[+] New Feature
[=] Updated feature
[-] Fixed bug

4.03 (7 Feb 2024)

  • [+] Added support for Debian 12.
  • [+] Added a new command line interface (CLI) for configuring most settings. This makes it easy for admins to make changes across multiple servers or when using automated deployment tools like Ansible. Admins can run the command /usr/local/psa/admin/sbin/modules/juggernaut/minion --task=help for more information.
  • [+] Added a new prefix column to the iptables log so admins can see why an IP address was blocked.
  • [+] Added additional checks to make sure that the options DROP_IP_LOGGING and PS_INTERVAL are not enabled at the same time as they are incompatible.
  • [+] Added a last 3 days template to the date range picker.
  • [=] Updated the grid ASN column so that it has a clickable menu to lookup information or copy it to the clipboard.
  • [=] Updated different ignore options from thoughout the settings area to the ignore tab to make them all easier to locate.
  • [=] Updated the MESSENGER default to enable the messenger v1 service on new installations.
  • [=] Updated the CC6_LOOKUPS default to enable IPv6 address lookups for CC_, MESSENGER, and Portflood on servers with IPv6 enabled.
  • [=] Renamed the actions in the dashboard actions widget to be more consistent.
  • [=] Updated some of the javascript libraries to their latest versions.
  • [=] Updated the database maintenance area to work on servers who have renamed the admin username now that Plesk supports renaming the admin user.
  • [=] Improvements when downloading the MaxMind geolocation databases.
  • [-] Fixed a bug with the messenger v3 service not working properly on CloudLinux with CageFS enabled.
  • [-] Japanese translation fixes. Thanks Toshiaki!

4.02 (09 Aug 2023)

  • [+] Added unknown country and continent policy content options for when MaxMind cannot lookup the geolocation information for an IP address.
  • [+] Added new date range search fields to the panel log and action log pages.
  • [=] Updated the WordPress trigger to include the 403 status code. To apply the new trigger delete the old one then re-add it under Settings -> Login Failure Blocking -> Login Failure Custom Triggers.
  • [=] Dropped support for Ubuntu 18.04 because it has reached EOL on May 31, 2023. Admins can either migrate to a supported OS using Plesk Migrator or run dist-upgrade to upgrade your Ubuntu 18.04 instance.
  • [=] Updated the date pickers to use a new date calendar javascript component.
  • [=] Updated the custom button icons to support the new svg format used in Plesk 18.0.55.
  • [=] Updated some of the javascript libraries to their latest versions.
  • [=] Renamed the log maintenance page to database maintenance.
  • [-] Fixed a bug with the installer where the Plesk firewall extension was no longer being properly removed.
  • [-] Translation fixes.

4.01 (21 May 2023)

  • [+] Added ARM architecture support for Ubuntu 22.04 LTS.
  • [+] Added login failure daemon cluster deny actions to the connection, Apache, and bandwidth tracking pages.
  • [+] Added port 853 (DNS over TLS) to the default TCP_OUT and TCP6_OUT for new installations.
  • [=] Updated the processing tracking ignore defaults. To apply the new defaults go to Settings -> Tracking Settings -> Process Tracking Ignore -> then press the default button.
  • [=] Updated the log scanner ignore defaults. To apply the new defaults go to Settings -> Log Scanner -> Log Scanner Ignore -> then press the default button.
  • [-] Fixed a bug with the new Apache and connection tracking dashboard widgets.
  • [-] Fixed a bug with the AbuseIPDB reporting script that affected specific systems.
  • [-] PHP 8.2 compatibility fixes.

4.00 (19 Mar 2023)

  • [+] Added major updates to the Apache tracking page. Now you can see a list of domain names that each client address is requesting. Client addresses are now grouped then sorted by the most requests allowing admins to more easily defend against bad bots or denial of service attacks. Admins can click on the plus icon next to each entry to view detailed information about each request.
  • [+] Added major updates to the connection tracking page. Now you can see a list of local ports that each client address is connecting to. Admins can click on the plus icon next to each entry to view detailed information about each connection.
  • [+] Added a button to the Apache and connection tracking pages to expand or collapse all subgrids on the page (the top plus column icon).
  • [+] Added a new Apache tracking dashboard widget.
  • [+] Added a restart Apache button to the Apache tracking grid.
  • [+] Added an autosuggest to the domain name input on the Apache tracking page.
  • [+] Added a clear option to the AbuseIPDB operations select list so that admins can remove a reported IP address from within the Juggernaut interface.
  • [=] Updated the connection and Apache tracking pages so that the organization, location, network, and ASN columns are now fully searchable and sortable.
  • [=] Updated the IP address lookup firewall actions operations select list default to deny.
  • [=] Updated the MaxMind license key validation to work with their new key format.
  • [=] Updated the services dashboard widget to work with servers that have hardened non-standard permissions.

3.07-2 (05 Feb 2023)

  • [-] Fixed an issue on Plesk 18.0.50 where the entries on the tracking page grids were disabled.
  • [-] Fixed some style issues on Plesk 18.0.50.

3.07-1 (01 Jan 2023)

  • [+] Added support for AlmaLinux 9 and Red Hat Enterprise Linux 9.
  • [+] Added additional MaxMind DB Apache module improvements.
  • [=] Added compatability with the mod_maxminddb packages from the EPEL repository.
  • [=] Updated the MaxMind DB updater to send a If-Modified-Since header to minimize file transfers.
  • [=] Updated the tracking pages so that IP addresses that match CIDRs blocked on the firewall will now show as being denied.
  • [=] Installer improvements.
  • [-] PHP 8.2 compatibility fixes.

3.06-1 (3 Oct 2022)

  • [=] On Debian/Ubuntu the installer will import the Danami signing key to /etc/apt/trusted.gpg.d/danami.gpg instead of the global keyring /etc/apt/trusted.gpg now that the apt-key command has been deprecated.
  • [=] Removed support for Debian 9 as it reached end of life on June 30, 2022.
  • [=] Updated vendor libraries.
  • [-] PHP 8.1 compatibility fixes.

3.05-1 (01 Jun 2022)

  • [+] Added support for Ubuntu 22.04 LTS.
  • [=] On AlmaLinux/CloudLinux/RockyLinux 8 the installer will exclude the EPEL ImageMagick packages when enabling the EPEL repo as they are not currently compatible with any of Plesk's PHP packages.
  • [-] Translation fixes.

3.04-1 (18 Mar 2022)

  • [+] Added support for Debian 11.
  • [=] Installer improvements.
  • [-] Fixed a bug there the extension button was showing under the subscription tabs for admins and resellers when they were not needed.

