ConfigServer Services Blog

Changes:

• Overhaul of Apache regexes to cater for Apache v2.4 formats
• Fail with an appropriate error if attempting to use an IPv6 address but IPV6 is not enabled
• Fix to OUTPUT chain final packet failure still logging to LOGDROPOUT when DROP_OUT_LOGGING is disabled
• Strip leading and trailing spaces from form IP in csf UI
• DROP_OUT_LOGGING is now enabled by default on new installations
• ST_ENABLE is now enabled by default on new installations
• CC_IGNORE rewritten to use CC_LOOKUPS data to ignore countries. This provides a more consistent approach and quicker lookups with reduced memory footprint. CC_LOOKUPS must now be enabled to use CC_IGNORE

Changes:

• HTTP::Tiny reverted to v0.041 as it breaks on some installations

Changes:

• Modified LF_SCRIPT_ALERT to only report detected lines
• Modified Server Check for sshd_config port to be case-insensitive
• Modified PORTS_sshd check of sshd_config port to be case-insensitive
• HTTP::Tiny upgraded to v0.042
• Reverse sort temp bans in UI

Changes:

• File globbing is now allowed for logs listed in csf.logfiles and csf.syslogs
• Added Server Reports recommendation for CloudLinux if running CentOS or RedHat
• Added Server Reports CloudLinux security feature checks
• Modified Server Report check for dovecot v2
• Updated Server Report version checks for Fedora, MySQL and Apache
• Added missing bracket to regex.custom.pm example
• Added new PORTS_* options to csf.conf to allow custom modification of LF_SELECT application ports
• Added Cached memory to the System Statistics
• Added full pseudo-breadcrumbs to cPanel csf UI
• Added new CLI and UI commands to backup/restore csf.conf and to apply preconfigured csf.conf profiles. See “man csf” and UI for more details of the “csf –profile [OPTIONS]” commands
• HTTP::Tiny upgraded to v0.041