csf

Changes:

• Modified PHP Server Checks to use the php binary output instead of trying to find the active php.ini file
• Added PHP Server Check for register_globals
• Improvements to the Server Check code
• Fixed bug in TCP port 23 check in Server Check
• Added new option –check (-c) to check whether the installed version of csf is the latest, no update is performed
• Added multiple csf configuration checks to the Server Check report
• Added throttling to LF_INTEGRITY and increased the timeout proportionally

Changes:

• Modified SMTP_BLOCK warning on VPS servers to only display if the option is enabled
• Modifed the Server Services Check text to omit using -del with chkconfig and better explain that a process is enabled even if it is not currently running and needs to be disabled to prevent startup on boot
• Removed reliance on wget for updates and version checks
• Coding improvements in csf.pl and addon_csf.cgi
• Added /var/log/lfd.log tail automatic refresh to WHM UI

Changes:

• Fixed problem with DENY_IP_LIMIT not counting all IP entries in csf.deny correctly
• Ignore and issue a warning if SMTP_BLOCK is enabled on a Vituozzo VPS since the Virtuozzo VPS kernel does not support ipt_owner
• Remove Shell/Fork Bomb Protection check (if a VPS) in Server Check as the option breaks a Virtuozzo VPS if enabled
• Added more processes to check in Server Services Check
• Removed restriction on outbound source port rule construction

Changes:

• Added back LF_DIRWATCH_DISABLE functionality securely
• Fixed bug where a suspicious directory would not be removed with LF_DIRWATCH_DISABLE
• Added perl module check for File : : Path
• Added path configuration to tar and chattr in csf.conf
• Added new option LF_SMTPAUTH which checks for SMTP AUTH exim login failures. When upgrading the new setting will be set to whatever you have LF_FTPD set to

Changes:

• Security Fix – If you have LF_DIRWATCH_DISABLE on then this can lead to arbitray code being executed in the context of the user running lfd, i.e. root. This option has been disabled in the code until further notice. You will have to manually remove any reported files.
• Tightened csf file ownerships on installation

*ALL INSTALLATIONS SHOULD BE UPGRADED ASAP TO AVOID POTENTIAL EXPLOITATION*You can upgrade csf either through WHM or from the root shell using:

Changes:

• New Feature: System Integrity Checking. This enables lfd to compare md5sums of the servers OS binary application files from the time when lfd starts. If the md5sum of a monitored file changes an alert is sent. This option is intended as an IDS (Intrusion Detection System) and is the last line of detection for a