New csf v11.07

Changes:

• Added missing WAITLOCK to iptables when processing advanced port filters in csf and lfd and checking csf status in UI
• Added WAITLOCK, if enabled, to iptables-restore commands during FASTSTART
• Server Check Report – removed ini_set check as so many scripts use ini_set nowadays. Updated text on various checks
• Updated the postfix SMTP AUTH regex
• Added new SSHD “maximum authentication attempts exceeded” regex
• Set basic PATH before running csfpre.sh/csfpost.sh to avoid binary location issues
• csf now runs csfpre.sh/csfpost.sh directly without forcing it through /bin/sh. If present, csf chmods the script 0700 and checks for a shebang. If the shebang is missing #!/bin/bash is added to the top. The script is then run
• Added seventh parameter to regex.custom.pm to allow Cloudflare blocking if a CUSTOM regex is triggered (see latest regex.custom.pm in distro)
• Rearranged UI tabs and shortened tab names. Moved quick actions to the top of the “csf” tab pane
• Added “AUTH command used when not advertised” to the LF_EXIMSYNTAX regex check
• Added new csf CLI cluster option: -ci, –cignore ip [comment] This will add the IP to each remote /etc/csf/csf.ignore member and then restart lfd. This has also been added to the UI
• Fixed cluster grep output in UI
• Modified MESSENGERV2 to support combined certificates+keys in cPanel v68+
• Added triggered setting and, if applicable, temporary TTL to the “Blocked:” status in block alert emails
• Added “wildcard” option to “Search System Logs” UI to use ZGREP to search the specified log with a wildcard suffix
• ZGREP option added to csf.conf which must point to the zgrep binary
• Added git binaries to csf.pignore on cPanel servers for upcoming v72/74 features