General

New csf v5.40

Changes:

  • Added new feature – csf UI Reseller functions for cPanel. See /etc/csf/csf.resellers and WHM UI
  • Improvements to cse Integrated UI
  • Modified redundant cPanel function calls in UI
  • Removed ModSecurity functionality in UI
  • Modified WHM UI “Remove Deny” to be “Quick Unblock” that now removes a specified IP address entries from csf.deny and/or temporary blocks

New cxs v2.34

Changes:

  • Modifications to the UI
  • Updates to the failure detection of the quarantine procedure
  • New option –force. If –force is not used then cxs will refuse to scan within restricted directories: /usr /var /bin /lib /lib64 /boot
  • Modified daily update check to only restart cxs Watch if updates are actually new
  • Modified cxs Watch to no longer require a /scripts/postwwwacct entry (which is now ignored) as it now monitors /var/cpanel/users/ for new users on cPanel servers
  • Exploit fingerprint definitions database additions

New cxs v2.33

Changes:

  • Redesigned cxs UI, included functions for controlling cxs Watch
  • Added TERM logging to the cxs Watch daemon to signify termination

New cxs v2.32

Changes:

  • Added init script for cxswatch daemon on cPanel servers. This is instead of using /etc/rc.local to start the daemon and can also be used to stop/start/restart/status the daemon. See the cxs documentation for more information
  • Added entry to chkserv.d on cPanel servers so that cPanel will monitor the cxswatch daemon using tailwatchd. See the cxs documentation for more information

New cxs v2.31

Changes:

  • Fixed issue with tarball and zip file contents checking
  • Further improvements to the Fingerprint matching system
  • Exploit fingerprint definitions database additions

New cxs v2.30

Changes:

  • Significant speedups for pattern matching
  • Improvements to the Fingerprint matching system which includes speedups and additional identification methods
  • Fixed error message for scanning an non-existent file
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New csf v5.39

v5.39 Changes:

  • Fixed detection of the nat tables on some Virtuozzo VPS servers

v5.38 Changes:

  • Modification to the Integrated UI to allow access to cxs if it is installed via UI_CXS
  • Include an updated cse with csf for use with the Integrated UI via UI_CSE
  • Added option UI_CIPHER to allow the SSL cipher suite to be set manually for the Integrated UI
  • Added HTTP request internal memory limits to the Integrated UI

New csf v5.38

Changes:

  • Modification to the Integrated UI to allow access to cxs if it is installed via UI_CXS
  • Include an updated cse with csf for use with the Integrated UI via UI_CSE
  • Added option UI_CIPHER to allow the SSL cipher suite to be set manually for the Integrated UI
  • Added HTTP request internal memory limits to the Integrated UI

New cxs v2.29

Changes:

  • Fixed problem with quarantine file naming convention causing duplicate file names under certain circumstances and failing to quarantine the second instance
  • Fixed spurious Cpanel::Version::gettree() warning in cPanel error log
  • Exploit regex definitions database additions

New csf v5.37

Changes:

  • Added new BETA feature – User Interface. This feature provides a HTML UI to csf and lfd, without requiring a control panel or web server. The UI runs as a sub process to the lfd daemon. See csf.conf and readme.txt for information and requirements
  • Fixed issue with RT_* regex routine ignoring 127.0.0.1
  • Fixed detection of DNSONLY cPanel installs
  • Added Security Check on cPanel server checks for disabled “Proxy subdomains” and “Proxy subdomain creation”
  • Added new option LF_CPANEL_ALERT_ACTION. If a LF_CPANEL_ALERT event is triggered, then if LF_CPANEL_ALERT_ACTION contains the path to a script, it will run the script and passed the ip and username and the DNS IP lookup result as 3 arguments