New csf v10.12

Changes:

  • Configured UI to fully integrate with cPanel templates without using iframes
  • Configured UI to display full cPanel breadcrumbs
  • Configured UI to support cPanel v66 WHM UI changes

New csf v10.09

Changes:

  • Added new option DROP_OUT which is set to “REJECT” by default. This option sets the default target for blocked outgoing ports. See csf.conf for more information
  • Added improved detection of xtables lock and recommend enabling WAITLOCK on error
  • Improved csf down detection when xtables lock in effect and WAITLOCK is not enabled
  • Added support for listing ASNs in CC_IGNORE

New csf v10.08

Changes:

  • Added cpanel.allow and cpanel.ignore Include files for the cPanel authentication servers. These are included on new installations and added to existing files on cPanel installations
  • If running cPanel 1:1 NAT, use the contents of /var/cpanel/cpnat to whitelist/ignore the external IP addresses

New csf v10.07

Changes:

  • Fixed bug when using RECAPTCHA_NAT where the listed IP’s were not correctly processed
  • Server Check now follows includes in dovecot.conf
  • Server Check now reports RHEL/CentOS/CloudLinux v5.* as EOL

New csf v10.06

Changes:

  • Added new entry in csf.pignore on cPanel servers for:
    exe:/usr/libexec/dovecot/indexer
    exe:/usr/libexec/dovecot/indexer-worker
  • Croak if IPTABLES is not set, incorrect or not present in csf.conf
  • Set SELinux context for /etc/logrotate.d/lfd on new generic installs

New csf v10.05

Changes:

  • Fixed table header html/css
  • Added workaround for adding superusers listed in /etc/csf/csf.syslogusers to the RESTRICT_SYSLOG_GROUP if the log socket is not accessed via the owner permissions
  • Changes for cPanel v64 template
  • Updated text description in csf.dirwatch for new installs