csf

Changes:

• New feature: WHM UI mod_security v1 display last X entries in the audit_log
• New feature: WHM UI mod_security v1 edit files or directories in /usr/local/apache/conf/ that are prefixed with modsec or mod_sec
• Tweaked the pre-configured Firewall Security Level settings

Changes:

• Fix to to support current EDGE in csf WHM UI

Changes:

• Tightened the mod_security v1 regex after the changes in v2.52

Changes:

• Separated the log file regex’s into regex.pm for those feeling brave to tailor them for non-cPanel servers
• Unified installer for cPanel and non-cPanel installations – so that only install.sh needs to be run (checks for the existence of /usr/local/cpanel/version If you install on a server intending to use cPanel before cPanel is installed, run the install.cpanel.sh script instead
• Added mod_security v2 regex when running Apache2 to lfd
• Added [iptext] tag for connectiontracking.txt to list all the connections of an offending IP. Add this manually for existing installations

This is a major landmark for us in the development of csf and lfd which provides installation of the firewall and daemon onto non-cPanel generic Linux distributions:

• Major Enhancement: csf+lfd can now be installed and used on a generic Linux OS without cPanel using install.generic.sh – see readme.txt for more information
• PF INVDROP entries made bi-directional if PF logging enabled (reduces the number of INVDROP LOG rules by half)
• Fixed Process Tracking throttle control to correctly use PT_INTERVAL

Changes:

• Removed option ALLOW_RES_PORTS from new installs, setting is ignored
• Check for LF at the end of form data for files edited through the WHM UI and append one if omitted
• Following the changes in 2.48 the LOGDROP chain doesn’t distinguish between incoming and outgoing blocks. So, LOGDROP has now been split into LOGDROPIN and LOGDROPOUT

Changes:

• Fixed issue if ETH_DEVICE was set and from changes in 2.48