New csf v13.07


  • Added format requirements for ASN entries in CC_* settings
  • Removed SSHDSPAM exploit check as it’s no longer critically relevant
  • Modifications to support RHEL/CentOS v8
  • Modified systemd service to cater for RHEL/CentOS v7.7 pidfile symlink check changes
  • Fixes and improvements to UI Ajax code
  • Removed legacy bandmin code for cPanel servers and LF_CPANEL_BANDMIN setting
  • Modified default InterWorx csf.conf to set SMTP_ALLOWGROUP appropriately for SMTP_BLOCK

New csf v13.06


  • Removed debugging code from log file globbing routine
  • Fixed reseller UI HTML text for each supported control panel
  • Replaced the need in InterWorx for a custom Firewall.php with a preAction to intercept calls instead
  • Moved csf in InterWorx to the Advanced section in Plugins UI
  • Updated the InterWorx plugin.ini information to be more descriptive

New csf v13.05


  • Added official CentOS Web Panel (CWP) integration and CWP panel specific configuration. See /etc/csf/readme.txt for more information (only tested on CentOS v7)
  • Added official VestaCP integration and VestaCP specific configuration (only tested on CentOS v7)
  • Additional entries to csf.pignore for new DirectAdmin installations
  • Corrected DirectAdmin UI link text
  • Fixed UI presentation HTML
  • Fixed vsftpd regex for single character date of the month
  • Modified Debian installation to detect ip(6)tables-legacy and use update-alternatives to switch to using them
  • Modified InterWorx installation to not use chattr on /etc/apf/apf stub which was preventing apf upgrading. The lfd daemon will now reapply the stub if needed
  • Modified Server Check on DA to get case-insensitive config from the binary rather than the directadmin.conf file
  • Modified csf warning text on cPanel DNSONLY servers regarding the smtpgidonlytweak to disable it from CLI as it is not currently possible from the DNSONLY WHM UI

New csf v13.04


  • Fixed issue with ConfigServer::CheckIP generating incorrect IPv6 addresses during validation using Net::CIDR::Lite
  • Added UI entry for editing csf.reseller for DirectAdmin and InterWorx

IPv6 issues with exim and SMTPAUTH_RESTRICT/CC_ALLOW_SMTPAUTH [Fixed in v13.04]

We have identified an issue with exim rejecting what are valid IPv6 representations in the generated /etc/exim.smtpauth file. This problem manifests with errors in /var/log/exim_paniclog (on cPanel) as:

2019-07-18 08:00:22 Internal error: invalid IPv6 address "2001:470:1f0b:a9:9dc3:6ed8:e840::/106" passed to host_aton()

This innocuous error actual causes exim to defer (error 421) all email originating from IPv6 sources. This prevents its delivery inbound.

While we look into mitigating the issue exim has with the generated IPv6 CIDRs we would suggest disabling  SMTPAUTH_RESTRICT/CC_ALLOW_SMTPAUTH and removing the exim.conf line used to refer to it (see csf docs).

This issue has now been fixed in csf v13.04.

New csf v13.01


  • Added reseller support in InterWorx
  • Added reseller support in DirectAdmin
  • Added login failure detection on InterWorx (v6.3.16+). If LF_INTERWORX is enabled, INTERWORX_LOG will be scanned for login failures to NodeWorx and SiteWorx. This is enabled by default on all InterWorx installations
  • Fixed text in Firewall.php stub in InterWorx
  • Improved UI display in DA
  • Improved UI display in InterWorx
  • Fixed InterWorx UI issue with “Service Status” NodeWorx feature caused by Firewall.php stub
  • Created cronjob to check for new product versions for the UI (/etc/cron.daily/csget). A manual check is still available if needed. This does not affect the daily upgrade check if enabled

New csf v13.00


  • Added InterWorx integration and InterWorx panel specific configuration. See /etc/csf/readme.txt for more information (only tested on CentOS v7)
  • Added InterWorx regex detection for proftpd, dovecot imap, dovecot pop3, and smtp auth login failures. Added regex detection for LF_DISTSMTP and LF_DISTFTP. Added regex detection for LF_CXS and LF_MODSEC. Added Login
    Tracking for LT_POP3D and LT_IMAPD
  • Ensure UI errors are displayed in browser to avoid blank pages
  • Display install.txt if perl module checks fail
  • Reworked DirectAdmin UI to display within the parent template