UDPFLOOD_LIMIT, UDPFLOOD_BURST, UDPFLOOD_LOGGING, UDPFLOOD_ALLOWUSER
Update the TOR URL in existing /etc/csf/csf.blocklists file if still set to the old URL
Security – added new option RESTRICT_UI. This options restricts the ability to modify settings within csf.conf from the csf UI. Should the parent control panel be compromised, these restricted options could be used to further compromise the server. This option is enabled by default on all installations
Added entries to csf.pignore on new installations on cPanel servers for Dovecot v2.2 (cPanel v11.40+)
Security – Added UI Restricted Mode which is enabled by default. This disables features in the UI that could allow abritrary commands to be run as root and system files to be overwritten. To enable unrestricted access to the UI remove /etc/cxs/cxs.restricted
Added UI option to completely disable the UI by creating the file /etc/cxs/cxs.disableui
Security Fix – Sanitised user data input to prevent running unauthorised commands via the UI. A user would require root access to exploit this, so vulnerability is probably low. Thanks to Steven at Rack911.com for reporting this issue
Added Password ENV variable check to Server Check on cPanel servers
Update cPanel ACL Driver installations to change force cache update using “touch” instead of removing the cache
Modified TOR URL in /etc/csf/csf.blocklists to use:
http://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=1.1.1.1
