Server Software and Configuration Services
New cxs v2.24
Changes:
- Allow binary submissions via –wttw
- Improvements to –decode ([D]) option
- Exploit regex definitions database additions
- Exploit fingerprint definitions database additions
General
New csf v5.36
Changes:
- Fix for the lfd child lock mechanism effectiveness
New csf v5.35
Changes:
- Added new BETA feature – Port/IP address Redirection. This feature uses the file /etc/csf/csf.redirect to redirect connections from/to IP/port combinations to alternative IP/ports. See readme.txt for more information
- Updated syslog daemon checking in Server Report
- Set PT_DELETED to 0 by default on new installations
- Improvements to csf startup locking within lfd
- Improvements to error trapping between csf and lfd
- Check minimum values for interval settings and set to recommended values if too low during lfd startup to improve stability
- Added lfd child locks to improve stability due too server or network resource issues or too low an interval setting
- Updated Sanity Checks for settings
- lfd will now not start if TESTING is enabled
- Do not require write permissions to /etc/crontab when no changes required for TESTING mode enable/disable
- Prevent parricide by lfd children unless required
- Added nat table check in csf
- Fixed bug in csf –grep not matching the nat table
New cxs v2.23
Changes:
- Improved cxs Watch daemon scanning to include moved files to detect files uploaded by the cPanel File Manager
- Fixed bug where –cleanlog [file] was not logging the filename for cxsftp.sh scanning
- Exploit regex definitions database additions
- Exploit fingerprint definitions database additions
New cxs v2.22
Changes:
- Exploit regex definitions database correction
New cxs v2.21
Changes:
- Speedups to –decode ([D]) option
- Improvements to decode regex
- Exploit regex definitions database additions
- Exploit fingerprint definitions database additions
New csf v5.34
Changes:
- Improvement to dovecot account name sanitisation checks in lfd
- Modified cronjobs for new installs to be compatible with anacron
- Added new option CLUSTER_BLOCK which is enabled by default. This allows you to disable automatic sharing of lfd blocks around a csf cluster, e.g. if you only wish to use the CLUSTER option to share settings and manual blocks and allows
- Added new option RT_ACTION. If an RT_* event is triggered, then if RT_ACTION contains the path to a script, it will be run in a child process and be passed a list of items (see csf.conf – for cPanel and DA only)
- Fix to DYNDNS Advanced Allow/Deny Filters using pipe separator
- Set permissions to 700 on *.sh, *.pl and *.php in /etc/csf/ instead of a blanket 600 of non-csf scripts
New cxs v2.20
Changes:
- Fixed issue with MD5 setting via UI when saving to defaults
- Improvements to regex validation to any specified –ignore or –xtra files
- Improvements to decode regex
- Improvements to –decode ([D]) option
- Exploit regex definitions database additions
- Exploit fingerprint definitions database additions
csf and RedHat/Centos v6.0
Confirmed csf (IPv4 and IPv6) support on RedHat/CentOS v6.0
New csf v5.33
Changes:
- Add link to the Changelog when csf is upgraded
- Extended urlget timeout to 300 seconds to help cope with the large MaxMind City Database download where enabled
- Include cpdavd login failures for LF_CPANEL. Added port 2077 and 2078 to the cPanel block ports when LF_SELECT enabled
- Disable ftp Server Check reports if ftp server disabled in cPanel
- Added regex validation to any specified csf.pignore or csf.figonre entries to lfd
- Updated cPanel tier checks to cope with old STABLE and DNSONLY releases and newer v11.30+
- Improvement to account name sanitisation checks in lfd