3.03-1 (20 Feb 2022)

  • [+] Added an OpenCart login failure custom trigger. Users can enable it under Settings -> Login Failure Blocking -> Login Failure Custom Triggers.
  • [+] Added a new reputation option in the IP address lookup menu so admins can query AbuseIPDB with a single click.
  • [=] Removed support for Centos 8 as it reached end of life on December 31st, 2021. Centos 8 users should use migration scripts to convert their OS to AlmaLinux or Rocky Linux.
  • [=] Search improvements when filtering though the logs.
  • [=] Updated the panel log to highlight failed login rows.
  • [=] Updated toolbar button spacing to be locale aware so that verbose locales have more spacing.
  • [-] Fixed a bug where the created column was empty on the modsecurity log page due to log format changes in modsecurity 2.9.5.
  • [-] Fixed a bug where the login failure daemon AbuseIPDB block reporting was not working correctly due to a Plesk encoder issue.
  • [-] Fixed an installer issue on CloudLinux 8.5.
  • [-] Translation fixes.

3.02-1 (23 Jan 2022)

  • [+] Added support for Rocky Linux.
  • [+] Added AbuseIPDB support. AbuseIPDB is the gold standard for abuse reporting and is used by some of the largest hosting companies worldwide. When enabled the login failure daemon will report blocked IP addresses to AbuseIPDB automatically.
  • [+] Added a reputation tab to the IP address lookup tools. Now admins can use AbuseIPDB to check and report IP addresses for abuse. AbuseIPDB is free for up to 1000 checks per day. See here for more information.
  • [+] Added new high quality blocklists from AbuseIPDB and InterServer for servers which have brute forced (ssh, ftp, pop, imap, passwords), spammed, or been marked as malicious due to mod_security. See here for more information.
  • [+] Added new abuseipdb_key and abuseipdb_block_reporting options to the installer command line interface.
  • [+] Added additional pre-install checks to make sure the server hardware is supported.
  • [=] Updated the geolocation settings page to not throw an error when first entering the MaxMind license key because new keys can take about 30 minutes before they are recognized.
  • [=] Updated the default blocklists to remove outdated lists and switched all sources to use https://. It is recommended to reset your blocklists by going to Settings -> IP Block Lists -> press the Advanced button on the grid then press the default button. Then re-enable the new blocklists that you want. After upgrading any removed block lists will be marked as custom and are safe to delete.
  • [=] Updated blocklist max defaults on large blocklists to be smaller than the default Ipset maxelem setting so that we do not cause any ipset errors when we enable the blocklist.
  • [=] Updated the installer to not install the net-tools package because CSF supports the newer ip binary instead.
  • [=] Updated the default option Netblock blocking LF_NETBLOCK to be enabled by default.
  • [=] Updated the default option Connection tracking limit CT_LIMIT to 500.
  • [=] Updated the default options DENY_IP_LIMIT to 2000 and DENY_TEMP_IP_LIMIT to 1000.
  • [=] Improved the denied IP address detection on the tracking pages.
  • [=] Updated the extension custom button location for admins, resellers, and customers to all display in the left navigation (in both service provider and power user views).
  • [=] Updated the IP blocklists to be on the main settings page for easier access.
  • [=] Updated the IMAP/POP3 and SMTP Auth logs grids to highlight important rows.
  • [-] Fixed a bug on the login log page where the all options were not selectable after the initial search.

3.01-1 (19 Sep 2021)

  • [+] Added network, organization, and ASN columns to the connection tracking grid. This will give users much more detail as to which networks are connecting to the server.
  • [+] Added an organization column to the deny, allow, and ignore and log grids. This will give users much more detail as to which networks are being denied, allowed, or ignored by the firewall.
  • [+] Added the danami-juggernaut repository servers to the default allow for new installs (access to port 80 and port 443) so that users don't accidentally block them.
  • [+] Added an autosuggest to the domain name input and "method" select list on the Apache tracking page.
  • [+] Added new ASN and network based reports.
  • [+] Added a check to make sure the ModSecurity persistent storage directory /var/cache/modsecurity exists on the server.
  • [=] Updated the different IP address column names to client addr for consistency.
  • [=] Updated the grid flag columns to be on the right of each page for consistency.
  • [=] Updated many of the existing reports to include additional network, organization, and ASN information.
  • [=] Updated the report names to be localized.
  • [=] Performance optimizations.
  • [-] Fixed a formatting bug for multiple grid messages.
  • [-] Fixed a bug with the modsecurity log date when using the application is using the 12 hour time format.

3.00-1 (01 Aug 2021)

  • [+] Added support for AlmaLinux 8.3.
  • [+] Added support for the Apache MaxMind DB geolocation module. The Apache MaxMind DB packages will be installed from the danami-juggernaut repo. See here for more information.
  • [+] Added a new policy area where admins, resellers, and customers can manage Apache web server access policies. Users can allow or deny access to specific URLs based on the users country, continent, or autonomous system number.
  • [+] Added a new webmail policy page where the admin can allow or deny access to the Roundcube webmail installed on the server based on the users country, continent, or autonomous system number.
  • [+] Updated the IP address network information lookup page to include the network, ASN, and organization information. Users must first download the MaxMind ASN database under geolocation settings for these items to be displayed.
  • [+] Added CSF messenger V3 support to allow the messenger service to use Apache directly instead of starting its own messenger daemon. See here for more information.
  • [+] Added a new permissions page under settings so that admins can allow or deny access to the policies area for customers and resellers. Currently policy management is disabled by default for non-admins. If you want to give access to resellers or customers then you give them permission under Juggernaut Firewall -> Settings -> Permissions.
  • [+] Added Apache to the dashboard services widget.
  • [+] Added new maxminddb and geofilter options to the installer command line interface.
  • [+] Added an additional pre-install check to make sure that the operating system is supported.
  • [=] Updated the country select lists to not be localized so that the country names will always match what is displayed by MaxMind.
  • [=] Updated the setup wizard to disable firewall testing mode and start the login failure daemon when going through the setup wizard.
  • [=] Updated the log search to automatically raise the default limit when searching for patterns.
  • [=] Updated the MaxMind database signature verification to use sha256 instead of md5.
  • [=] Removed the messenger log to make room for the new action log.
  • [=] Deleted some section icons to speed up page load.
  • [=] Updated the jQuery and MaxMind libraries.
  • [=] Updated the minimum supported Plesk version to 17.8.11.
  • [=] Dropped support for Ubuntu 16.04.
  • [-] Fixed a bug where the syntax highlighting was not working when viewing modsecurity transactions outside of the modsecurity log.

2.19-2 (07 Feb 2021)

  • [=] Made improvements to error display when the firewall is in testing mode.
  • [-] Fixed a bug with the new ip_set detection on Virtuozzo systems.
  • [-] Fixed a bug where the services dashboard widget would not show the login failure daemon status when clicking on the status column.

