Server Software and Configuration Services
New csf v11.07
Changes:
- Added missing WAITLOCK to iptables when processing advanced port filters in csf and lfd and checking csf status in UI
- Added WAITLOCK, if enabled, to iptables-restore commands during FASTSTART
- Server Check Report – removed ini_set check as so many scripts use ini_set nowadays. Updated text on various checks
- Updated the postfix SMTP AUTH regex
- Added new SSHD “maximum authentication attempts exceeded” regex
- Set basic PATH before running csfpre.sh/csfpost.sh to avoid binary location issues
- csf now runs csfpre.sh/csfpost.sh directly without forcing it through /bin/sh. If present, csf chmods the script 0700 and checks for a shebang. If the shebang is missing #!/bin/bash is added to the top. The script is then run
- Added seventh parameter to regex.custom.pm to allow Cloudflare blocking if a CUSTOM regex is triggered (see latest regex.custom.pm in distro)
- Rearranged UI tabs and shortened tab names. Moved quick actions to the top of the “csf” tab pane
- Added “AUTH command used when not advertised” to the LF_EXIMSYNTAX regex check
- Added new csf CLI cluster option: -ci, –cignore ip [comment] This will add the IP to each remote /etc/csf/csf.ignore member and then restart lfd. This has also been added to the UI
- Fixed cluster grep output in UI
- Modified MESSENGERV2 to support combined certificates+keys in cPanel v68+
- Added triggered setting and, if applicable, temporary TTL to the “Blocked:” status in block alert emails
- Added “wildcard” option to “Search System Logs” UI to use ZGREP to search the specified log with a wildcard suffix
- ZGREP option added to csf.conf which must point to the zgrep binary
- Added git binaries to csf.pignore on cPanel servers for upcoming v72/74 features