csf

Changes:

• Removed session IP match check from DA login
• Added example spamassassin temp file regex to csf.fignore for new installations

Changes:

• Modified IP lookup to strip some missed quotes
• Added exe:/usr/bin/dbus-broker-launch and exe:/usr/bin/dbus-broker to csf.pignore for new installations
• Added check to ensure that only PUBLIC IP addresses are used when loading IPv4 CC zone files
• Fixed issue when converting embedded IPv4 addresses in IPv6 connections

Changes:

• Modified MaxMind URLs to use https
• Fixed DOCTYPE print order for integrated UI login
• Added “Require all granted” to Messenger v3 .htaccess generation
• Normalise source IP during connection tracking for IPv6 comparisons
• Fixed regression for some IMAP logon failure detections

Changes:

• Switch to using iptables-nft if it exists in /usr/sbin/iptables-nft
• Added IO::Handle::clearerr() call before reading data from a log file
• Added “Require all granted” to the MESSENGER .htaccess file
• Added UID/GID rules to IPv6 if enabled
• Modified dovecot regex to look for “failed: Connection reset by peer”

Changes:

• Added port 853 for DoT to all new installs
• Added exe wpt-panopticon on cPanel servers to csf.pignore
• Updated list of EOL PHP versions
• Modified HTACCESS regex to include “remote” as well as “client” log lines
• Implemented DA POST workaround for saving large text files via the UI
• Modified MESSENGER to only send unblock email if a valid IP is requested
• Modified DA server check to look for multiple php versions in /usr/local/php*

Changes:

• Removed Security Report recommendations that do not apply to unsupported control panels
• Updated Security Report to show PHP v7.3 is EOL
• Confirmed support for RHEL v9

Changes:

• Removed some spurious debug code
• Modified alert templates for:
  LF_WEBMIN_EMAIL_ALERT
  LF_CPANEL_ALERT
  LF_SUDO_EMAIL_ALERT
  LF_SU_EMAIL_ALERT
  LF_SSH_EMAIL_ALERT
  These have been changed to include the log line that triggered the alert to help give context to the alert and the date/time from the log to identify when the event occurred. All the relevant templates are modified to include the log line for existing and new installs
• Implemented an addition check for webmin that we’re in the csf module before creating symlink to the UI script
• Fixed parameter checking for some dovecot regexes
• If DEBUG is enabled and the sendmail binary fails to send an lfd alert, the email text will now be logged to /var/log/lfd.log with an error

Changes:

• Fixed regression issue with logfile regexes
• Implemented an improved email wrapper

Changes:

• Fixed issue with using Text::Wrap

Changes:

• Added inline pid match to all system regexes to cater for logging changes
• Use Text::Wrap to ensure email line lengths are within specifications
• Updated dovecot log regexes to support the changed format in v2.3.15+