Server Software and Configuration Services
New csf v7.11
Changes:
- DROP_PF_LOGGING disabled by default on new installs as enabling by default will just cause confusion
ConfigServer Services Blog
New csf v7.10
Changes:
- Removed debugging code from Port Scan Tracking
New csf v7.09
Changes:
- Set scripts (.pl,.cgi,.php,.sh,.py) in /etc/csf/ to chmod 700
- Simplified PACKET_FILTER rules for dropping INVALID connection tracking states. This feature now only applies a single rule for incoming INVALID packets
- DROP_PF_LOGGING enabled by default on new installs
- INVALID added as an option to PS_PORTS so that PACKET_FILTER logs will be ignored by Port Scan Tracking by default, but can be added if desired
- Modified ST_ENABLE locking
- Regex updates to cater for Plesk 12 – thanks to Marcel Evenson
- Fixed issue with temporary allow/deny comment not being parsed correctly when port * specified
New cmc v1.14
Changes:
- Modified cmc map to only show users and domains with actual exceptions
New cmc v1.13
Changes:
- Added support for Concurrent logs stored in the cPanel directory:
/usr/local/apache/logs/modsec_audit/ - Added cmc user/domain configuration map
New csf v7.07
Changes:
- Modified lfd to silently drop ST_ENABLE lock queue entries unless DEBUG is enabled
- Modified ST_ENABLE logging to append to data file and only truncate when needed
New csf v7.06
Changes:
- Added locking to ST_ENABLE and ST_SYSTEM to prevent child process queues
New cxs v5.03
Changes:
- Removed a false-postitive fingerprint definition
- Exploit fingerprint definitions database additions
New csf v7.05
Changes:
- Fix SMTPAUTH_RESTRICT where IPv6 addresses need to be quoted for exim
New cxs v5.02
Changes:
- Ensure –ignore [file] is always loaded last
- Allow ignoring of Fingerprints
- New master bayes corpus generated
- Exploit regex definitions database additions
- Exploit fingerprint definitions database additions