ConfigServer Services Blog

New csf v2.77

Changes:

  • Closed vulnerability with temporary file checking
  • Tightened log file regex’s to prevent spoofed remote IP block attacks

Inept PHP developers strike again

Why on earth are the developers of PHP incapable of making their scripting language backwards compatible? It really, seriously, beggars belief. I’ll be sure to stick to perl scripts in the future as I’m sick and tired of their lack of professionalism when it comes to language development.BTW, a php upgrade today broke a couple of our website applications again, including the blog and forum, which seems to be an all too common occurrence.Inept idiots.IMHO 😉

New csf v2.76

Changes:

  • Improved file checking in Server Check script to prevent WHM failures

New csf v2.75

Changes:

  • Modified Server Check to only look at pure-ftpd settings if installed
  • Simplified throttling mechanism

New csf v2.74

Changes:

  • Modified PHP Server Checks to use the php binary output instead of trying to find the active php.ini file
  • Added PHP Server Check for register_globals
  • Improvements to the Server Check code
  • Fixed bug in TCP port 23 check in Server Check
  • Added new option –check (-c) to check whether the installed version of csf is the latest, no update is performed
  • Added multiple csf configuration checks to the Server Check report
  • Added throttling to LF_INTEGRITY and increased the timeout proportionally

Recipient/Sender verification issue from older cPanel v11 CURRENT

If you are finding :fail: messages ending up in the exim queue, then the cause is most likely a bug that was in an older cPanel v11 CURRENT release that introduced a miss-configuration in exim.conf. This has been fixed in the latest builds, but if you were an early v11 adopter your exim.conf may be incorrect.You can check this by going into the WHM > Exim Configuration Editor > Advanced Mode and scrolling down to the ACL section. Then check for the following lines:require verify = recipientand:require verify = senderBoth lines will probably have related message and comments around them. You need to ensure that the recipient verification comes before the sender verification. If it doesn’t, switch the blocks around and save the configuration.This problem is also responsible for root email delivery failures for the root crontab jobs and with the global abuse and postmaster /etc/myaliases file setup that we perform.

New ClamAV v0.90.3

Changes:

This release fixes some security bugs in libclamav and improvesstability under Solaris. Please see ChangeLog for complete list of changes.

You can upgrade through the WHM UI or from:http://www.configserver.com/cp/upgrade.html

New csf v2.73

Changes:

  • Modified SMTP_BLOCK warning on VPS servers to only display if the option is enabled
  • Modifed the Server Services Check text to omit using -del with chkconfig and better explain that a process is enabled even if it is not currently running and needs to be disabled to prevent startup on boot
  • Removed reliance on wget for updates and version checks
  • Coding improvements in csf.pl and addon_csf.cgi
  • Added /var/log/lfd.log tail automatic refresh to WHM UI

New csf v2.72

Changes:

  • Fixed problem with DENY_IP_LIMIT not counting all IP entries in csf.deny correctly
  • Ignore and issue a warning if SMTP_BLOCK is enabled on a Vituozzo VPS since the Virtuozzo VPS kernel does not support ipt_owner
  • Remove Shell/Fork Bomb Protection check (if a VPS) in Server Check as the option breaks a Virtuozzo VPS if enabled
  • Added more processes to check in Server Services Check
  • Removed restriction on outbound source port rule construction

New Vipul's Razor Released v2.84

A new version of Vipul’s Razor has been released:http://sourceforge.net/project/shownotes.php?release_id=510715Those running MailScanner should upgrade to benefit from the changes.Upgrade instructions:

wget http://prdownloads.sourceforge.net/razor/razor-agents-2.84.tar.bz2tar -xjf razor-agents-*cd razor-agents-*perl Makefile.PL makemake installcd ..razor-admin -createrazor-admin -register/bin/rm -Rf razor-agents-*