ConfigServer Services Blog

New cse v1.10

Changes:
– Added support for cPanel v11.38.1+ AppConfig addon registration
– Improvements to the Virtual Console output

NOTE: In accordance with the new conventions for v11.38.1+ AppConfig the url to the csf WHM plugin will change from /cgi/addon_cse.cgi to /cgi/configserver/cse.cgi. This will only happen with cse v1.10+ and cPanel v11.38.1+. Older version of cse will continue to use the old URL. This has no particular relevance to users accessing through WHM, but will affect direct URL access by users or third party applications

New cmq v1.13

Changes:
– Added support for cPanel v11.38.1+ AppConfig addon registration

NOTE: In accordance with the new conventions for v11.38.1+ AppConfig the url to the cmq WHM plugin will change from /cgi/addon_cmq.cgi to /cgi/configserver/cmq.cgi. This will only happen with cmq v1.13+ and cPanel v11.38.1+. Older version of cmq will continue to use the old URL. This has no particular relevance to users accessing through WHM, but will affect direct URL access by users or third party applications

New cmm v1.21

Changes:
– Added support for cPanel v11.38.1+ AppConfig addon registration
– Switched to using /etc/userdomains from /etc/localdomains + /etc/remotedomains to give more accurate domain/account listings

NOTE: In accordance with the new conventions for v11.38.1+ AppConfig the url to the cmm WHM plugin will change from /cgi/addon_cmm.cgi to /cgi/configserver/cmm.cgi. This will only happen with cmm v1.21+ and cPanel v11.38.1+. Older version of cmm will continue to use the old URL. This has no particular relevance to users accessing through WHM, but will affect direct URL access by users or third party applications

New cmc v1.05

Changes:
– Added support for cPanel v11.38.1+ AppConfig addon registration

NOTE: In accordance with the new conventions for v11.38.1+ AppConfig
the url to the cmc WHM plugin will change from /cgi/addon_cmc.cgi to
/cgi/configserver/cmc.cgi. This will only happen with cmc v1.05+ and
cPanel v11.38.1+. Older version of cmc will continue to use the old
URL. This has no particular relevance to users accessing through WHM,
but will affect direct URL access by users or third party
applications

New cxs v2.96

Changes:
– Fixed –xtra [file] detection for regfile: and file: entries
– Exploit regex definitions database additions
– Exploit fingerprint definitions database additions

New csf v6.12

Changes:
– Added iptables UID logging for dropped outgoing packets
– New feature – DROP_OUT_LOGGING. Enables iptables logging of dropped outgoing connections. Where available, these logs will also include the UID connecting out which can help track abuse. Note: Only outgoing SYN packets for TCP connections are logged. The option is not enabled by default, but we recommend that it is enabled
– Option DROP_ONLYRES now only applies to incoming port connections
– New feature – User ID Tracking. This feature tracks UID blocks logged by iptables to syslog. If a UID generates a port block that is logged more than UID_LIMIT times within UID_INTERVAL seconds, an alert will be sent. Requires DROP_OUT_LOGGING to be enabled
– Modified Port Scan Tracking regexes to ensure only incoming connections are tracked
– Added Server Check for dhclient running
– Added Server Check on cPanel servers for antirelayd
– Added Server Check on for a swap file (don't bother on Virtuozo)
– Added Server Check for xinetd, qpidd, portreserve and rpcbind in Services Check since most people won't use them

New csf v6.11

Changes:
– Fixed SMTP_ALLOWLOCAL not functioning correctly. Added IPv6 support for SMTP_ALLOWLOCAL
– Removed SMTP_BLOCK restriction for IPv6 requiring port 25 to be present in TCP6_OUT

New csf v6.10

Changes:
– New feature – separate Blocklist configuration file to allow for expansion of the available block lists. The following options have been removed from csf.conf and a new csf.blocklists file added to configure blocklists: