ConfigServer Services Blog

New csf v6.09

Changes:
– Modified csf UI to detect Webmin install and symlink script and images directory so as to no longer require Webmin module update on a new csf version
– Tidied up csf UI html
– Fixed System Statistics graph display when using Webmin
– Modified Server Security check to only perform GENERIC test when using Webmin to prevent hanging processes
– Added CLI options –car, –carm. This removes an allowed IP in a Cluster and removes it from /etc/csf.allow
– Added new options LF_WEBMIN, LF_WEBMIN_PERM. This feature adds login failure detection for Webmin in WEBMIN_LOG
– Added new option LF_WEBMIN_EMAIL_ALERT. This feature sends an email if a successful login to Webmin is detected in WEBMIN_LOG
– Modified LF_SCRIPT_ALERT text in csf.conf for cPanel servers
– Modified proftpd regex to cope with non-standard format and to remove trailing colons from account name
– Modified LF_SCRIPT_ALERT regex to cater for paths containing spaces
– Improvements to LF_SCRIPT_ALERT memory usage and possible script detection
– Added alternative LF_SCRIPT_ALERT regex for specific 1H.com exim logging ACL

New cxs v2.93

Changes:
– New features: –prenice [num], –pionice [num]. These options allow you to control the nice and ionice priorities of the running process. This can, for example, help even out the load on heavy IO servers or increase the speed of the scan on busy servers
– Exploit fingerprint definitions database additions

New cxs v2.92

Changes:
– Improvements to the main decoder regex
– Improvements to error reporting on UI restore
– Fixed typo in documentation regarding cxs.xtra :quarantine feature
– Added IP, where available, to –script [script] parameters passed to external script
– Exploit fingerprint definitions database additions

New csf v6.08

Changes:
– Added IPV6_SPI workaround for CentOS/RedHat v5 and custom kernels that do not support IPv6 connection tracking by opening ephemeral port range 32768:61000. This is only applied if IPV6_SPI is not enabled. This is the same workaround implemented by RedHat in the sampe default IPv6 rules

New cxs v2.91

Changes:
– Ensure cxswatch is stopped, disabled and removed on cxs uninstall
– Added cleaned script code scanning to text match and decoder regex detection to improve exploit script detection
– Modified –help to use the POD paginated viewer
– Exploit fingerprint definitions database additions

WHM/cPanel v11.36 in STABLE

cPanel v11.36 has now entered the STABLE tree and you will notice that most of your addon perl scripts failing. You can resolve this easily with our addons by reinstalling them. We have provided a simple script that can do this for you that we posted previously. This has to be done regardless as to whether you are running the latest versions:
This script will update: cmm, cmc, cmq, cse, csf, cxs, msinstall, msfe
Only those scripts that are already installed will be updated. Those that are updated are done so regardless as to whether they are the same or an older version of those available.
To use this method you must be logged into root via SSH to the server and then run:
curl -s configserver.com/free/csupdate | perl
You should take care to read through the output to ensure that all the upgrades have worked as expected.

New cxs v2.90

Changes:
– Added alternative php binary locations for generic installations
– Improvements to –decode ([D])
– Added new advanced PHP decoder
– Exploit regex definitions database additions
– Exploit fingerprint definitions database additions