ConfigServer Services Blog

New csf v11.04

Changes:

  • Added new configuration option LF_APACHE_ERRPORT. This option is used to determine if the Apache error_log format contains the client port after the client IP. By default it is set to autodetect

New csf v11.02

Changes:

  • Integrated UI fix for CloudFlare page
  • Removed non-participated deny options for cxs reputation service
  • Changed PT_SSHDHUNG to use a regex for process cmdline detection
  • Fixed issue with IPv6 client detection in Apache logs

New csf v11.01

Changes:

  • Corrections to readme.txt
  • In UI, display long output into fixed height divs with scrollbars and font size changer
  • Modified Server Check to not display the mod_cloudflare warning if CF_ENABLE enabled
  • Modified Server Check to display a single warning for each PHP check listing affected versions instead of multiple warnings
  • Additional exim check added to Server Check
  • Improvements to ajax output in UI

New cxs v7.03

Changes:

  • Remove the need for URI::Escape
  • Added restart of csf/lfd on upgrade if cxs Reputation System is enabled
  • Restrict the scope of perl shebang replacement when installing on cPanel servers

New csf v11.00

Changes:

  • New Feature: CloudFlare Firewall integration. This feature provides blocking and unblocking functionality with the CloudFlare Firewall from within lfd, together with new CLI commands for direct access. See documentation for CF_ENABLE in csf.conf, information in readme.txt as well as the csf man page
  • Added UI elements for CloudFlare Firewall integration
  • New CLI command –trace [ip]. This replaces the –w, –watch CLI command to Log SYN packets for an IP across iptables chains by using the iptables TRACE module
  • New Feature: Check the size of the ModSecurity IP D/B. This option will send an alert if the ModSecurity IP persistent storage grows excessively large. This is enabled on cPanel by default. See csf.conf for more information
  • New Feature: Allow use of comma separated list of ports in Advanced Allow/Deny Filters
  • WATCH_MODE in csf.conf and –w, –watch CLI commands removed in favour of the new –trace [add/remove] [ip] CLI command
  • Restrict the scope of Perl shebang replacement when installing on cPanel servers
  • Modifications and fixes for the example MESSENGERV2 templates
  • Ensure /proc/sys/net/netfilter/nf_conntrack_helper is enabled at startup to allow connection tracking to continue working on newer kernels
  • Stop needlessly setting <head> and <body> elements in Ajax returns
  • Various corrections and updates to readme.txt
  • Tweaks to the Mobile View UI button arrangement and spacing

New cxs v7.02

Changes:

  •  Restored reporting of errors/restrictions in cPanel UI which had been blocked by the move to WHM Templates

New cxs v7.01

Changes:

  • Fix to ensure only web upload script triggers with a defined remote IP are submitted to the IP Reputation System, if enabled

New cxs v7.00

Changes:

  • New feature: IP Reputation System. The system provides a variety of IP blocklists gathered from information that is submitted by participating servers. This dual aspect provides the information to help protect the server using the reputation from active attacks. See POD under “IP Reputation System” for more information
  • Added IP Reputation System to cxs UI
  • Major update to Script Version Scanning. cxs –[no]sversionscan now scans for more than 200 individual applications, more than 200 WordPress plugins and more than 200 Joomla Extensions. Over 700 in total!
  • Double fork external commands in DA UI to work around DA mod_perl restrictions, allowing full functionality