New csf v14.16

Changes:

  • Removed some spurious debug code
  • Modified alert templates for:
    LF_WEBMIN_EMAIL_ALERT
    LF_CPANEL_ALERT
    LF_SUDO_EMAIL_ALERT
    LF_SU_EMAIL_ALERT
    LF_SSH_EMAIL_ALERT
    These have been changed to include the log line that triggered the alert to help give context to the alert and the date/time from the log to identify when the event occurred. All the relevant templates are modified to include the log line for existing and new installs
  • Implemented an addition check for webmin that we’re in the csf module before creating symlink to the UI script
  • Fixed parameter checking for some dovecot regexes
  • If DEBUG is enabled and the sendmail binary fails to send an lfd alert, the email text will now be logged to /var/log/lfd.log with an error

New csf v14.13

Changes:

  • Added inline pid match to all system regexes to cater for logging changes
  • Use Text::Wrap to ensure email line lengths are within specifications
  • Updated dovecot log regexes to support the changed format in v2.3.15+

New csf v14.12

Changes:

  • Added cPanel SaaS servers to cpanel.allow
  • Added a fix for RHEL v8 processes that were reporting excessive null or whitespace characters at the end of /prod/[pid]/cmdline. This is turn meant that such processes (e.g. spamd on cPanel servers) subverted some entries in csf.pignore
  • Updated systemd entries in csf.logignore for RHEL v8+
  • Updated dovecot log regexes to support the changed format in v2.3.15+
  • Modify LookUpIP to hopefully account for data inconsistencies from Maxmind

New csf v14.11

Changes:

  • Added entries in csf.pignore for new cPanel installations:
    exe:/usr/sbin/mariadbd
    exe:/usr/sbin/atd
    exe:/usr/lib/systemd/systemd-timesyncd
    exe:/usr/lib/systemd/systemd-networkd
    exe:/usr/sbin/rsyslogd
  • Updated configuration files to support cPanel on Ubuntu
  • In Server Check don’t check for Fork Bomb protection on cPanel servers running CloudLinux

New csf v14.10

Changes:

  • Fixed error message regarding location/permissions to the iptables binary in correctly referencing ip6tables
  • Added PASV port range hole for VZ servers on cPanel for new installs
  • Fixed MESSENGERV3 Apache tree search where ServerRoot is not configured so that csf defaults to /etc/apache2/ so that relative Includes are still defined correctly
  • Modified LF_BIND regex to deal with new log field

New csf v14.09

Changes:

  • Improvements to CC IP lookup binary search
  • Modified index.recaptcha.php and index.php to use square instead of deprecated curly brackets on array index for PHP v7.4+
  • Modified Server Check regex matching on include in dovecot config files in RHEL v8+
  • Added workaround for iOS issue with bootstrap modals
  • Added EOL messages to Server Check report
  • Modified dovecot.conf parsing on cPanel for include_try in Server Check
  • Modified Apache 404 regex to check for either “info” or “error”
  • Added two new CLI options: –temprma [ip], –temprmd [ip]. This allows distinction between allow and deny that does not exist for –temprm [ip]
  • Updated UI to offer either –temprma [ip] or –temprmd [ip] instead of –temprm [ip]
  • Added PHP v7.2 EOL notice to Server Report

New csf v14.08

Changes:

  • Added missing images/ subdir to webmin and interworx installers
  • Added new option LF_TEMP_EMAIL_ALERT. This allows the disabling of temp IP block emails. It is enabled by default (send temp email alerts as before)