Modified the –jumpfrom [user], –jumpto [user] options so a special value can be used for the from and to [user] using a single letter then a plus sign to scan those users whose name begins with the letter specified (not case sensitive). Again, this is inclusive. For example, to scan all accounts beginning with k through to g use: –jumpfrom k+ –jumpto g+
Updated RELAY regex to detect the dovecot/courier login authentication methods on cPanel servers
Updated Server Check Report to reflect cPanel/WHM changes in v11.28, including additional checks and updating reference text
Added checks to LF_DIRWATCH_FILE to ensure watched resources exist on startup and while running a check. Those that do not exist are ignored and logged in lfd.log
Improvements to –decode ([D]) option. If the final decode depth results in a php Parse error, the previous depth is scanned instead. This improves the likelihood of a successful decode and scan
Improvements to –decode ([D]) option. Decode PHP scripts in memory using the interactive php interpreter instead of using temporary files
Improvements to –decode ([D]) option. Add timeout to php interpreter to avoid decoding hangs
Added the ability to use –quarantine and –delete when performing a manual or scheduled scan. However, since the likelihood of a false-positive is relatively high, this is not recommended without care and understanding of the implications
Added test for existence of –quarantine [dir]. If it does not exist an error will be shown and the scan will continue with the quarantine directive disabled
New –options [Z]. This option decompresses archives (e.q. zip, tar, tar.gz and tar.bz2 files) and scans each file within the archive using the same options provided to the original scan
Added –options [Z] to WHM UI
Updated perl modules requirements to now include: Archive::Zip and Archive::Tar
Cater for single quotes in cron jobs in the WHM UI
Added some lfd blocking statistics which can be viewed via the UI. Requires gd graphics library and the GD::Graph perl module with all dependent modules
Added 8th argument to BLOCK_REPORT for the setting that triggered the block
Added setting that triggered a block to lfd log lines