Added stats workaround for February/March calculations
Added new option CC_IGNORE – this Country Code list will prevent lfd from blocking IP address hits for the listed CC’s
Reduced CC_* memory usage when loading zones
Modified lfd logging for regex.pm and regex.custom.pm login failures to lfd.log to use the return reason from the regex match instead of a generic message. This does mean that the format for these messages has changed
DA Server Check for proftpd – check whether pureftp=1 in DA config
Replaced IP::Country and Geography::Countries with Geo::IP:: PurePerl using the MaxMind GeoLite Country database for CC_LOOKUPS
Added new option GUNZIP which is required to expand the MaxMind GeoLite Country database
Extended CC_LOOKUPS which can now be configured to report Country Code and Country and City using the MaxMind City Database. See csf.conf for more information
Added a note to the CGI alert email for ModSecurity false-positives where the request body is inspected before Apache has a chance to determine whether the called script exists (i.e. a 404)
Added new option –wttw [file] which is available for submitting text exploits (i.e. PHP, Perl, Shell) to ConfigServer if cxs fails to detect it. The file is sent as an attachment via email. Please be sure to read the documentation before using this option
If –quarantine or –delete fails (e.g. an immutable file), report failure to do so. Failure to quarantine will no longer attempt removal of the original file
Only “View” quarantine files in UI if they are text files
Fixed a problem with the use of File::Copy and the quarantine system where files that are moved across file systems do not retain the correct permissions
Display complete cxs command options at the top of reports, not just the CLI command (i.e. include defaults and cxs.default entries)
Added a “View Quarantine” button at the bottom of the “View Quarantine User” UI page to return to the quarantine view
Added default clamd rpm and apt-get socket location detection (/var/run/clamav/clamd.sock and /var/run/clamav/clamd.ctl)
DirectAdmin development work (not currently supported) (RedHat Enterprise v3+/CentOS v3+/Debian v5+)
Added code for future multiple license servers
Fixed a problem with the use of File::Copy and the quarantine system where files that are moved across file systems do not retain the correct ownership
