Server Software and Configuration Services
New MailScanner Front-End (MSFE) v4.37
Changes:
– Fixed issue when disabling/enabling some of MailScanner Performance settings causing configuration errors
Changes:
– Fixed issue when disabling/enabling some of MailScanner Performance settings causing configuration errors
Changes:
– Update Fedora version check now that v17 has been released
– Added MySQL Connection and Thread statistics to ST_MYSQL/ST_SYSTEM
– Modified Server Check Report for cPanel servers see whether mod_ruid2 has been enabled making the Apache suEXEC check moot
– Improvements to the SMTP AUTH regex to cope with differing settings in exim log_selector
Changes:
– Added Email Usage to the ST_SYSTEM System Statistics feature when RT_* options are enabled
– Fixed incorrect Min/Max calculations in System Statistics
– Improvements to Disk Usage stats in System Statistics for some virtual environments
– Added CPU Temperature to the ST_SYSTEM System Statistics feature when lm-sensors/coretemp installed and enabled (highest core temp recorded)
– Added MySQL graphs to the ST_SYSTEM System Statistics feature when ST_MYSQL is installed and enabled – requires DBI and DBD::mysql perl modules. Authentication is via new ST_MYSQL* options. The option is enabled on cPanel servers by default, disabled on others
– Modified stats collection routine to append data to the stats file on each minute interval and to clean up only on lfd startup. This is to help minimise the risk of the stats file being incomplete due to process termination
– Added new options LF_DISTSMTP, LF_DISTSMTP_UNIQ and LF_DISTSMTP_PERM. This option will keep track of successful SMTP logins. If the number of successful logins to an individual account is at least LF_DISTSMTP in LF_INTERVAL from at least LF_DISTSMTP_UNIQ IP addresses, then all of the IP addresses will be blocked. This option can help mitigate the common SMTP account compromise attacks that use a distributed network of zombies to send spam (exim MTA only). Not enabled by default
– Modified Server Check Report for cPanel servers see whether mod_ruid2 has been enabled making the PHP Handler check moot
– Modified the ModSecurity regex to cater for the paid Atomic rules Apache error log non-standard format
– Modified non-cPanel new installs to disable ST_SYSTEM by default
Changes:
– For cPanel v11.32+ run /scripts/updateuserdomains instead of /scripts/update_email_limits
– Added Javascript confirmation to “Empty Directory” button
Changes:
– Improvements to hidden script file detection
– Added formatting to cgi and ftp email reports
– Added new fields to the cgi email report
– Change POD Examples section to use full command line options
– Improvements to ignoring any files based on md5sum (including those identified as exectuables, viruses, etc)
– Remove extraneous spaces from ignore and xtra md5sum entries
– Improvements to –MD5 so that all reported files displays the md5sum
– Changed the way md5sum values are displayed if –MD5 is used
– Improvements to the main decoder regex
– Exploit fingerprint definitions database additions
Changes:
– Removed check for Melange on cPanel servers from Server Check Report
– Improvements to the cPanel exim SMTP AUTH login failure regex after changes in cPanel v11.32
– Added exe:/usr/local/cpanel/3rdparty/sbin/mydns to csf.pignore for new installs on cPanel servers
– Additional cmd/pcmd suggestions added to csf.pignore for new installs on cPanel servers (not enabled)
Changes:
– Ensure that an account name is only passed to –script [script] when performing a manual scan using –user or –all
– Ignore adobe-xap-filters when detecting hidden script files
– Exploit fingerprint definitions database additions
Changes:
– Improvements to quarantine procedure
Changes:
– Fixed a problem in the UI where the selections for –options were applied from /etc/cxs/cxs.defaults, if set, rather the selections in the UI if all the standard selections were ticked
– UI improvements
– Change file name check behaviour so that it still detects with empty files
– Include all item sizes in –summary report
– Include all ignored files in –summary report
– Improvements to hidden script file detection
– Exploit fingerprint definitions database additions
Changes:
– Fixed problem with quarantine move failing – introduced in v2.56
– Implement ignores for rate limit warnings in cxs Watch daemon
– Allow a value of 0 for –filemax [num] which disables the feature
– Set –filemax [num] to 0 in cxswatch.sh for new installs