General

New csf v5.36

Changes:

  • Fix for the lfd child lock mechanism effectiveness

New csf v5.35

Changes:

  • Added new BETA feature – Port/IP address Redirection. This feature uses the file /etc/csf/csf.redirect to redirect connections from/to IP/port combinations to alternative IP/ports. See readme.txt for more information
  • Updated syslog daemon checking in Server Report
  • Set PT_DELETED to 0 by default on new installations
  • Improvements to csf startup locking within lfd
  • Improvements to error trapping between csf and lfd
  • Check minimum values for interval settings and set to recommended values if too low during lfd startup to improve stability
  • Added lfd child locks to improve stability due too server or network resource issues or too low an interval setting
  • Updated Sanity Checks for settings
  • lfd will now not start if TESTING is enabled
  • Do not require write permissions to /etc/crontab when no changes required for TESTING mode enable/disable
  • Prevent parricide by lfd children unless required
  • Added nat table check in csf
  • Fixed bug in csf –grep not matching the nat table

New cxs v2.23

Changes:

  • Improved cxs Watch daemon scanning to include moved files to detect files uploaded by the cPanel File Manager
  • Fixed bug where –cleanlog [file] was not logging the filename for cxsftp.sh scanning
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New cxs v2.22

Changes:

  • Exploit regex definitions database correction

New cxs v2.21

Changes:

  • Speedups to –decode ([D]) option
  • Improvements to decode regex
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New csf v5.34

Changes:

  • Improvement to dovecot account name sanitisation checks in lfd
  • Modified cronjobs for new installs to be compatible with anacron
  • Added new option CLUSTER_BLOCK which is enabled by default. This allows you to disable automatic sharing of lfd blocks around a csf cluster, e.g. if you only wish to use the CLUSTER option to share settings and manual blocks and allows
  • Added new option RT_ACTION. If an RT_* event is triggered, then if RT_ACTION contains the path to a script, it will be run in a child process and be passed a list of items (see csf.conf – for cPanel and DA only)
  • Fix to DYNDNS Advanced Allow/Deny Filters using pipe separator
  • Set permissions to 700 on *.sh, *.pl and *.php in /etc/csf/ instead of a blanket 600 of non-csf scripts

New cxs v2.20

Changes:

  • Fixed issue with MD5 setting via UI when saving to defaults
  • Improvements to regex validation to any specified –ignore or –xtra files
  • Improvements to decode regex
  • Improvements to –decode ([D]) option
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New csf v5.33

Changes:

  • Add link to the Changelog when csf is upgraded
  • Extended urlget timeout to 300 seconds to help cope with the large MaxMind City Database download where enabled
  • Include cpdavd login failures for LF_CPANEL. Added port 2077 and 2078 to the cPanel block ports when LF_SELECT enabled
  • Disable ftp Server Check reports if ftp server disabled in cPanel
  • Added regex validation to any specified csf.pignore or csf.figonre entries to lfd
  • Updated cPanel tier checks to cope with old STABLE and DNSONLY releases and newer v11.30+
  • Improvement to account name sanitisation checks in lfd

New cxs v2.19

Changes:

  • Added regex validation to any specified –ignore or –xtra files
  • Added quarantine failure reason to messages
  • Improvements to –decode ([D]) option to no longer use temporary files
  • If [Fingerprint Match] found also perform a Virus Scan
  • Automatically ignore –quarantine [dir] during scans
  • Improvements to fingerprint matching
  • Added new option –MD5 to display a matched file md5sum. See docs for more information
  • Added new option md5sum: to –ignore [file]. See docs for more information
  • Added new option md5sum: to –xtra [file]. See docs for more information
  • Added new option “Ignore MD5” to cxs Quarantine UI for ftp, web and scan entries
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions