ConfigServer Services Blog

New csf v6.38

Changes:

  • Parameterise calls to system and Open3 where possible
  • HTTP::Tiny upgraded to v0.039
  • Modifications to csftest.pl
  • Removed the UI “Pre-configured settings for Low, Medium or High” as they are outdated and meaningless. Users should go through the csf configuration and setup the firewall for their individual server needs
  • Translate ampersand for HTML output
  • Modified csf.blocklist for new installations to use the SSL URL for the TOR exit list now that they have forced redirection from the non-SSL URL, with a note to change URLGET to use LWP
  • Modified csf.blocklist for new installations to specify an alternative TOR exit node list

New cxs v4.07

Changes:

  • Display “i” during scan if file ignored due to sizemax [bytes] being exceeded
  • HTTP::Tiny upgraded to v0.039
  • Translate ampersand for HTML output
  • Fixed cxs UI not adding files to the ignore file after using the Ignore link
  • Additional checks for ignore, xtra and new detections updates for cxs watch daemon to reload the relevant files if necessary
  • Exploit fingerprint definitions database additions

 

New cmc v1.09

Changes:

  • Added new feature – Ability to use DirectoryMatch ModSecurity disabling and whitelisting
  • Parameterise Open3 calls

 

New cxs v4.06

Changes:

  • Parameterise all calls to system() and Open3()
  • Only list viewable files in UI “Other Files” option
  • Fixed issue with ignoring user: and puser: with web scanning
  • Added new –ignore [file] option ip: – ignore IP address for web and ftp uploads. This may or may not have any impact on performance with ftp uploads as the IP address will need to be established from the message log for each file
  • Removed DNS lookup on FTP IP addresses to improve performance
  • Exploit fingerprint definitions database additions