csf

New csf v7.64

Changes:

  • UI HTML updates and fixes
  • Modified openbl.org URLs in csf.blocklist to use https – this will likely need URLGET set to 2 (LWP)

New csf v7.63

Changes:

  • Modified Server Check to highlight PHP v5.3.* as EOL and therefore a security risk
  • Port 587 added to TCP_OUT/TCP6_OUT on all new installations (previously only on cPanel)
  • Added new CLI option to csf, -i –iplookup will lookup IP address geographical information using CC_LOOKUPS setting in /etc/csf/csf.conf
  • Manually allowed/denied permanent/temporary IPs through the csf CLI now include the CC information if no comment is used
  • Renamed csf and lfd cron jobs in /etc/cron.d/ to cater for non-LSB compliant Linux cron managers
  • Modified Server Check report to cater for servers running systemd
  • More Server Check fixes for out of date checks
  • Added 2 new alert settings for FTP and SMTP distributed attacks: LF_DISTFTP_ALERT and LF_DISTSMTP_ALERT

New csf v7.62

Changes:

  • Modified ModSecurity regexes to be more generic

New csf v7.61

Changes:

  • Fix issues with lfd restart via integrated UI and DA UI

New csf v7.60

Changes:

  • Ensure that /usr/lib/systemd/system/ is created on install on systemd servers

New csf v7.59

Changes:

  • Fix sanity check for SMTPAUTH_RESTRICT
  • Fixed incorrect reference to cxs in the generic csf installer
  • Modified csf.conf to show that LWP::Protocol::https is needed for LWP to retrieve https URLs and added examples of how to install these perl modules
  • Implemented native systemd support for startup and shutdown of csf and lfd
  • Added recommendation in csf.conf to use IPSET if wanting to set DENY_IP_LIMIT to a high value
  • If IPSET is enabled, no sanity warnings are issued for DENY_IP_LIMIT
  • Also add SSH port to TCP6_IN on new installations

New csf v7.58

Changes:

  • Display warning and revert to HTTP::Tiny if URLGET is set to use LWP but the perl module is not installed

New csf v7.57

Changes:

  • 7.57   – URLGET now set to “2” to use LWP by default on new installations instead of HTTP::Tiny
  • If URLGET set to use LWP, csf will perform upgrades over SSL to https://download.configserver.com
  • Added check for URLGET to Server Check
  • Added option “3” for CC_LOOKUPS to also include IP ASNs via the MaxMind GeoIPASNum database
  • Updated SSH login regexes
  • Updated named regex
  • Added 30 second timeout for ST_IPTABLES iptables stats writing to prevent a child creation loop
  • Modified lfd to restart if more than 200 children are currently active to prevent child creation loops

New csf v7.56

Changes:

  • Fixed issue with Restricted UI item sanity checks failing
  • Modified LF_CSF on cPanel servers to detect a change in the cPanel version and then trigger a restart of ConfigServer scripts (lfd, MailScanner cxs Watch). Restart triggers are limited to every 12 hours and will only trigger if upcp is not running

cPanel v11.46 and csf/lfd

With the release of cPanel v11.46, changes in the cPanel provided Perl environment may cause errors in lfd with URL retrieval. To resolve the problem all that should be required is a restart of lfd. This can be done either from within the WHM csf UI or from the root shell with:

/etc/init.d/lfd restart

Check /var/log/lfd.log afterwards. This should only occur on time after the initial upgrade into cPanel v11.46.

To pre-empt the issue, you could add the above command to /scripts/postupcp