csf

New cxs v1.19

Changes:

  • Fixed bug preventing csf from blocking FTP IP addresses when –block used
  • Added failure message from csf to FTP email if deny fails
  • Added new exploit scanning option W to be used with –option (must be explicitly added to the options list – the same way as the C option). The W option will chmod all world writable directories found to 755. Use this option with care as it could prevent web scripts from functioning on non-suPHP or non-SUEXEC enabled systems

New csf v4.89

Changes:

  • New SSHD regex added
  • Added Server Check to check whether SSHD UseDNS is set to “no” – it should be disabled
  • Added an Important Note to the readme.txt regarding the sshd UseDNS setting
  • Speedup for LF_DIRWATCH regex matching

New csf v4.88

Changes:

  • Fixed URL’s in Server Check report for cPanel if Security Tokens are enabled in v11.25+
  • Added ipv6 explanation that the information is determined from the output from ifconfig and display ipv6 addresses found
  • Added the ability to use Include statements in csf.deny and csf.allow, see readme.txt for information and restrictions

New csf v4.87

Changes:

  • Ignore csf.rignore for LT_POP3D and LT_IMAPD
  • Removed unnecessary csf.locks during some GLOBAL list updates
  • Updated Copyright notice
  • Modified the block message for LF_MODSEC and LF_SUHOSIN to be more appropriate ( i.e. not “login failures” )
  • Added new block options for BIND denied requests: LF_BIND, LF_BIND_PERM, BIND_LOG. This works in the same way as the other similar blocks, e.g. LF_SUHOSIN. It will block IP addresses that have had BIND (named) requests denied more than LF_BIND times in LF_INTERVAL seconds. Currently named client denied log lines for “update” and “zone transfer” trigger the option
  • Modified GLOBAL_ routines to continue if retrieval for one fails instead of immediately exiting
  • Added IPv6 check to Server Check
  • Display DNS lookup results for IP addresses if CC_LOOKUPS is enabled on single line comments (lfd.log, csf.deny, etc)
  • Added new options LF_PERMBLOCK_ALERT and LF_NETBLOCK_ALERT so that the respective email alerts can be disabled
  • Updated IP::Country

New csf v4.86

Changes:

  • Added Dovecot regex checking for LT_POP3D and LT_IMAPD
  • Modified Server Check for Fedora v10 EOL now that Fedora v12 has been released
  • Improved Dovecot IMAP and POP3D login failure regex
  • Ignore RELAYHOSTS setting for LT_POP3D and LT_IMAPD
  • Fixed TLSCipherSuite Server Check for proftpd
  • Added SSHD regex for “Did not receive identification string from IP” failures

New csf v4.85

Changes:

  • Further improvements to ICMP rule filters
  • Added backup mod_security log viewer for non-cPanel servers

New csf v4.84

Changes:

  • Mod_security log viewer removed from csf in favour of cmc
  • Improved ICMP rule filtering. This could help some hosts that experience connection issues with csf
  • Added ICMP regex checking to Port Scan Tracking. Add ICMP to PS_PORTS to include this, i.e. to Port Scan for all ports use:PS_PORTS = “0:65535,ICMP”This is now the default on new installations

New csf v4.83

Changes:

  • Added multiple checks to the Server Check for new cPanel v11.25 security settings
  • Tidied up and rearranged the main UI
  • Removed redundant UI options
  • Added total perm bans to UI

New csf v4.82

Changes:

  • Removed the need for UI lfd cron restart jobs on Direct Admin