cPanel

New MailScanner Script v2.69

Changes:

  • Documentation updated
  • Changed chkservd restart from using the init script to using /scripts/restartsrv_chkservd

New csf v4.09

Changes:

  • Modification to cPanel version to restart chkservd using /scripts/restartsrv_chkservd instead of the init script as the latter is removed in the latest EDGE release that puts chkservd under the control of tailwatchd (/scripts/restartsrv_chkservd is a stub for restarting tailwatchd in the latest EDGE instead of a direct restart script in older cPanel versions). chkservd is restarted when csf is installed/uninstalled/upgraded/disabled/enabled

New csf v4.06

Our apologies for the slew of updates due to the major changes in v4. Hopefully things will settle down again now ;)Changes:

  • Moved the GALLOW, GDENY, SPAMHAUS, DSHIELD and DYNDNS rules to the LOCALxxPUT chains so that the entries can be correctly listed with ACCEPT’s at the top and DENY’s at the bottom of the chain
  • Repositioned the cPanel Bandmin acctboth rule entry in the INPUT and OUTPUT chains so that bandwidth accounting is kept accurate
  • Fixed a problem processing advanced port filters in GLOBAL_ALLOW and GLOBAL_DENY

New csf v4.04

Changes:

  • Fixed problem with rule placement for ETH_DEVICE_SKIP
  • Ensure all ALLOW requests are inserted before DENY requests after csf has been restarted
  • Ensure that fwlogwatch stats creation uses IPTABLES_LOG file
  • Only perform operations on the nat table if MESSENGER service is enabled
  • lfd Process Tracking will now ignore MESSENGER_USER messenger services
  • Added new option PT_ALL_USERS so that all Linux accounts on a cPanel server are checked in Process Tracking, not just cPanel users. This option is disabled by default on cPanel servers. Enabling this option may require adding exceptions to csf.pignore
  • Additional exceptions added to csf.pignore for cPanel servers for the new PT_ALL_USERS option
  • PT_SKIP_HTTP now disabled by default for new installations
  • Added PT_ALL_USERS and PT_SKIP_HTTP checks to the WHM Server Check

New ClamAV v0.94

Changes:

  • http://www.clamav.net/press/0.94-WhatsNew.pdf

New MailScanner Script v2.68

Changes:

  • Brought MailScanner In Only exim init script inline with the latest from cPanel with the use of tailwatchd
  • New Mailscanner v4.71.10:http://www.mailscanner.info/ChangeLog

New csf v3.43

Changes:

  • Improved application IP block checking
  • Restored the option LF_SCRIPT_PERM with additional checks for directories within the cPanel homedirs and for symlinks. Warning added to csf.conf for this option
  • Added random query-source port setting for BIND to the Server Report

New csf v3.42

Changes:

  • Corrected information for LF_TRIGGER_PERM in the generic csf.conf to be the same as the cPanel csf.conf
  • If LF_SELECT is enabled make sure all cPanel ports are blocked on cpanel login failure. This was only doing ports 2082,2083 and will now block 2082,2083,2086,2087,2095,2096

New ClamAV v0.93.3 :rolleyes:

Changes (surprise! surprise!):

  • This release fixes a problem in handling of .cld files introduced in 0.93.2

At least they fixed it – after they broke it.

clamd problems after upgrading to ClamAV v0.93.2 for some

If you’re seeing the following when trying to restart clamd after upgrading to the latest version of ClamAV:

# service clamd restart Starting clamd: LibClamAV Error: cli_dbgets: Preliminary end of data LibClamAV Error: cli_dbgets: Preliminary end of data LibClamAV Error: cli_dbgets: Preliminary end of data LibClamAV Error: Empty database file LibClamAV Error: Can’t load daily.db: Malformed database LibClamAV Error: cli_tgzload: Invalid size in header LibClamAV Error: Can’t load /usr/local/share/clamav/daily.cld: Malformed database ERROR: Malformed database

The it appears ClamAV have borked your freshclam database. To fix:

rm -Rfv /usr/local/share/clamav/*freshclamservice clamd restart