cPanel

New cxs v2.37

Changes:

  • cxs Watch – report error if unable to increase /proc/sys/fs/inotify/max_user_watches
  • Further improvements to –timemax [secs] reports
  • Further improvements to error reporting during scans
  • Exploit fingerprint definitions database additions

New cxs v2.36

Changes:

  • cxs Watch will now restart if a change to a specific –xtra [file] is made. This triggers a full restart of cxs Watch
  • Improvements to –timemax [secs]
  • Improvements to error reporting during scans
  • Added more advanced PHP decoders to –decode ([D])
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New cxs v2.35

Changes:

  • Added new option –timemax [secs]. Scan timeout per file in seconds to prevent looping. Default is 30 seconds
  • Additional logging on cxs watch startup to show the progress of user account inotify setup
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New csf v5.41

Changes:

  • Added text description of allow/deny made by cPanel Resellers via UI in csf.allow and csf.deny
  • If cPanel UI Resellers email alerts are enabled, a csf grep will be performed before an IP adress is unblocked and the output included in the alert email, together with the results of the UNBLOCK
  • If cPanel UI Resellers email alerts are enabled, the results of an ALLOW or DENY will be included in the alert email
  • Added logging of cPanel UI Reseller actions ALLOW/DENY/UNBLOCK to /var/log/lfd.log
  • Update to urlget to not fail on empty file if successfully retrieved
  • Take Integrated UI out of BETA as no reported issues
  • Take csf.redirect out of BETA as no reported issues

New csf v5.40

Changes:

  • Added new feature – csf UI Reseller functions for cPanel. See /etc/csf/csf.resellers and WHM UI
  • Improvements to cse Integrated UI
  • Modified redundant cPanel function calls in UI
  • Removed ModSecurity functionality in UI
  • Modified WHM UI “Remove Deny” to be “Quick Unblock” that now removes a specified IP address entries from csf.deny and/or temporary blocks

New cxs v2.34

Changes:

  • Modifications to the UI
  • Updates to the failure detection of the quarantine procedure
  • New option –force. If –force is not used then cxs will refuse to scan within restricted directories: /usr /var /bin /lib /lib64 /boot
  • Modified daily update check to only restart cxs Watch if updates are actually new
  • Modified cxs Watch to no longer require a /scripts/postwwwacct entry (which is now ignored) as it now monitors /var/cpanel/users/ for new users on cPanel servers
  • Exploit fingerprint definitions database additions

New cxs v2.33

Changes:

  • Redesigned cxs UI, included functions for controlling cxs Watch
  • Added TERM logging to the cxs Watch daemon to signify termination

New cxs v2.32

Changes:

  • Added init script for cxswatch daemon on cPanel servers. This is instead of using /etc/rc.local to start the daemon and can also be used to stop/start/restart/status the daemon. See the cxs documentation for more information
  • Added entry to chkserv.d on cPanel servers so that cPanel will monitor the cxswatch daemon using tailwatchd. See the cxs documentation for more information

New cxs v2.31

Changes:

  • Fixed issue with tarball and zip file contents checking
  • Further improvements to the Fingerprint matching system
  • Exploit fingerprint definitions database additions