New cxs v9.25


  • Create /var/log/cxsreports/ on installation/upgrade
  • Change documentation to use /var/log/cxsreports/ for –report [file]
  • Change cxs-cron for new installations to create logs in /var/log/cxsreports/
  • Added direct link to Scan Reports in the UI for previous scan reports if logged in the database
  • Fixed FA5 HTML icon

New csf v12.09


  • Added new option CT_SUBNET_LIMIT. If the total number of connections from a class C subnet is greater than this value then the offending subnet is blocked according to the other CT_* settings. This option is disabled by default
  • Removed ALTTOR from csf.blocklists on new installations as it has been discontinued
  • Use ConfigServer::Slurp to read csf.resellers to avoid invalid line endings
  • Modified CLUSTER_SENDTO and CLUSTER_RECVFROM so that they can be set to a file instead of listing IP’s within the respective setting. See csf.conf for more details
  • Removed open_basedir check on cPanel servers in Server Check
  • Fixed csf.conf typo
  • Updates to Courier IMAP regexes for Plesk

New MailScanner Front-End (MSFE) v8.20


  • Replaced “Open in new window” to “Expanded view” in MailControl which fills the browser and compacts the search and button panels. Added “Standard view” button to switch back. This no longer launches into a new window
  • Button to Install MailWatch has now been removed, existing MailWatch installs remain at users risk
  • Modified Mail::Sender SSL_version to be blank to allow IO::Socket::SSL defaults to be used. This fixes a problem with older perl modules and the latest exim configurations on cPanel when release forwarding email from within MailControl
  • Added MailControl sort fields to: subject, from_address and to_address
  • Set default sort direction to ASCENDING in MailControl except for Date/Time which defaults to DESCENDING
  • Modified MailControl table to make Subject link clickable to view email
  • Added “Block Client IP” to MailControl Bulk Actions
  • Fixed MailControl spinner/refresh behaviour
  • Added MailControl search for “All Headers (UTF-8)” which will search for Quoted-Printable UTF-8 strings in the email headers (e.g. Subject). Note: Only works with “CONTAINS” conditional and only on individual words
  • Modify MailControl Search Reset button to clear any existing search and refresh but then show the Search box

Running cPanel v76? Want a link to Plugins on the Home Page?

cPanel decided to provide a cut-down home page for WHM for v76+. It makes finding plugins (such as csf) a pain. Here is a simple way to add a Plugins link to the new homepage:

Some caveats:

  • DO THIS AT YOUR OWN RISK! Neither we nor cPanel will likely help if it goes horribly wrong!
  • The change will be overwritten when the next version of cPanel is released or if you run:
    /scripts/upcp --force
  • It might break your WHM home page
  • It might not work in the future

OK, so here’s what to do:

  1. SSH into your server as root (or use the Terminal app from WHM!)
  2. Create a file called /usr/src/main.tmpl.patch
  3. Add the following to that file as-is:
    > [% IF (Whostmgr.check_flag('addons')) -%]
    > [% varcache.set('locale_str',locale.makevar("Plugins")) %]
    > <li class="application">
    > <a href="[% cp_security_token %]/scripts/command?PFILE=Plugins">
    > <img class="mr-10" src="[% Whostmgr.get_icon_url('icons/plugins.png') %]" alt="[% varcache.locale_str -%]" aria-hidden="true">
    > <div class="application-details">
    > <div class="application-title">[% varcache.locale_str %]</div>
    > <span class="application-description">[% varcache.locale_str %]</span>
    > </div>
    > </a>
    > </li>
    > [% END %]
  4. Run the following command:
    patch -bp0 /usr/local/cpanel/whostmgr/docroot/templates/menu/main.tmpl /usr/src/main.tmpl.patch
  5. That should be it

To restore the page back, either:

  • Restore the backup created by the patch command:
    cp /usr/local/cpanel/whostmgr/docroot/templates/menu/main.tmpl.orig /usr/local/cpanel/whostmgr/docroot/templates/menu/main.tmpl


  • Run upcp:
    /scripts/upcp --force

Once again, you do this at your own risk. Have fun!


New csf v12.07


  • Added commented out regex lines in csf.pignore on cPanel servers for the upcoming ubic implementation by cPanel
  • Added port 53 filters in cpanel.comodo.allow on cPanel servers
  • Added postfix support for LF_DISTSMTP
  • Switched Sendmail and URLGET modules from using croak to carp to avoid unexpected parent death from child failure
  • Double fork external commands in DA UI to work around DA mod_perl restrictions, allowing full functionality
  • Added reason text information to IPs and CC_LOOKUPS to netblocks for LF_PERMBLOCK and LF_NETBLOCK reports and csf.deny entries