csf

New csf v5.72

Changes:
– Added missing DD setting in DA and generic installations for ST_DISKW
– Modified IPv6 port settings to reflect IPv4 port settings for new installs in csf.conf
– If a deleted executable process is detected and reported then do not further report children of the parent (or the parent itself if a child triggered the report) if the parent is also a deleted executable process
– Parent PID added to PT_DELETED_ACTION parameters
– In the Server Report allow for spaces before Apache directives
– Updated instructions for modifying log_selector for exim configurations in readme.txt and Server Report
– Modify DD calculation for ST_DISKW for disks that report in GB/s
– Updated to use the new cPanel 11.36+ integrated perl binary if exists

New csf v5.71

Changes:
– Fixed problem processing dd output for ST_DISKW on some systems
– Fixed dovecot imap login failure regex processing
– Added regexes for dovecot pop3 and imap raw logs (i.e. not syslog)

New csf v5.70

Changes:
– Fixed an issue with PERMBLOCK introduced in v5.68

New csf v5.68

Changes:
– New feature added – LF_DIST_INTERVAL. This option provides a separate timing interval for both LF_DISTFTP and LF_DISTSMTP. By default it is set to 300 seconds
– Implemented better handling of repeat blocks when an IP is already temporarily or permanenetly blocked
– Added missing inclusion of Time::HiRes in csf.pl
– Silence LF_DISTFTP and LF_DISTSMTP ignored IP logging to lfd.log unless DEBUG enabled
– Silence DYNDNS IP address updates to lfd.log unless DEBUG enabled
– RELAYHOSTS setting now defaults to “0” to improve security on cPanel servers
– Increased default value of DENY_IP_LIMIT to 200

New csf v5.67

Changes:
– Fixed a problem with permanent IP blocking when using LF_SELECT

New csf v5.66

Changes:
– Implemented a new locking system to try to mitigate an iptables bug when issuing concurrent iptables commands
– Implement flushing on the lfd pid file so that it is always accurate
– Improvements to csf –grep [ip] to escape regular expression matching
– New feature added – LF_REPEATBLOCK. This option instructs csf to deny an already blocked IP address the number of times set. See csf.conf for more information
– New feature added – LF_BLOCKINONLY. This option instructs csf to only block inbound traffic from those IP's and so reduces the number of iptables rules, but at the expense of less effectiveness. See csf.conf for more information
– New feature added – ST_DISKW. This option adds disk write performance statistics to the stats graphs. See csf.conf for more information
– Fixed file location for Debian and derivative OS's for /etc/mysql/my.cnf in Server Check

New csf v5.65

Changes:
– Removed some of the command locking as it was causing lfd hangs

New cxs v2.71

Changes:
– cxs will now treat .htaccess files as script files and fingerprints have been added for common exploits
– Added more information about existing csf anf cxs integration options (i.e. UI, ModSecurity, pure-ftpd)
– Added information that restores from quarantine must be done through the UI
– Exploit fingerprint definitions database additions

New csf v5.63

Changes:
– Implemented a locking and retry system to try to mitigate an iptables bug when issuing concurrent iptables commands