csf

New csf v14.20

Changes:

  • Modified MaxMind URLs to use https
  • Fixed DOCTYPE print order for integrated UI login
  • Added “Require all granted” to Messenger v3 .htaccess generation
  • Normalise source IP during connection tracking for IPv6 comparisons
  • Fixed regression for some IMAP logon failure detections

New csf v14.19

Changes:

  • Switch to using iptables-nft if it exists in /usr/sbin/iptables-nft
  • Added IO::Handle::clearerr() call before reading data from a log file
  • Added “Require all granted” to the MESSENGER .htaccess file
  • Added UID/GID rules to IPv6 if enabled
  • Modified dovecot regex to look for “failed: Connection reset by peer”

 

New csf v14.18

Changes:

  • Added port 853 for DoT to all new installs
  • Added exe wpt-panopticon on cPanel servers to csf.pignore
  • Updated list of EOL PHP versions
  • Modified HTACCESS regex to include “remote” as well as “client” log lines
  • Implemented DA POST workaround for saving large text files via the UI
  • Modified MESSENGER to only send unblock email if a valid IP is requested
  • Modified DA server check to look for multiple php versions in /usr/local/php*

New csf v14.17

Changes:

  • Removed Security Report recommendations that do not apply to unsupported control panels
  • Updated Security Report to show PHP v7.3 is EOL
  • Confirmed support for RHEL v9

New csf v14.16

Changes:

  • Removed some spurious debug code
  • Modified alert templates for:
    LF_WEBMIN_EMAIL_ALERT
    LF_CPANEL_ALERT
    LF_SUDO_EMAIL_ALERT
    LF_SU_EMAIL_ALERT
    LF_SSH_EMAIL_ALERT
    These have been changed to include the log line that triggered the alert to help give context to the alert and the date/time from the log to identify when the event occurred. All the relevant templates are modified to include the log line for existing and new installs
  • Implemented an addition check for webmin that we’re in the csf module before creating symlink to the UI script
  • Fixed parameter checking for some dovecot regexes
  • If DEBUG is enabled and the sendmail binary fails to send an lfd alert, the email text will now be logged to /var/log/lfd.log with an error

New csf v14.15

Changes:

  • Fixed regression issue with logfile regexes
  • Implemented an improved email wrapper

New csf v14.14

Changes:

  • Fixed issue with using Text::Wrap

New csf v14.13

Changes:

  • Added inline pid match to all system regexes to cater for logging changes
  • Use Text::Wrap to ensure email line lengths are within specifications
  • Updated dovecot log regexes to support the changed format in v2.3.15+

New csf v14.12

Changes:

  • Added cPanel SaaS servers to cpanel.allow
  • Added a fix for RHEL v8 processes that were reporting excessive null or whitespace characters at the end of /prod/[pid]/cmdline. This is turn meant that such processes (e.g. spamd on cPanel servers) subverted some entries in csf.pignore
  • Updated systemd entries in csf.logignore for RHEL v8+
  • Updated dovecot log regexes to support the changed format in v2.3.15+
  • Modify LookUpIP to hopefully account for data inconsistencies from Maxmind

New csf v14.11

Changes:

  • Added entries in csf.pignore for new cPanel installations:
    exe:/usr/sbin/mariadbd
    exe:/usr/sbin/atd
    exe:/usr/lib/systemd/systemd-timesyncd
    exe:/usr/lib/systemd/systemd-networkd
    exe:/usr/sbin/rsyslogd
  • Updated configuration files to support cPanel on Ubuntu
  • In Server Check don’t check for Fork Bomb protection on cPanel servers running CloudLinux