New csf v14.17


  • Removed Security Report recommendations that do not apply to unsupported control panels
  • Updated Security Report to show PHP v7.3 is EOL
  • Confirmed support for RHEL v9

New csf v14.16


  • Removed some spurious debug code
  • Modified alert templates for:
    These have been changed to include the log line that triggered the alert to help give context to the alert and the date/time from the log to identify when the event occurred. All the relevant templates are modified to include the log line for existing and new installs
  • Implemented an addition check for webmin that we’re in the csf module before creating symlink to the UI script
  • Fixed parameter checking for some dovecot regexes
  • If DEBUG is enabled and the sendmail binary fails to send an lfd alert, the email text will now be logged to /var/log/lfd.log with an error

New csf v14.15


  • Fixed regression issue with logfile regexes
  • Implemented an improved email wrapper

New csf v14.13


  • Added inline pid match to all system regexes to cater for logging changes
  • Use Text::Wrap to ensure email line lengths are within specifications
  • Updated dovecot log regexes to support the changed format in v2.3.15+

New csf v14.12


  • Added cPanel SaaS servers to cpanel.allow
  • Added a fix for RHEL v8 processes that were reporting excessive null or whitespace characters at the end of /prod/[pid]/cmdline. This is turn meant that such processes (e.g. spamd on cPanel servers) subverted some entries in csf.pignore
  • Updated systemd entries in csf.logignore for RHEL v8+
  • Updated dovecot log regexes to support the changed format in v2.3.15+
  • Modify LookUpIP to hopefully account for data inconsistencies from Maxmind

New csf v14.11


  • Added entries in csf.pignore for new cPanel installations:
  • Updated configuration files to support cPanel on Ubuntu
  • In Server Check don’t check for Fork Bomb protection on cPanel servers running CloudLinux

New csf v14.10


  • Fixed error message regarding location/permissions to the iptables binary in correctly referencing ip6tables
  • Added PASV port range hole for VZ servers on cPanel for new installs
  • Fixed MESSENGERV3 Apache tree search where ServerRoot is not configured so that csf defaults to /etc/apache2/ so that relative Includes are still defined correctly
  • Modified LF_BIND regex to deal with new log field

New csf v14.09


  • Improvements to CC IP lookup binary search
  • Modified index.recaptcha.php and index.php to use square instead of deprecated curly brackets on array index for PHP v7.4+
  • Modified Server Check regex matching on include in dovecot config files in RHEL v8+
  • Added workaround for iOS issue with bootstrap modals
  • Added EOL messages to Server Check report
  • Modified dovecot.conf parsing on cPanel for include_try in Server Check
  • Modified Apache 404 regex to check for either “info” or “error”
  • Added two new CLI options: –temprma [ip], –temprmd [ip]. This allows distinction between allow and deny that does not exist for –temprm [ip]
  • Updated UI to offer either –temprma [ip] or –temprmd [ip] instead of –temprm [ip]
  • Added PHP v7.2 EOL notice to Server Report

New csf v14.08


  • Added missing images/ subdir to webmin and interworx installers
  • Added new option LF_TEMP_EMAIL_ALERT. This allows the disabling of temp IP block emails. It is enabled by default (send temp email alerts as before)

We are taking a short break and will close the store, helpdesk and email from Wednesday, 30 November through Tuesday, 6 December 2022.

If you purchase a license or Service Package before the closing date and require installation, please be sure to leave at least 24 hours before then for the work to be done. Otherwise, any work will be scheduled for after this period. We will reopen on Wednesday, 7 December 2022.