General

New csf v14.04

Changes:

  • Added two new options: CC_MESSENGER_ALLOW, CC_MESSENGER_DENY. These options can control which Country Code IP blocks are redirected to the MESSENGER service, if it is enabled
  • Fixed some typos in csf.conf
  • Added DirectAdmin diagnostics to the admin UI for session security checks, together with a method to skip the checks if desired

New MailScanner Front-End (MSFE) v9.03

Changes:

  • Changed WHM/Admin UI “Modify User Settings” to “Access User Settings” which now allows full access impersonating the chosen user

New MailScanner Front-End (MSFE) v9.02

Changes:

  • Added new BETA feature: Digest Emails. If enabled, users can configure a Digest Email per domain within their account that includes a summary of all Low Spam, High Spam, Blacklisted and Infected email. This is of particular use to users using the SpamBox and/or MailControl features. See the MSFE Front-End Settings page in the UI for more info
  • Add non-alphanumeric character to SQL db user password on new installs
  • Fixed issue with string escaping for URI’s in MailControl. Uses the perl module URI::Escape
  • Update mssql.pl with MySQL credentials code from dbadd.pl

New cxs v12.03

Changes:

  • DirectAdmin moved from BETA to RELEASE for RHEL/CentOS/CL
  • Added new option –vmmax [kB]. This will abort a scan if the VmRSS size of the process exceeds this value to prevent memory exhaustion. By default it is set to 2000000 kB = 2GB
  • Modified cxs reputation reporting to prevent overloading
  • Improved DA session checking
  • Added -u to unzip UI commands
  • Protect from logarithm divide by 0 error
  • Improved DA UI display

New csf v14.03

Changes:

  • Updated DSHIELD blocklist to use https
  • Updated Server Check PHP EOL information
  • Improved DA session checking
  • Improved DA Server Check report
  • Modified cpanel.comodo.allow and cpanel.comodo.ignore with an additional IP address
  • MESSENGERv3 now out of BETA testing
  • Added UDP ports 80 and 443 to UDP_IN/UDP6_IN for new installations to support QUIC/HTTP3
  • Modified DA regex for Roundcube v1.4+
  • Modified DIRECTADMIN_LOG_R to point to /var/www/html/roundcube/logs/errors.log for Roundcube v1.4+ by default on new installs and change for old installs if not already set
  • Added a new DA regex for phpMyAdmin
  • Modified iframe resizer on DA, thank you to Martynas @ DirectAdmin
  • Updated Integrated User Interface documentation to point to the latest Apache docs
  • Added newly generated self-signed keys for lfd UI
  • Updated Server Report descriptions for cPanel
  • Updated Server Report for systemd processes
  • Added back cPanel update check to the Server Report now that it has been reinstated by cPanel
  • Removed outdated Server Report checks

New cxs v12.02

Changes:

  • Fixed issue using +/- in –options causing the UI wizard to fail
  • Fixed issue with –cgi depending on the directory location of the ModSecurity SecTmpDir setting

New cxs v12.01

Changes:

  • Indepth performance profiling and code review
  • Performance improvements to scanning code can now reduce overall scan times by up to 20%-80% depending on type and amount of data scanned
  • Improvements the the Universal Decoder including base64 mapping and significant performance improvements
  • The option –voptions [] has been removed as it provided little performance benefit with reduced efficacy
  • Improved plesk user detection based on the hosting and sys_user tables in the psa D/B
  • Updated documentation
  • NOTICE: We are deprecating support for Virtuozzo/OpenVZ servers. Future releases will not take into consideration those platforms which have become onerous to support. The software application may continue to work but support and functionality is no longer guaranteed

New csf v14.02

Changes:

  • Added new BETA TESTING option: MESSENGERV3. This provides the MESSENGER service utilising the local webserver. It currently supports Apache v2.4+ and Litespeed/Openlitespeed. As the first iteration this likely contains bugs and may not be suitable for production environments. See csf.conf and readme.txt for more information
  • Changed Country Code Lookup source to ipdeny.com
  • Added CC_ALLOW_SMTPAUTH to all configurations for the benefit of servers other than cPanel running Exim
  • Modify CC_ALLOW_FILTER to allow RELATED, ESTABLISHED connections through so that outgoing connection replies from remote sites not in CC_ALLOW_FILTER are accepted
  • Added a note in csf.conf regarding MESSENGER_CHILDREN, that consideration needs to be made for local images displayed on the page. The default has also been increased to 20 for new installations Modifications to MESSENGER server to speed up connection response time and improve stability
  • Modifications to LFD UI and CLUSTER server to improve stability
  • Added SUDO login alerts: LF_SUDO_EMAIL_ALERT. This will send an email alert using the sudoalert.txt template whenever there is a failed or successful SUDO connection. SUDO_LOG must be set to the correct log file. LF_SUDO_EMAIL_ALERT is disabled by default
  • Added new entry in csf.pignore on cPanel servers for v86+:
    exe:/usr/libexec/dovecot/imap-hibernate
  • Added Server Check for EOL PHP v7.1
  • Removed cPanel update checks from the Server Report now that the options are no longer available in cPanel v86+
  • NOTICE: We are deprecating support for Virtuozzo/OpenVZ servers. Future releases will not take into consideration those platforms which have become onerous to support. The software application may continue to work but support and functionality is no longer guaranteed