New cxs v8.10

Changes:

  • Modified UI display of the current configuration for the various cxs commands so that it shows a quarantine error if present
  • Added buttons to UI to display the current configuration for the Daily and Weekly cxs commands
  • Added golang file detection for exploit fingerprints

New cxs v8.08

Changes:

  • Added buttons to UI to display the current configuration for the various cxs commands
  • Added timeout to d/b connect to prevent hanging processes waiting for a d/b lock
  • Improved efficiency of /etc/cxs/cxscgi.queue processing
  • Improved efficiency of quarantine scan processing in UI

New cxs v8.05

Changes:

  • Added new option –cutcgimail. This option suppresses emails sent by cxs for ModSecurity hits from /etc/cxs/cxscgi.sh where the reported web script does not exist on the server. Any configured quarantine or delete operations will still be performed. Note: This option is the synonymous with the unsupported –YSKIPCGI option which will continue to work in the same way
  • Added –cutcgimail to the cxs ModSecurity Wizard as “Reduce the number of emails from ModSecurity hits”
  • Changed the wording in the email sent where the reported web script does not exist on the server
  • Improvements to the saving logic in the various UI Wizards

New cxs v8.03

Changes:

  • Fix issue using stat() after abs_path() on an orphaned sylink

    NOTE: If you received error “Use of uninitialized value $arg in stat”
    during a a cron job scan, that scan will still have completed
    successfully and this fixes that issue

  • Ensure d/b is closed after processing dbreport
  • Ensure crond is restarted after making changes to cxs-cron