New csf v10.00

Changes:

  • Added new feature to MESSENGER: MESSENGER_HTTPS*. See /etc/csf/csf.conf for more detail. This option redirects blocked IP addresses that connect over an HTTPS connection (port 443) to the HTML MESSENGER service. The option uses existing SSL certificates on the server for each domain to maintain a secure SSL SNI connection without browser warnings. The setting is disabled by default

    Note: The perl module IO::Socket::SSL (v1.83+) with support for SNI must be available to use MESSENGER_HTTPS* otherwise it will be disabled

  • Added new feature to MESSENGER: Google ReCAPTCHA (v2) to allow those blocked in the firewall to unblock themselves. See RECAPTCHA_* in /etc/csf/csf.conf for more details and limitations
  • Added MESSENGER procedure to restart listening sub-process if it has died
  • Moved MESSENGER processes to a separate module
  • Ensure that all forked processes terminate appropriately
  • On cPanel servers, use the cPanel WHM Template to support the new v64 UI layout (as best we can to maintain the look that we want)
  • Modified the cPanel csf ACL metadata and driver Perl modules to match new requirements for v64 and also maintain backwards compatibility