ConfigServer Services Blog

Changes:

• Fixed UI issue with some settings sent via the Cluster Config option
• Modified CONNLIMIT_LOGGING rule insertion point
• Added new feature: Outgoing UDP Flood Protection. This option limits outbound UDP packet floods. These typically originate from exploit scripts uploaded through vulnerable web scripts. The feature is controlled by: UDPFLOOD, UDPFLOOD_LIMIT, UDPFLOOD_BURST, UDPFLOOD_LOGGING, UDPFLOOD_ALLOWUSER
• Update the TOR URL in existing /etc/csf/csf.blocklists file if still set to the old URL

Changes:

• Fixed UI “Temporary IP entries > Flush all temporary IP entries”
• Fixed UI_USER and UI_PASS being emptied on saving the firewall configuration through the UI
• Fixed CLUSTER_KEY not displaying when RESTRICT_UI is disabled

Changes:

• Security – Removed items from Cluster Config UI option if RESTRICT_UI enabled

Changes:

• Security – added new option RESTRICT_UI. This options restricts the ability to modify settings within csf.conf from the csf UI. Should the parent control panel be compromised, these restricted options could be used to further compromise the server. This option is enabled by default on all installations
• Added entries to csf.pignore on new installations on cPanel servers for Dovecot v2.2 (cPanel v11.40+)
• Fixed UI Template validation error message