cPanel

New cxs v6.01

Changes:

  • Added unsupported option –YSKIPUNCLAM. See POD for more information
  • Exploit fingerprint definitions database additions

New csf v8.08

Changes:

  • Fixed csf.sips modification via UI on Redhat/CentOS v7.1
  • Raised csf.blocklist names from 9 to 25 characters long. This cannot be greater due to limits on ipset names on some OS’s and the use of prepended names for new ipset list swapping
  • Added output from netstat for PT_LOAD to loadalert.txt for new installs. For existing installs, latest file copied to /usr/local/csf/tpl/loadalert.txt.new

New cxs v6.00

Changes:

  • Added new major feature for cxs Watch: –Wmonitor [file] This option allows you to monitor and report on changes to a list of resources in [file]. See cxs POD for more information
  • Added option –Wmonignore [file] to use instead of –ignore [file] for use with –Wmonitor [file]
  • Added IO::Select as a required perl module (a core perl module so should always be present)
  • Improvements to php file detection
  • Improvements to deobfuscation routines
  • Fixed bug in display of atime for some quarantined files
  • Fix BCC header replacement field in email reports
  • Exploit fingerprint definitions database additions

New csf v8.07

Changes:

  • Ensure spaces are stripped from values in /etc/cpanel/ea4/paths.conf on cPanel servers
  • Fixed issue with csf –add [ip] not always removing [ip] if present from csf.deny
  • Modified the LF_QOS regex to cater for additional log formats

New cxs v5.33

Changes:

  • POD corrections and additions
  • Exploit fingerprint definitions database additions

New cxs v5.32

Changes:

  • Force email Date: field incase the MTA fails to add one
  • Modified all report timestamps to use the same format
  • Exploit fingerprint definitions database additions

New cmc v2.00

Changes:

  • Added Easyapache v4 support
  • Removed references to modsecparse.pl as it is no longer used by cPanel
  • Fixed modify file list to only list actual files

New csf v8.06

Changes:

  • Added port 24441 to UDP_OUT and UDP6_OUT for new installs on cPanel servers for Pyzor that was added by cPanel in v11.52
  • Support added for EasyApache4 log locations in cPanel from /etc/cpanel/ea4/paths.conf
  • Added more executable files to csf.pignore on cPanel servers for cPanel EasyApache4
  • Modify Server Check to support cPanel EasyApache4
  • Added regex to support cPanel/WHM login failures with the new log format in v11.52+
  • If mod_ruid2 is enabled do not check for mod_userdir in Server Check
  • Always ensure binary exists and is executable before performing processing during Server Check
  • Modified ProFTPD regex to support more formats
  • vsftpd inbuilt log file format regex added
  • Modified cPanel antirelayd Server Check to also support popbeforesmtp added in v11.52
  • Added dbus and time systemd regexes to csf.logignore for new installs

New csf v8.05

Changes:

  • Added alarms to HOST binary calls
  • Added new csf CLI option: –rbl [email]. This generates the report checking IP addresses against a set of RBLs. Optional configuration is available through /etc/csf/csf.rblconf
  • Added UI to utilise the new –rbl [email] option
  • Added systemd status output after lfd restart via the csf CLI
  • Modified Server Check to only report bind if a named configuration file exists
  • Require cPanel resellers to enter a Comment when allowing or denying an IP
  • Added new option UI_IP to allow binding to a specific IP address for the integrated UI