2.19-1 (23 Jan 2021)

  • [+] Added support for the modsecurity 3 packages provided by Plesk.
  • [+] Added syntax highlighting when viewing modsecurity transactions and when editing firewall config files to make them easier to read.
  • [+] Added code to automatically correct permission problems on the modsecurity audit directory.
  • [+] Added a KB article for outlining how you can control what gets logged to the modsecurity audit log. See here for more information.
  • [=] Updated the apache-scanners trigger to block scanners searching for phpunit vulnerabilities. To use the new trigger delete the old apache-scanners trigger under login failure custom triggers then re-add it.
  • [=] Improved the code that cleans up the modsecurity audit directory.
  • [=] Improved the operating system detection functions.
  • [=] Improved the default ip_set detection on Virtuozzo systems.
  • [-] Fixed a bug where the POP3/IMAP log was not showing on Centos/RHEL/Cloudlinux 8.
  • [-] French translation fixes. Thanks Cyril!

2.18-2 (09 Dec 2020)

  • [+] Added a selector input for the DKIM lookup area under Tools -> Network Information so users can enter a different DKIM selector when running DKIM lookups.
  • [-] Fixed some bugs when the time format was set to 12 hours.
  • [-] Centos 8.3.2011 repository fixes.

2.18-1 (15 Nov 2020)

  • [+] Added CloudLinux 8 support.
  • [+] Added bulk MX, DMARC, RDNS, and DKIM record lookup tools under Tools -> Network Information.
  • [+] Added the rsync port 873 to the default ports for TCP_OUT and TCP6_OUT.
  • [+] Added the option Login failure temp blocking alerts - LF_TEMP_EMAIL_ALERT under Settings -> Reporting & Alerts giving users the ability to enable or disable temporarily blocked alerts.
  • [+] Added preview links to on the messenger page so that you can view the secure and unsecure messenger service when it is enabled.
  • [+] Added a restart button on the Cloudflare users grid.
  • [=] Deprecated support for Centos 6/RHEL 6/CloudLinux 6 and Debian 8.
  • [=] Updated the ETH_DEVICE, ETH6_DEVICE, and ETH_DEVICE_SKIP options under Firewall -> General Settings to be select lists so you can pick which interfaces you want to add or remove.
  • [=] Updated the CLUSTER_SENDTO and CLUSTER_RECVFROM options under Login Failure Daemon -> LFD Clustering to be textareas to make them easier to manage.
  • [=] Updated the HTTPS lookup tool to handle lookup errors better.
  • [=] Updated the network-info vendor libraries to their latest versions.
  • [=] Removed offline blocklists from,,,,, and
  • [-] Fixed a bug where the Login - IP Address FTP and Login - IP Address SSH reports would not show up on the dashboard.

2.17-1 (22 Aug 2020)

  • [+] Added the ability to set the Google reCaptcha site and secret keys using the CLI interface.
  • [=] Updated the API key signup links to point to our documentation as so that we can provide clear instructions as to how to sign up for each key.
  • [=] Updated the htmlpurifier library to the latest version.
  • [=] Removed the TALOSINTEL_IPFILTER blocklist as the feed is no longer active.
  • [-] Fixed a bug when using the DNSBL network information tool where the IP addresses on the server were not recognized.
  • [-] Fixed a bug when saving the Blacklists under DNS and DNSBL Settings.
  • [-] Fixed a bug where the license key validation would fail for the admin and pro editions when using the CLI interface.
  • [-] Fixed a bug where the application was not able to determine the servers timezone on some systems.
  • [-] Translation fixes.

2.16-1 (02 Aug 2020)

  • [+] Added a time format option under Settings -> Application Settings giving administrators the ability to choose between 12 and 24 hour date display for logs.
  • [+] Added a command line interface for the setup wizard so admins can automate installation and configuration using tools like ansible. See here for more information.
  • [+] Added the options CC_MESSENGER_ALLOW and CC_MESSENGER_DENY under country settings. These can control which country code IP blocks are redirected to the MESSENGER service.
  • [+] Added UDP ports 80 and 443 to UDP_IN/UDP6_IN for new installations to support QUIC/HTTP3.
  • [=] Updated the web access log data source to default to the access_ssl_log instead of the access_log as that is what users are most interested in.
  • [=] Updated the DSHIELD blocklist to use https.
  • [=] Updated the LF_EMAIL_ALERT setting to be disabled by default on new installs due to the number of alerts being sent out.
  • [=] Security improvements.
  • [-] Fixed a bug where the firewall would not report as running when iptables was running in legacy mode.

2.15-4 (14 Jun 2020)

  • [+] Added a default entry for under Allow -> Allow DynDNS.
  • [=] Removed the services section from under tools as the functionality is duplicated on the dashboard.
  • [=] Updated the bandwidth tracking grid to sort by the TX column by default.
  • [=] Updated the trusted hosts to allow the new Plesk URL format without port number for logging in.
  • [=] Updated the logs area to use the same icon to speed up loading of the page.
  • [-] Fixed a bug where the bandwidth tracking grid would not sort columns properly.
  • [-] Fixed a bug where the modsecurity audit log would get deleted.
  • [-] Fixed a bug where the users remote IP address was not being reported properly when logged in the new Plesk URL format without a port number.

2.15-3 (10 April 2020)

  • [+] Added optional protocol and duration columns to the Apache Tracking grid for newer Apache versions that support it.
  • [+] Added optimize table functionality to the Log Maintenance settings area.
  • [=] Updated the Geolocation settings area to automatically set the CC_SRC option used by CSF to MaxMind when entering the MaxMind license key.
  • [-] Fixed a bug where the an exception would be thrown when no nameserver entries were found in /etc/resolv.conf.
  • [-] Fixed a bug where the Apache Tracking was not working on newer Apache versions.

2.15-2 (17 Mar 2020)

  • [=] Licensing improvements.
  • [-] Fixed a bug on Centos 8 where the firewall would report as being inactive even though it was active and running.

2.15-1 (05 Mar 2020)

  • [+] Added a custom button entry point to Juggernaut Firewall settings under Tools & Settings -> Security -> Juggernaut Firewall.
  • [+] Added the LF_SUDO_EMAIL_ALERT option under Settings -> Reporting & Alerts -> Sudo alerts. Sudo alerts are disabled by default.
  • [+] Added the SUDO_LOG option under Settings -> Log Locations -> Sudo log.
  • [=] CSF is deprecating support for Virtuozzo/OpenVZ servers. CSF may continue to work on those servers but support and functionality is no longer guaranteed.
  • [=] Updated the default value for MESSENGER_CHILDREN to be 20 instead of 10. Consideration needs to be made for local images displayed on the messenger template.
  • [=] Updated the country source alternate provider to
  • [=] Updated the apps custom buttons to use the Plesk extension CustomButtons hooks.
  • [=] Updated the installer tasks and custom buttons to be localized.
  • [=] Updated the application to automatically load the sidebar and redirect you to the correct page when opening multiple tabs.
  • [=] Updated UI notice styles to match Plesk 18.
  • [-] Fixed a bug with the installer where the progress bar and next button would sometimes not update.
  • [-] Fixed some bugs and memory leaks when the dashboard would auto refresh. The dashboard will be reset due to changes in this version.

