ConfigServer Services Blog

New cxs v4.19

Changes:

  • Additions to main decoder regex
  • Modified option –template [file]. You can now use this to email the end user when performing –allusers and –user [user] scans. See the cxs Documentation for –template [file] for more information
  • Output improvements to –qview [file] and more information provided in the POD
  • Exploit fingerprint definitions database additions

 

New cmc v1.11

Changes:

  • Fixes to feature to Enable/Disable modsecparse.pl
  • Added full pseudo-breadcrumbs to cPanel cmc UI

 

New csf v6.47

Changes:

  • Overhaul of Apache regexes to cater for Apache v2.4 formats
  • Fail with an appropriate error if attempting to use an IPv6 address but IPV6 is not enabled
  • Fix to OUTPUT chain final packet failure still logging to LOGDROPOUT when DROP_OUT_LOGGING is disabled
  • Strip leading and trailing spaces from form IP in csf UI
  • DROP_OUT_LOGGING is now enabled by default on new installations
  • ST_ENABLE is now enabled by default on new installations
  • CC_IGNORE rewritten to use CC_LOOKUPS data to ignore countries. This provides a more consistent approach and quicker lookups with reduced memory footprint. CC_LOOKUPS must now be enabled to use CC_IGNORE

 

New csf v6.45

Changes:

  • Modified LF_SCRIPT_ALERT to only report detected lines
  • Modified Server Check for sshd_config port to be case-insensitive
  • Modified PORTS_sshd check of sshd_config port to be case-insensitive
  • HTTP::Tiny upgraded to v0.042
  • Reverse sort temp bans in UI

 

New cxs v4.17

Changes:

  • Unsupported option –YSKIPWMAIL added. Using this, If –options [W] or –options [wW] is triggered, then the directory will be chmod as normal but no email will be sent. If any other option is triggered for the same scan, the email will still be sent. This option only applies to cxs Watch
  • Added full pseudo-breadcrumbs to cPanel csf UI
  • HTTP::Tiny upgraded to v0.042
  • On cPanel servers, use cPanel provided perldoc binary in UI if present
  • Exploit fingerprint definitions database additions

 

New csf v6.44

Changes:

  • File globbing is now allowed for logs listed in csf.logfiles and csf.syslogs
  • Added Server Reports recommendation for CloudLinux if running CentOS or RedHat
  • Added Server Reports CloudLinux security feature checks
  • Modified Server Report check for dovecot v2
  • Updated Server Report version checks for Fedora, MySQL and Apache
  • Added missing bracket to regex.custom.pm example
  • Added new PORTS_* options to csf.conf to allow custom modification of LF_SELECT application ports
  • Added Cached memory to the System Statistics
  • Added full pseudo-breadcrumbs to cPanel csf UI
  • Added new CLI and UI commands to backup/restore csf.conf and to apply preconfigured csf.conf profiles. See “man csf” and UI for more details of the “csf –profile [OPTIONS]” commands
  • HTTP::Tiny upgraded to v0.041