Server Software and Configuration Services
New csf v6.28
Changes:
- Fixed sanity check for UID_INTERVAL
ConfigServer Services Blog
New csf v6.27
Changes:
- Modified Apache regexes for Apache v2.4+
- Fixed UI configurable lines display for lfd.log
- Fixed length display text for CLUSTER_KEY in csf.conf
- Ignore suspendedpage.cgi triggers for LF_SYMLINK on cPanel servers
- Updated sanity checks and ranges for csf.conf settings
- Added RESTRICT_UI to Server Check recommended options
- Modified Virtuozzo/OpenVZ FTP port check to verify kernel version before issuing PASV port warning
- Added new setting PS_DIVERSITY. To specify how many different ports qualifies as a Port Scan you can increase this value. The risk in doing so will mean that persistent attempts to attack a specific closed port will not be detected and blocked. The setting defaults to the original setting of 1
- Added 3 LF_HTACCESS regexes for nginx. Remember to set MODSEC_LOG correctly for the location of the nginx error log
New cxs v3.07
Changes:
- Allow (limited) scans via UI in restricted mode
- Added Change Time (–ctime [hours]) option to UI
- If –quarantine has been disabled, ensure all reports contain a warning message with explanation
New cxs v3.06
Changes:
- Fixed bug with broken –cgi option (cxscgi.sh) from v3.05
- Fixed UI configurable lines display for cxswatch.log
- Remove immutable and append-only flags from files when moving files to quarantine or deleting
- Fixed supplied test/test.php for newer PHP versions
New cmm v1.24
Changes:
- Fixed location of sa-learn binary
- Fixed directory check logic for sa-learn feature
New cxs v3.05
Changes:
- Added /etc, /sys and /proc to directories requiring –force to be used when scanning
- Added additional checks that any specified quarantine directory is valid
- Added new option –ctime [hours]. If you run regular full system scans then you can use –ctime [hours] to only scan files changed in the intervening hours. This can speed up scan times dramatically
- Apply hfile:, hdir: and hsym: ignores to FTP upload scanning
- Exploit fingerprint definitions database additions
New csf v6.26
Changes:
- Fixed UI issue with some settings sent via the Cluster Config option
- Modified CONNLIMIT_LOGGING rule insertion point
- Added new feature: Outgoing UDP Flood Protection. This option limits outbound UDP packet floods. These typically originate from exploit scripts uploaded through vulnerable web scripts. The feature is controlled by: UDPFLOOD, UDPFLOOD_LIMIT, UDPFLOOD_BURST, UDPFLOOD_LOGGING, UDPFLOOD_ALLOWUSER
- Update the TOR URL in existing /etc/csf/csf.blocklists file if still set to the old URL
New csf v6.25
Changes:
- Fixed UI “Temporary IP entries > Flush all temporary IP entries”
- Fixed UI_USER and UI_PASS being emptied on saving the firewall configuration through the UI
- Fixed CLUSTER_KEY not displaying when RESTRICT_UI is disabled
New cmm v1.23
Changes:
- Fixed Up button
- Fixed full email view on large messages
- Updated Install/Uninstall instructions
New csf v6.24
Changes:
- Security – Removed items from Cluster Config UI option if RESTRICT_UI enabled