cPanel

New csf v8.21

Changes:

  • Modified cPanel version check to avoid restart loop if GENERIC set to 1 in csf.conf

New csf v8.20

Changes:

  • Modify Relay Alert email to specify “localhost” rather than “Local Account” when localhost IPv6 address detected as it currently does for IPv4 localhost
  • Improvement to lfd restart routine for MailScanner and pure-ftpd when cPanel upgrades on RHEL/CentOS/CloudLinux v7+ servers

New csf v8.19

Changes:

  • Move SMTP_BLOCK rules to a separate chain to avoid conflicts with other control panels deleting required rules

New csf v8.18

Changes:

  • Reversed csf.tempip changes to avoid a possible locking issue in csf.pl, lfd.pl changes retained

New csf v8.17

Changes:

  • Fixed 12 month statistics pie chart rendering
  • Increased default value and sanity range for PT_USERMEM
  • Modified SMTP_BLOCK to use iptables multiport
  • Added new feature: SMTP_REDIRECT. This redirects non-authorised outbound SMTP connections to the local SMTP server
  • Ensure LF_PERMBLOCK IP’s are removed from csf.tempip when rotating csf.deny after reaching DENY_IP_LIMIT
  • Remove stale csf.tempip entries on lfd startup
  • Added IPv6 support to RT_LOCALHOSTRELAY tracking
  • Update binary locations for new installations on DirectAdmin Debian
  • Improved fix for detection of ip6tables nat chains
  • Added UI Firewall Configuration On/Off buttons
  • Added UI Firewall Configuration dropdowns for some value ranges
  • Updated UI restricted list
  • Updated sanity checks
  • Various UI updates and modifications
  • Added a warning when using mod_cloudflare to Server Check Report

csf no longer processing LF_SCRIPT_ALERT

Due to the changes by exim caused by CVE-2016-1531, exim no longer reports the script location that it was initiated from. This now means that LF_SCRIPT_* will no longer function.

EDIT: We have just be informed by cPanel that they have developed a workaround that will be released imminently for EXIM that should restore the functionality. Yay!

New cxs v6.04

Changes:

  • Ensure CallUploadScript is disabled in /etc/pure-ftpd.conf on cPanel servers on uninstall
  • Exploit fingerprint definitions database additions

New csf v8.16

Changes:

  • Removed UI integration from CentOS Web Panel as recent permission changes break the implementation. The csf installer will restore the original functionality

Problems upgrading to csf v8.15?

If you see this error on uprading csf (if you installed v8.14 before 8.15 replaced that release):

# csf -u
Can't locate object method "ssl_opts" via package "LWP::UserAgent" at /usr/local/csf/lib/ConfigServer/URLGet.pm line 142.

You can fix the code and then upgrade using:

# sed -i "s/\$ua->ssl_opts/#\$ua->ssl_opts/" /usr/local/csf/lib/ConfigServer/URLGet.pm
# csf -u