2.14-2 (01 Jan 2020)

  • [+] Added a Country source option under the Country Settings page so you can choose an alternate country database provider.
  • [+] Added a Maxmind license key option under the Geolocation Settings and a MM_LICENSE_KEY option under the Country Settings page now that Maxmind requires that you signup for a free license key to download their Geolite2 databases. More information:
  • [+] Added CURL and WGET location options under Binary Locations.
  • [+] Added new option for the URLGET setting that allows the use of either CURL ot WGET instead of the perl modules.
  • [=] Updated the grid country flag icon to return the full location as the title instead of just the country code when hovering your mouse over it.

2.14-1 (06 Dec 2019)

  • [+] Added Hungarian, Swedish, and Turkish machine translations. Contact us if you are a native speaker and would like to help out fixing any errors.
  • [+] Added instructions on the country settings page for when you need to to remove ports from TCP/UDP in.
  • [=] Updated the Trusted Hosts option to allow for accessing the panel without the Plesk port number.
  • [=] Updated the default Allow Permanently and Allow DynDNS settings to include outgoing rules for the backup remote FTP storage if set.
  • [=] Updated the country and reports select lists to be sorted alphabetically in any interface language.
  • [=] Updated the application setting page to apply theme and locale changes instantly when the page is saved.
  • [=] Updated the application setting page to reset the dashboard layout when the locale is changed so that the locale titles will reflect the changes.
  • [=] Removed the discontinued blocklists BM_TOR, IW_SPAMLIST, IW_WORMLIST, PACKETMAIL, ZEUS, ZEUS_BADIPS.
  • [=] Updated the source URLs for the blocklists BOTSCOUT, DSHIELD, FEODO. To enable the new URLs delete the old blocklist then re-enable it.
  • [=] Translated the report titles.
  • [-] Italian translation fixes. Thanks Fabio!
  • [-] Polish translation fixes. Thanks Maciej!
  • [-] Translation and localization fixes for some javascript components.
  • [-] Fixed a bug where the messenger service would not work when a vhost was set to be the IP address default. To apply the fix revert the Virtualhost SSL definitions option under Messenger settings to the new default setting.
  • [-] Fixed a bug where SELinux was preventing write access to the modsecurity audit log directory /var/log/modsecurity/audit/ on some servers.

2.13-1 (24 Oct 2019)

  • [+] Added initial support for Centos 8, Debian 10, and Ubuntu 19.04.
  • [+] Added an auto refresh to the dashboard page. The interval is controlled under Settings -> Application Settings -> Dashboard refresh interval
  • [+] Added localized Plesk extension descriptions.
  • [+] Added a CSF dependency package to the installer RHEL/Centos (net-tools, perl-Net-SSLeay) Debian/Ubuntu (net-tools, libnet-ssleay-perl).
  • [=] Updated the grid column headers to wrap to account for more verbose languages.
  • [=] Updated the default directory watch ignore settings to include an ignore pattern for spamassassin tmp files.
  • [-] Setup wizard improvements and bug fixes.
  • [-] Fixed installer bugs on RHEL/Cloudlinux servers.
  • [-] Fixed style issues on Plesk Obsidian GA.

2.12-2 (24 Sep 2019)

  • [+] Added a minimum Plesk update check to the pre-installer.
  • [=] Removed support for Ubuntu 14 and Debian 7 now that Plesk is no longer providing updates for them.
  • [-] Fixed a bug where the service status would not show properly on some systems running hardened kernels.

2.12-1 (13 Sept 2019)

  • [+] Added support for Plesk Obsidian 18.
  • [+] Added support for the Plesk skins and color schemes extension with all the default themes supported.
  • [+] Added a cluster delete option to the ignore grid when LFD clustering is enabled.
  • [+] Added a pre-install check to make sure that we are not trying to install on a future unsupported OS.
  • [=] Updated the modsecurity log search to include a hostname select list.
  • [=] Updated the services widget to show the uptime, CPU usage, and memory usage of each service. The health dashboard widget was removed as its no longer needed.
  • [=] Updated the Web Access, Web Error Log, and Modsecurity log pages to pre-select a large limit when performing a search. This helps to return results when searching large logs.
  • [=] Updated the IPV6 default setting to try and check if IPv6 is enabled on the server or not.
  • [=] Updated the javascript libraries to the latest versions.
  • [=] Updated the vendor libraries to the latest versions.
  • [=] Improved the service status detection used by the dashboard services widget.
  • [-] Fixed a bug with DENY_IP_LIMIT and DENY_TEMP_IP_LIMIT to allow setting then to 0 to disable IP address rotation.
  • [-] Fixed a bug with the access logs and error logs not showing when using a custom vhosts directory HTTPD_VHOSTS_D in /etc/psa/psa.conf
  • [-] Fixed a bug with the firewall rule count used by the services dashboard widget not being calculated properly.
  • [-] Fixed style problems when using custom skins.

2.11-1 (01 Apr 2019)

  • [+] Added the send to cluster and delete from cluster options to the deny, allow, and ignore grids (LFD clustering must be enabled).
  • [=] Updated the apache-useragents custom trigger to include the ZmEu vulnerability scanner user agent. To enable the updated trigger delete the old custom trigger then re-enable it.
  • [=] Updated the order of the customer and company columns in the panel log.
  • [=] Updated the logic when adding advanced allow or deny filters to not require the firewall to be manually restarted.
  • [=] Updated the reports to take advantage of the new searchable filters in the log grids.
  • [=] Updated the default value for LF_MODSEC to 20.
  • [-] Fixed bug where the no delete option was not working on the deny permanently grid.
  • [-] Fixed less_than_or_equal error validation not displaying properly.
  • [-] Fixed column spacing for IPv6 addresses in the grids.
  • [-] Translation fixes.

2.10-2 (05 Mar 2019)

  • [+] Added web access user agent reports for 401 Unauthorized, 403 Forbidden, and 404 Not Found.
  • [=] Updated the apache-useragents custom trigger to include the OpenVAS vulnerability scanner user agent. To enable the updated trigger delete the old custom trigger then re-enable it.

