Server Software and Configuration Services
New csf v3.27
Changes:
- Modified csf -dr option to delete advanced filter IP matches as well as simple matches in csf.deny
ConfigServer Services Blog
New csf v3.26
Changes:
- Added new CLI option to csf, -g –grep will search the iptables chains for a specified match which is either explicit or part of a CIDR
- Added WHM UI option for csf –grep
- Added new CLI option to csf, -dr –denyrm will remove an IP address from csf.deny and unblock it
- Added WHM UI option for csf –denyrm
New csf v3.25
Changes:
- Added csf.suignore file where you can list usernames that are ignored during the LF_EXPLOIT SUPERUSER test
- New option PT_LOAD_ACTION added that can contain a script to be run if PT_LOAD triggers an event. See csf.conf for more information
- Added SUPERUSER check to Server Check Report
- Added Suhosin check to Server Check Report
Problems with LWP and access to https URL's
If you’re using perl scripts on your server that use LWP and suddenly find them failing with connections to https resources with the following type error:
500 read failed: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
then you’ve probably got LWP v5.811 installed which breaks SSL connections! The author fixed the problem he created after about two days with v5.812 but the damage was done on many servers. cPanel have put a hold back on cpan module updates for LWP to v5.810 but if your servers already upgraded LWP then you’ll need to either upgrade it manually from the cpan source to v5.812 or downgrade to v5.810.Downgrading LWP:
wget http://search.cpan.org/CPAN/authors/id/G/GA/GAAS/libwww-perl-5.810.tar.gztar -xzf libwww-perl-5.810.tar.gzcd libwww-perl-5.810perl Makefile.PLmake(take the default options unless you want to additional binaries installed)make install
New csf v3.24
Changes:
- Allow comments after IP addresses in csf.dyndns
- Added new login failure option LF_SUHOSIN which detects alert messages and blocks the attacker IP after the configured number of matches
- Added a new exploit check for non-root superuser accounts
- Added a new configuration option LF_EXPLOIT_CHECK which allows you to configure which tests are performed by LF_EXPLOIT
New MailScanner Script v2.65
Changes:
- New version of MailScanner v4.68.8
New ClamAV v0.93
Changelog:http://sourceforge.net/project/shownotes.php?release_id=592112Upgrade through WHM MSFE.
New csf v3.23
Changes:
- Modified the Server Report code for checking PHP variables to be more lenient when checking the output from /usr/local/bin/php -i
- Modified lfd calculation of Jiffies to use the POSIX::sysconf function to obtain the clock ticks instead of assuming 100 ticks for Linux
- Fix duplicate LF_INTEGRITY emails
New csf v3.22
Changes:
- Changed DROP_IP_LOGGING logging advice in csf.conf to NOT use this setting if you use Port Scan Tracking as it will cause redundant blocks
- Added tag [hostname] to all of the alert reports. You will need to add this manually to the report text Subject: line (or anywhere else in the report that you would like it) for existing installations
- Added “A note about FTP over TLS/SSL” to readme.txt
New csf v3.21
Out apologies for the multiple releases today, but the new options behaved differently from testing in live environments.Changes:
- Fixed problem in Server Check that caused an error in some situations
- Modified netblock caching code to prevent repeated block attempts