Security 10817 Published by

ConfigServer has released a new version of their CSF firewall for Linux servers



Changes:

- Added support for cPanel v11.38.1+ AppConfig addon registration
- Added support for cPanel v11.38.1+ Custom ACL driver. This creates an ACL (software-ConfigServer-csf) which must be used to grant resellers access via "WHM > Edit Reseller Nameservers and Privileges > Third Party Services > ConfigServer Security & Firewall (Reseller UI)" when running cPanel v11.38.1+
- Added Server Check for AppConfig restrictions for cPanel v11.38.1+
- Switched from using Geo::IP::PurePerl to Geo::IP perl module
- Added MaxMind GeoIP Anonymous Proxies to csf.blocklists. This will be appended, disabled, to existing csf.blocklists files
- Added new setting CSFDATADIR. This is the location of the csf and lfd temporary data. By default it is set to the current value of /etc/csf with the intention of moving this data to /var/lib/csf in the future in a move towards the Linux Filesystem Hierarchy Standard (FHS)
- Moved the default location for ST_DISKW_DD to /var/lib/dd_test for new installations

NOTE: In accordance with the new conventions for v11.38.1+ AppConfig the url to the csf WHM plugin will change from /cgi/addon_csf.cgi to /cgi/configserver/csf.cgi. This will only happen with csf v6.14+ and cPanel v11.38.1+. Older version of csf will continue to use the old URL. This has no particular relevance to users accessing through WHM, but will affect direct URL access by users or third party applications
  CSF 6.14 released