2.10-1 (21 Feb 2019)

  • [+] Added a send to cluster option to the IP address lookup dialog actions tab if LFD clustering is enabled.
  • [+] Added web access and modsecurity reports for 401 Unauthorized, 403 Forbidden, and 404 Not Found status codes.
  • [=] Updated the IP address lookup dialog actions form to not reset after submitting.
  • [=] Updated the web access log to display the referrer and user agent by default.
  • [=] Updated the apache-scanners custom trigger to include additional scanner hits. To enable the updated trigger delete the old custom trigger then re-enable it.
  • [=] Updated the apache-useragents custom trigger to include the Jorgee vulnerability scanner user agent. To enable the updated trigger delete the old custom trigger then re-enable it.
  • [=] Updated the intelligent search to make it easier search for IPv6 addresses.
  • [=] Updated the reports to take advantage of the new searchable filters in the log grids.
  • [-] Fixed bug where location data was not being loaded for custom filters in the allow and deny grids.
  • [-] Fixed the width for the view modsecurity dialog when clicking on transactions outside of the modsecurity log.
  • [-] Fixed bug that caused some of the pages to not submit their forms properly (firewall profiles, report statistics).
  • [-] Fixed bug where the cluster search was not displaying errors properly.
  • [-] Fixed bug where the cluster remove allowed IP and cluster change config options were not working in the dashboard actions widget.
  • [-] Fixed bug where temporary iptables search results were showing up in the IPv6 search results table.
  • [-] Fixed bug where the POP3/IMAP client IP report was linking to the wrong log.
  • [-] Fixed bug where user would get logged out of the application before the panel session timeout period.
  • [-] German translation fixes. Thanks Dennis!

2.09-1 (02 Feb 2019)

  • [+] Added notice improvements when viewing modsecurity transactions.
  • [+] Added additional search filtering options to the tracking and panel logs pages.
  • [+] Added templates for allow and allow dyndns grids to make it easier to add advanced allow filters.
  • [+] Added an intelligent search to the top right of each page for searching iptables or log files.
  • [+] Added missing countries to the available country list (Åland Islands, Antarctica, Bonaire, Christmas Island, Cocos Islands, Saint Barthélemy, Svalbard and Jan Mayen).
  • [=] Updated the web access and modsecurity logs to highlight rows in red that have a 403 forbidden status.
  • [=] Updated the connection and apache tracking to highlight rows in red that have been denied by the firewall.
  • [=] Updated the modsecurity view transaction dialog to open the request header section by default.
  • [=] Updated the width of the modsecurity transaction dialog.
  • [=] Updated the firewall and login failure daemon health dialogs to display warnings when csf has unresolved errors.
  • [=] Updated the user search to be a pattern search for the login log so that you can search multiple fields.
  • [=] Updated the system logs to exclude firewall log entries by default.
  • [=] Updated the IP address lookup menu to include options for searching the login and panel logs.
  • [=] Updated the order of the grid actions for the tracking pages.
  • [-] Fixed bug where the log maintenance settings were not being saved and loaded from the database.
  • [-] Fixed bug when deleting complex filters using the deny or allow grids.
  • [-] Fixed bug where the column chooser and export buttons were not showing up on the web access log.
  • [-] Fixed bug where modsecurity log export button was not exporting log data.

2.08-2 (25 Dec 2018)

  • [-] Fixed bug on Debian 8.11 where it would not recognize the newer apt-get command line options the installer was using.
  • [-] Fixed bug on Cloudlinux systems where /proc was not accessible to determine if the system was running systemd or sysvinit.

2.08-1 (05 Dec 2018)

  • [+] Added the option CT_SUBNET_LIMIT under Settings -> Tracking Settings -> Connection Tracking Settings. This can help protect against some types of DDos attacks.
  • [+] Added support for Ubuntu 18.04 LTS (Bionic Beaver).
  • [=] Updated the CLUSTER_SENDTO and CLUSTER_RECVFROM options so that you can point them to a file instead of using IP addresses directly.
  • [=] Removed the ALTTOR blocklist on new installations as it has been discontinued.
  • [-] Fixed bug where courier-imaps and courier-pop3s log lines were not showing up in the POP3/IMAP Log.

2.07-3 (12 Nov 2018)

  • [-] Fixed bug with the LFD watchdog extension entry.
  • [-] Fixed bug with the connection tracking CT_LIMIT validation range not allowing a setting of 0.

2.07-2 (29 Oct 2018)

  • [+] Added Distributed SMTP tracking (Postfix only). The options LF_DISTSMTP, LF_DISTSMTP_UNIQ, LF_DISTSMTP_PERM, LF_DISTSMTP_ALERT are under Settings -> Tracking Settings.
  • [+] Added range validation to many of the configuration options.
  • [=] Updated many of the tracking settings to use select lists to make them easier to understand.
  • [=] Removed the PT_ALL_USERS option as its not supported on a Plesk server.
  • [=] German translation fixes. Thanks Dennis!

2.06-2 (16 Sep 2018)

  • [+] Added Plesk Onyx 17.9 support.
  • [+] Added a service monitoring entry for the login failure daemon if the Watchdog extension is installed.
  • [+] Added sortable tables for the iptables status, iptables search, and cluster searches.
  • [+] Added a ping button to the LFD Clustering page to make it easier to test your LFD cluster settings.
  • [=] Updated the installer to configure the kernel.printk setting if not already set to prevent iptables from logging to the console.
  • [=] Updated the installer to configure proftpd passive ports better.
  • [=] Updated the WYSIWYG editor to the latest version.
  • [-] Fixed license error when users were running with NO_ZERO_DATE enabled in MySQL.
  • [-] Fixed bug where courier-pop3d log lines were not showing up in the POP3/IMAP Log.
  • [-] Fixed bug where the text highlight function would sometimes break html output.

2.05-3 (11 June 2018)

  • [=] Updated SQL queries to be STRICT_ALL_TABLES compliant.
  • [=] Updated the default LF_MODSEC trigger from 10 to 15.
  • [=] Fixed license page billing cycle display.

2.05-2 (29 April 2018)

  • [-] Fixed SUS license check bug.

