cPanel

New cxs v2.77

Changes:
– Ensure htaccess fingerprints only apply to .htaccess files
– On cPanel servers hide the Support icon introduced by cPanel in v11.34
– Added unsupported feature –YSKIPFPREGEX to ignore inbuilt fingerprint regular expression matching when using –options [M], –xtra [file] contents will still match
– Added scanning for jsp scripts
– Added scanning for asp and aspx scripts
– Added scanning for java scripts
– Exploit regex definitions database additions
– Exploit fingerprint definitions database additions

New cxs v2.76

Changes:
– Update to one of the main decoder regexes

New cxs v2.75

Changes:
– Added multiple new advanced PHP decoders
– Improvements to the main decoder regex
– Exploit regex definitions database additions
– Exploit fingerprint definitions database additions

New csf v5.68

Changes:
– New feature added – LF_DIST_INTERVAL. This option provides a separate timing interval for both LF_DISTFTP and LF_DISTSMTP. By default it is set to 300 seconds
– Implemented better handling of repeat blocks when an IP is already temporarily or permanenetly blocked
– Added missing inclusion of Time::HiRes in csf.pl
– Silence LF_DISTFTP and LF_DISTSMTP ignored IP logging to lfd.log unless DEBUG enabled
– Silence DYNDNS IP address updates to lfd.log unless DEBUG enabled
– RELAYHOSTS setting now defaults to “0” to improve security on cPanel servers
– Increased default value of DENY_IP_LIMIT to 200

New cxs v2.74

Changes:
– Improvements to the daily update mechanism
– Fixed a false-positive with the main .htaccess regex

New cxs v2.73

Changes:
– Fixed a problem where compressed file depth was not being reset between files causing subsequent compressed files to be skipped from scanning
– Fixed problem where multi-depth compressed files were not being identified by their original filename correctly
– Added compressed file depth to output when matches found

New cxs v2.72

Changes:
– Added PNG and JPEG filetypes for hidden script scanning
– Fixed an issue where cxs was sometimes leaving temporary files in /tmp after compressed file expansion

New cxs v2.71

Changes:
– cxs will now treat .htaccess files as script files and fingerprints have been added for common exploits
– Added more information about existing csf anf cxs integration options (i.e. UI, ModSecurity, pure-ftpd)
– Added information that restores from quarantine must be done through the UI
– Exploit fingerprint definitions database additions

New csf v5.62

Changes:
– Added ModSecurity connection dropping to the LF_MODSEC regex
– Added new option – ETH6_DEVICE. By adding a device to this option, ip6tables can be configured only on the specified device. Otherwise, ETH_DEVICE and then the default setting will be used
– Added new option – LF_SCRIPT_ACTION. On cPanel servers, this can contain the path to a script that is run whenever LF_SCRIPT_ALERT is triggered
– Fixed stats graph average calculation and display if average equals 0
– Split Slow MySQL Queries stats graphs from MySQL Queries
– Improvements to Apache CPU Usage stats graphs

New cxs v2.70

Changes:
– Improvements to cxs Watch daemon ignore/xtra and new update reloading without restart
– Switched to using Sys::Hostname in cxs Watch daemon
– Exploit regex definitions database additions
– Exploit fingerprint definitions database additions