General

New csf v2.79

Changes:

  • Bug fixes
  • Added ACCEPT rule to 127.0.0.1:25 for the “cpanel” user if SMTP_BLOCK is enabled for the new cPanel Webmail configuration in v11
  • Added new configuration option DROP that allows you to choose the drop target for rejected packets (see csf.conf for more information)
  • Remove /etc/cron.d/csf_update on uninstall

New csf v2.77

Changes:

  • Closed vulnerability with temporary file checking
  • Tightened log file regex’s to prevent spoofed remote IP block attacks

Inept PHP developers strike again

Why on earth are the developers of PHP incapable of making their scripting language backwards compatible? It really, seriously, beggars belief. I’ll be sure to stick to perl scripts in the future as I’m sick and tired of their lack of professionalism when it comes to language development.BTW, a php upgrade today broke a couple of our website applications again, including the blog and forum, which seems to be an all too common occurrence.Inept idiots.IMHO 😉

New csf v2.76

Changes:

  • Improved file checking in Server Check script to prevent WHM failures

New csf v2.75

Changes:

  • Modified Server Check to only look at pure-ftpd settings if installed
  • Simplified throttling mechanism

New csf v2.74

Changes:

  • Modified PHP Server Checks to use the php binary output instead of trying to find the active php.ini file
  • Added PHP Server Check for register_globals
  • Improvements to the Server Check code
  • Fixed bug in TCP port 23 check in Server Check
  • Added new option –check (-c) to check whether the installed version of csf is the latest, no update is performed
  • Added multiple csf configuration checks to the Server Check report
  • Added throttling to LF_INTEGRITY and increased the timeout proportionally

New csf v2.73

Changes:

  • Modified SMTP_BLOCK warning on VPS servers to only display if the option is enabled
  • Modifed the Server Services Check text to omit using -del with chkconfig and better explain that a process is enabled even if it is not currently running and needs to be disabled to prevent startup on boot
  • Removed reliance on wget for updates and version checks
  • Coding improvements in csf.pl and addon_csf.cgi
  • Added /var/log/lfd.log tail automatic refresh to WHM UI

New csf v2.72

Changes:

  • Fixed problem with DENY_IP_LIMIT not counting all IP entries in csf.deny correctly
  • Ignore and issue a warning if SMTP_BLOCK is enabled on a Vituozzo VPS since the Virtuozzo VPS kernel does not support ipt_owner
  • Remove Shell/Fork Bomb Protection check (if a VPS) in Server Check as the option breaks a Virtuozzo VPS if enabled
  • Added more processes to check in Server Services Check
  • Removed restriction on outbound source port rule construction

Root crontab emails not being delivered

Just experienced an issue in cPanel v11 where root crontab emails aren’t being delivered. The jobs in /etc/cron.*/ work OK, but jobs in /var/spool/cron/root are failing to send emails to the root forwarder. It’s most likely a bug in the cPanel exim routers in v11.In the meantime, if you experience this problem, you can work around it by adding:

crontab -e

Then at the top of the root crontab set MAILTO= to your email address, e.g.:

MAILTO=me@mydomain.com