2.05-1 (11 April 2018)

  • [+] Added support for free trial licenses.
  • [+] Added USE_FTPHELPER option under General Settings.
  • [+] Added ICMP_TIMESTAMPDROP option under Port Settings.
  • [=] Updated misc components to follow Plesk extension guidelines.
  • [=] Updated the default bocklist for GREENSNOW to use https

2.04-1 (14 March 2018)

  • [+] Added support for cluster ignore in the dashboard actions widget.
  • [+] Added a zgrep binary location setting to Binary Locations page.
  • [+] Added a support section to the settings page.
  • [+] Added wildcard search support to the logs area (-W checkbox).
  • [+] Added support for Cloudflare blocking for login failure custom triggers.
  • [+] Added new Docker Settings page under Firewall Settings.
  • [+] Added an IP version field to connection tracking page so you can filter based on IPv4 or IPv6 connections.
  • [+] Added a copy button next to country select lists so you can copy and paste values when duplicating country settings across servers.
  • [+] Added missing reporting templates.
  • [+] Added terminal type search filter to the login log page.
  • [=] Updated the defaults for /etc/csf/csf.dyndns to include Plesks new license check port 443 to and from
  • [=] Updated the legend titles to include the full path to the data source.
  • [=] Updated WYSIWYG editor and codemirror plugins to their latest versions.
  • [=] Updated the HTML Purifier library to the latest version.
  • [=] Updated the WYSIWYG editor to allow script tags.
  • [=] Updated the minimum Plesk version to 17.0 so we can use the new Plesk APIs.
  • [=] Updated the install / upgrade process to use the new Plesk Long Tasks API to provide a better installation experience.
  • [=] Updated the new install process to defer any changes to the server until the user specifically runs the installer script.
  • [=] Updated the scheduled task cron to use the new Plesk APIs.
  • [=] Updated the default lookup type from A to ANY for the network lookup information tool.
  • [=] Updated the autosuggest help search tool.
  • [*] Updated the default first sort order for tracking grids so that most columns will sort descending on first click.
  • [-] Fixed apt-get installation warnings about frontend not being set Debian/Ubuntu.
  • [-] Fixed bug when selecting the state filter on the connection tracking page.

2.03-1 (08 Dec 2017)

  • [+] Added LF_MODSECIPDB_ALERT and LF_MODSECIPDB_FILE under Login Failure Blocking so users can get an alert if their modsecurity persistent IP storage file on the server gets too large.
  • [+] Added PT_SSHDKILL option to process tracking. This option will terminate the SSH processes created by the blocked IP.
  • [+] Added a status search select list to the top of the Web Access and Modsecurity grids.
  • [+] Added the ability to toggle the tag editor on or off.
  • [=] Updated the modsecurity disable rules tab not to include additional owasp-modsecurity-crs version 3 correlation ids.
  • [=] Updated the HTTP status code list to include additional codes.
  • [-] Fixed autosuggest on advanced searches.
  • [-] Fixed bug where modsecurity transactions were not clickable in the grids.
  • [-] Fixed bug where no delete was not showing on the network information firewall actions tab.
  • [-] Fixed bug where certain login failure custom triggers could get cut off when editing them.
  • [-] Fixed SELinux permission issues on the modsecurity audit directory.
  • [-] Fixed permissions problems on Plesk 17.8.

2.02-1 (14 Nov 2017)

  • [+] Added LF_APACHE_ERRPORT under Login Failure Blocking so users can set if their Apache 2.4 error log has port number attached to client IP address.
  • [+] Added a javascript duration widget for fields where the user provides values in seconds.
  • [*] Updated the application to only display an exception backtrace when in development mode.
  • [*] Updated the log files for grids to be sorted intelligently.
  • [*] Updated the Panel log grid to hide actions performed by localhost by default.
  • [*] Updated the setup scripts to create the csf user home directory for use by the messenger service if it does not exist.
  • [*] Updated default login triggers for horde, roundcube, and Plesk from 600 to 86400 seconds.
  • [*] Updated the Login Failure Custom Triggers grid to display permanent instead of 1 for the block time.
  • [*] Updated the network information lookup tool to be able to parse advanced firewall rules.
  • [-] Disabled sort option for all action columns.
  • [-] Fixed bug on Cloudlinux where certain package dependencies were not being installed.
  • [-] Fixed grid loading text when performing various actions.
  • [-] Fixed action search For the Panel log grid.
  • [-] Security improvements.

2.01-1 (24 Oct 2017)

  • [+] Added cloudflare firewall support (Cloudflare settings, Cloudflare users, and Cloudflare actions widget).
  • [+] Added support for comma separated list of ports for Advanced Allow/Deny Filters.
  • [*] Updated the system logs grid to match php based log lines.
  • [-] Fixed Panel log grid and reports to be compatible with Plesk 17.8.
  • [-] Fixed language auto-detection.
  • [-] Fixed notice display when saving a form that has errors.
  • [-] Fixed settings management bug when importing empty groups.

2.00-2 (12 Oct 2017)

  • [-] Fixed bug where the "no delete" checkbox was not showing on the firewall actions tab when selecting the deny option.
  • [-] Fixed redirection loop when the trusted host and license checks both failed.
  • [-] Fixed exception when running the log maintance action.

2.00-1 (27 Sept 2017)

