ConfigServer Services Blog

New csf v3.43

Changes:

  • Improved application IP block checking
  • Restored the option LF_SCRIPT_PERM with additional checks for directories within the cPanel homedirs and for symlinks. Warning added to csf.conf for this option
  • Added random query-source port setting for BIND to the Server Report

New csf v3.42

Changes:

  • Corrected information for LF_TRIGGER_PERM in the generic csf.conf to be the same as the cPanel csf.conf
  • If LF_SELECT is enabled make sure all cPanel ports are blocked on cpanel login failure. This was only doing ports 2082,2083 and will now block 2082,2083,2086,2087,2095,2096

New csf v3.41

Changes:

  • Added new mechanism to allow custom regular expression matching with individual settings for lfd login failure detection. See /etc/csf/regex.custom.pm for details
  • Modified all timestamps in lfd reports to also include the standard timezone offset (i.e. from GMT)
  • Added new setting CC_LOOKUPS to control the new Country Code lookups (enabled by default)
  • DROP_IP_LOGGING automatically disabled if PS_INTERVAL is enabled
  • PS_INTERVAL enabled by default on new installations
  • Doubled the number of lines before log file flooding detection will be triggered

New csf v3.40

Changes:

  • Added queuealert.txt to the WHM UI dropdown list for editing
  • Clarified in csf.conf that setting LF_QUEUE_ALERT to 0 disables the check
  • Added Country Code lookups for IP addresses. Any reported IP addresses will include the international CC where available. It should be noted that with international ISPs this may not be wholly accurate. Where possible the CC will be translated into the associated country name

clamd problems after upgrading to ClamAV v0.93.2 for some

If you’re seeing the following when trying to restart clamd after upgrading to the latest version of ClamAV:

# service clamd restart Starting clamd: LibClamAV Error: cli_dbgets: Preliminary end of data LibClamAV Error: cli_dbgets: Preliminary end of data LibClamAV Error: cli_dbgets: Preliminary end of data LibClamAV Error: Empty database file LibClamAV Error: Can’t load daily.db: Malformed database LibClamAV Error: cli_tgzload: Invalid size in header LibClamAV Error: Can’t load /usr/local/share/clamav/daily.cld: Malformed database ERROR: Malformed database

The it appears ClamAV have borked your freshclam database. To fix:

rm -Rfv /usr/local/share/clamav/*freshclamservice clamd restart

New csf v3.39

Changes:

  • Added new option IGNORE_ALLOW which, if enabled, lfd will ignore IP addresses listed in the csf.allow file and not block them
  • Added new option LF_QUEUE_ALERT, which will send an email alert using queuealert.txt if the exim queue length exceeds the value it is set to. The check is repeated every LF_QUEUE_INTERVAL seconds. If the ConfigServer MailScanner configuration is being used, both the MailScanner pending and exim delivery queues will be checked. This is a cPanel only option
  • Added new option CT_PORTS to Connection Tracking so that you can

New ClamAV v0.93.2

Changes:

  • This release fixes and re-enables the Petite unpacker, improves database loading and solves some other minor issues.

Upgrade available within MSFE.

New csf v3.38

Changes:

  • Additional SSHD regex added to regex.pm
  • Improved the WHM UI reporting of the csf status: disabled, running, testing mode
  • Added Enable/Start buttons to WHM UI next to the csf status if disabled/stopped
  • Updated Server Report checks for csf status
  • Changed the destination of the ConfigServer Services link at the bottom of the WHM UI to go to the csf web page