csf

New csf v10.14

Changes:

  • Made configuration checks on iptables more fault tolerant to avoid unnecessary failures while loading
  • Removed openbl.org from csf.blocklists for new and existing installs
  • More generic binaries added to csf.pignore

 

New csf v10.13

Changes:

  • Fixed looping/timeout of integrated UI children when Chrome client is used

New csf v10.12

Changes:

  • Configured UI to fully integrate with cPanel templates without using iframes
  • Configured UI to display full cPanel breadcrumbs
  • Configured UI to support cPanel v66 WHM UI changes

New csf v10.11

Changes:

  • Modified username regex for csf.syslogusers
  • Fixed issue with /var/lib/csf/lfd.stats excessive growth

New csf v10.10

Changes:

  • Modified HTML to cater for major change in cPanel v66

New csf v10.09

Changes:

  • Added new option DROP_OUT which is set to “REJECT” by default. This option sets the default target for blocked outgoing ports. See csf.conf for more information
  • Added improved detection of xtables lock and recommend enabling WAITLOCK on error
  • Improved csf down detection when xtables lock in effect and WAITLOCK is not enabled
  • Added support for listing ASNs in CC_IGNORE

New csf v10.08

Changes:

  • Added cpanel.allow and cpanel.ignore Include files for the cPanel authentication servers. These are included on new installations and added to existing files on cPanel installations
  • If running cPanel 1:1 NAT, use the contents of /var/cpanel/cpnat to whitelist/ignore the external IP addresses

New csf v10.07

Changes:

  • Fixed bug when using RECAPTCHA_NAT where the listed IP’s were not correctly processed
  • Server Check now follows includes in dovecot.conf
  • Server Check now reports RHEL/CentOS/CloudLinux v5.* as EOL

New csf v10.06

Changes:

  • Added new entry in csf.pignore on cPanel servers for:
    exe:/usr/libexec/dovecot/indexer
    exe:/usr/libexec/dovecot/indexer-worker
  • Croak if IPTABLES is not set, incorrect or not present in csf.conf
  • Set SELinux context for /etc/logrotate.d/lfd on new generic installs

New csf v10.05

Changes:

  • Fixed table header html/css
  • Added workaround for adding superusers listed in /etc/csf/csf.syslogusers to the RESTRICT_SYSLOG_GROUP if the log socket is not accessed via the owner permissions
  • Changes for cPanel v64 template
  • Updated text description in csf.dirwatch for new installs