  • [+] Juggernaut Firewall is now a fully compatible Plesk extension with one click install / un-install.
  • [+] Added new option LF_APACHE_401 trigger that works in a similar way to LF_APACHE_404 and LF_APACHE_403 triggers.
  • [+] Added new option RECAPTCHA_ALERT. This will send an email when a reCAPTCHA unblock request is attempted by lfd. This option is enabled by default.
  • [+] Added a new tagging javascript widget to all comma separated input fields for easier editing and more screen real estate. Port and IP address fields are now sorted automatically when saved.
  • [+] Added autosuggest capability to port and network interface fields.
  • [+] Added the ability to copy ipv4 and ipv6 port fields back and forth.
  • [+] Added the ability to generate reports on a domains web access and error log.
  • [+] Added client side column sorting to all table based reports.
  • [+] Added over 50+ reports to the reports area.
  • [+] Added LFD messenger log grid to the logs area.
  • [+] Added a cancel button to settings forms.
  • [+] Added the name of the file being edited to grid and textarea titles.
  • [+] Added a pattern search to all firewall grids.
  • [+] Added location and flag columns to all firewall grids.
  • [+] Added a Wordpress user enumeration custom trigger.
  • [+] Added Spamhaus DROPv6 and Stop Forum Spam IPv6 blocklists to csf.blocklists
  • [+] Added CSF built in RBL checker to the tools and settings areas.
  • [+] Added trusted hosts option to application settings to protect against host header spoof attacks.
  • [+] Added no frames action to application settings to give users the ability of what to do when the application is loaded without the sidebar.
  • [+] Added option to optionally schedule security and RBL reports if an email and interval is provided.
  • [+] Added option to set the number of days of modsecurity logs you want to keep under Log Maintenance -> Log Settings.
  • [*] Updated most reports to now be actionable. You can click on a report item to search for that value in its logs area.
  • [*] Switched all file management and suexec functions to use Plesks extension APIs.
  • [*] Increased the default value for MESSENGER_RATE to 100/s (from 30/s) and MESSENGER_BURST to 150 (from 5) for all installations to alleviate slow MESSENGER response times.
  • [*] Updated the IP address information connection tracking tab to show service names instead of just port numbers.
  • [*] Updated login failure web application triggers to include ports 7080,7081.
  • [*] Updated DNS and geolocation vendor classes to latest versions.
  • [*] Updated the regex for the Wordpress brute force trigger to include 500 and 503 status codes.
  • [*] Updated javascript libraries to their latest versions.
  • [*] Updated the WYWIWYG editor used for editing messenger templates to the latest TinyMCE and added source code stying and the ability to upload and embed images.
  • [*] Updated all CSF alert settings to be on a single page.
  • [*] Updated default order of the status column the modsecurity grid.
  • [*] Updated the referrer and user agent for the web access log to be on its own subgrid.
  • [*] Updated the full message for the iptables log to be on its own subgrid.
  • [*] Updated the defaults for the config item WAITLOCK to enabled.
  • [*] Updated the whitelist entry for plesk license checks from to
  • [*] Updated the modsecurity view transations rules tab to include msg descriptions along with the rule id.
  • [*] Updated the modsecurity disable rules instructions to not include OWASP ModSecurity Core Rule Set correlation rule ids.
  • [*] Updated the web error log modsecurity unique_id to be clickable to search though the modsecurity log for that transaction.
  • [*] Removed email settings pages as they were not currently being used.
  • [*] Removed the cluster actions dashboard widget. Cluster actions functionality is now built into the main dashboard actions widget.
  • [*] Removed dead blocklist entries from our master list.
  • [*] Security improvements.
  • [-] Fixed bug where scheduled tasks were not running properly.
  • [-] Fixed bug where null coordinates for an IP address would crash the map renderer.
  • [-] Fixed 'pm_Context' not found error when Plesks own internal error logging was enabled.
  • [-] Fixed IP address context menu popup styling in Google Chrome.
  • [-] Fixed wrong path for messenger "Virtualhost SSL definitions" default on Debian.
  • [-] Fixed bug where grid column chooser was not working properly.
  • [-] Fixed cluster master detection logic.
  • [-] Fixed PHP compatibility, coding errors, and performance improvements using static PHP code inspection tools.

1.44-1 (25 June 2017)

  • [+] Added new option "DROP_OUT" under Settings-> Firewall -> Logging Settings. This option sets the default target for blocked outgoing ports.
  • [-] Removed OpenBL blocklists as they are no longer active.
  • [-] Fixed issue with the country dropdown scrolling to top when selecting a country. This will make it easier when adding multiple countries.

1.43-1 (23 May 2017)

  • [-] Fixed default access and error log locations on Debian / Ubuntu

1.42-1 (14 May 2017)

  • [+] Added a web access log grid for viewing your server and vhost access logs.
  • [+] Added a web error log grid for viewing your server and vhost error logs.
  • [+] Added reCAPTCHA template to the lfd log search templates.
  • [+] Added location data to log exports.
  • [*] Updated mod_security rules tab to include instructions on how to disable rules for the entire domain or by a specific URL only.
  • [*] Updated iso country list to include the latest recognized countries.
  • [*] Updated the country settings to only display a warning when adding countries when ipset not enabled.
  • [*] Updated the file offset and limit to be reversed so they are more understandable.
  • [-] Fixed a permission error on script so it can clean the mod_security audit directory after 30 days.
  • [-] Fixed IP lookup menu bug not allowing search by connection or Apache tracking
  • [-] Fixed file offset giving an error if the line count wasn't fully loaded.

1.41-1 (22 April 2017)

  • [+] Added a WHMCS custom login failure trigger.
  • [+] Added a Joomla custom login failure trigger. The Joomla fail2ban extension must be installed on their domain for it to work properly:
  • [*] Updated default mail log location to /var/log/maillog on Debian / Ubuntu installations
  • [-] No longer try to guess ETH_DEVICE for openvz kernels.
  • [-] Fixed Google Chrome blocking saving the re-captcha template because it includes embedded Javascript.

1.40-1 (12 March 2017)

  • [+] Added superuser ignore to the ignore area so you can skip the LF_EXPLOIT SUPERUSER check for some users.
  • [+] Added missing SMTP_REDIRECT option under SMTP settings from CSF 8.17
  • [*] Updated CLUSTER_SENDTO and CLUSTER_RECVFROM options to use one entry per line instead of commas to make it easier to read.
  • [*] Removed email address from messenger templates now that CSF has Google recaptcha support so users can unblock themselves.
  • [-] Fixed javascript error on pages where no form validation rules were defined.

1.39-1 (02 March 2017)

  • [+] Added CSF HTTPS messenger options so you can now redirect and display a message for blocked SSL traffic.
  • [+] Added CSF Google ReCAPTCHA messenger support so a user can now unblock themselves by filling out a captcha.
  • [*] Updated JQuery and JQuery UI libraries.
  • [-] Fixed issue with ignore IP addresses not being recognized properly by LFD when the IP address is entered without a comment.

1.38-1 (23 January 2017)

  • [+] Added the Firewall Profiles section for applying pre-defined security profiles or creating and restoring configuration backups.
  • [+] Added no delete option to the dashboard actions widget.
  • [+] Added cluster temp deny / temp allow to the cluster actions dashboard widget.
  • [+] Added cluster search functionaility in the iptables search.
  • [+] Added PT_USERRSS (RSS memory usage set) tracking to process tracking settings.
  • [+] Added predefined search templates for all grids to improve productivity when searching for data.
  • [*] Updated ignoring an IP address to restart the login failure daemon automatically.
  • [*] Updated the allow DynDNS grid restart button to restart both the firewall and login failure daemon.
  • [*] Updated PT_USERMEM default to be 512 MB.
  • [*] Updated grid error notices to include the error status code message in addition to the status number.
  • [-] Fixed the grid column chooser to automatically refresh the page when making changes.
  • [-] Fixed issue with help documentation not redirecting to the proper page now that we are using https://
  • [-] Fixed issue when updating the firewall not showing you the installation results.

1.37-1 (16 December 2016)

  • [+] Switched all RSS feeds to go over SSL for extra security.
  • [+] Added port 23 to DROP_NOLOG default.
  • [-] Fixed the mysqld login failure trigger. Removing then re-adding the trigger will apply the* [-] trigger.

1.36-1 (11 October 2016)

  • [+] Added auto refresh functionality to all grids.
  • [+] Added auto suggest to the modsecurity and login log area.
  • [+] Added single row deny buttons to the tracking grids.
  • [*] Updated the custom 4 log location to include "proxy_access" files for users running nginx only
  • [*] Updated system logs area to now use the same grid format as the other logs.
  • [*] Updated the comment textarea size for firewall grid comments.
  • [*] Updated the statistics report images to be responsive.
  • [*] Updated auto refresh functionality for tracking pages to a grid button instead of a separate form.
  • [*] Updated the Panel log to have the company pre-selected when searching.
  • [*] Updated the IP address lookup tool to use ajax for each tab.
  • [-] Fixed DNS query lookup tool displaying authority info in the response.
  • [-] Fixed process kill button running running terminate instead of kill.
  • [-] Fixed log offset support not working.
  • [-] Fixed z-index issue for grid autosuggests.

1.35-1 (25 September 2016)

  • [+] Added POP3/IMAP Log and SMTP Auth Log to the logs area so you can track the IP locations of authenticated users sending and receiving email from the server.
  • [+] Added CSF beta config options WAITLOCK and WAITLOCK_TIMEOUT to the general firewall settings page.
  • [+] Added auto suggest for the company and customer names to make it easier when searching the Panel log grid.
  • [-] Fixed German translations (special thanks to Dennis Klemmer).
  • [-] Fixed DB exception in the panel logs page when searching by cstomer or when exporting data.
  • [-] Fixed security check not displaying correctly after changes in CSF 9.22

1.34-1 (09 September 2016)

  • [-] Fixed issue on Debian / Ubuntu where the custom log locations were not being set properly.

1.33-1 (31 August 2016)

  • [+] Added the "login log" so you can now monitor who has successfully logged into the server using the console, SSH, or FTP.
  • [+] Added the "panel log" so you can now monitor all Plesk panel actions.
  • [+] Added process tracking to the tracking page. You can now monitor all process information similar to "top" right though the plesk interface.
  • [+] Added lookup dialogs for looking up process and user information.
  • [+] Added process hangup, terminate, and kill actions.
  • [+] Added listing ipv4 and ipv6 rules tabs to the iptables search page.
  • [+] Added different map provider functionality so you can choose from 25 different map types. You can choose your map provider on the geolocation settings page.
  • [+] Added cluster mapping functionality when displaying many points on a single map.
  • [*] Updated connection tracking, apache tracking and bandwidth tracking to show grid row differently if the IP address is located in the CSF deny file.
  • [] Updated the port tracking page to include the [+] process functions to be able to hang up , terminate or kill a process.
  • [-] Fixed exception when trying to perform the log maintenance action.
  • [-] Fixed the loading indicator not displaying when performing dashboard actions.

1.31-1 (19 August 2016)

  • [+] Added "" to the Allow DynDNS default so you can still install extensions even when blocking Russia on the firewall.
  • [+] Made improvements to the network information lookup tool.
  • [-] Fixed various Plesk 17 Onyx issues.
  • [-] Fixed connection lookups not working for ipv6 IP addresses.
  • [-] Fixed network information context menu z-index issue on grids.

1.30-1 (07 August 2016)

  • [+] Added health widget to the dashboard so you can view the number of active iptables rules as well as login failure daemon memory and CPU usage.
  • [+] Added pre-filtering and offset support for parsing large log files.
  • [+] Added PID information lookup tool to the connection tracking grid.
  • [+] Added log maintenance tasks to auto prune DB logs after a specified amount of days.
  • [*] Updated the services widget statuses to be clickable to get detailed information about that service.
  • [*] Updated licensing restrictions so subdomains no longer count towards domain limits.
  • [*] Updated tracking grids to hide private IP addresses.
  • [*] Updated report heights to take up less screen space.
  • [*] Updated the file data set limit to be a select list.
  • [*] Updated the modsecurity audit directory cleanup script to remove folders older than 30 days.
  • [*] Updated the reports yaxis to always start at zero.
  • [-] Fixed bug with country settings select lists not displaying ASN numbers properly.
  • [-] Fixed datetime pickers not using 24 hour format properly.
  • [-] Fixed timezone detection on some systems.
  • [-] Fixed log search case insensitive and extended regex options.
  • [-] Fixed whois bug for two letter TLDs not returning the correct base domain name.

1.29-1 (15 March 2016)

  • [+] The Juggernaut web interface will automatically download and install CSF during the setup wizard if it is not installed already.
  • [-] Fixed extra slashes in some language files.
  • [-] Fixed fatal error when Plesk debug logging is enabled.
  • [-] Fixed fatal error on the network information page when using legacy Plesk versions.
  • [-] Fixed invalid redirection error when running outside of frames when using legacy Plesk versions.
  • [-] Fixed error when mod_security log file is not present.
  • [-] Fixed "db_dir must be a valid directory" error when applying all recommended settings.
  • [-] Fixed map report lookup speed when you have a large number of IP addresses being displayed.
  • [-] Fixed db schema version number not getting properly [] on some systems.

1.28-1 (03 March 2016)

  • [+] Added restart LFD button to network information firewall actions panel.
  • [+] Added apache-referrers custom trigger to block referrer spammers.
  • [+] Added "no delete" option to the network information firewall actions panel.
  • [+] Added messaging when restarting LFD if CSF has unresolved errors.
  • [+] Added delete row button to grid actions columns.
  • [*] Updated IP network information panel to display tabs in order of most use.
  • [-] Removed duplicate rules from the modsecurity rules tab.
  • [-] Fixed bugs and optimized most of the custom triggers. To use the* [+] triggers just delete the old custom rule then re-enable. removed Removed STOPFORUMSPAM block list because it wasn't parsable by CSF (other lists by this maintainer do work).

1.27-1 (28 February 2016)

  • [+] Added block lists now that CSF 8.15 supports downloading zip file block lists.
  • [+] Added "Home" button to the the breadcrumb tree for those users who want the run apple outside of the Plesk Interface.
  • [+] Added support for the IP binary in the binary locations page.
  • [] Updated apache-useragents custom trigger to include more unwanted search bots and vulnerability scanners. To use the [+] trigger delete the old trigger then re-enable it.
  • [*] Updated report renders to show legends even the chart has many series. The legend will now display with a scroll bar.
  • [*] Updated the custom login failure triggers page to show the real log file location instead of just the configuration option.
  • [-] Fixed Exception when going to email template page.
  • [-] Fixed redirection loop when trying to run the application outside of the Plesk interface.

1.26-1 (19 February 2016)

  • [+] Added apache-scanners login failure trigger
  • [+] Added apache-useragents login failure trigger
  • [*] Optimized wordpress brute force trigger
  • [-] Fixed encoding issue when adding block lists and login failure custom triggers

1.25-1 (17 February 2016)

  • [+] Added interface for managing dynamic block lists. You can now choose from over 100+ blocklists.
  • [+] Added interface for managing custom login failure triggers.
  • [+] Added Geo, ASN, Ping, Traceroute, SPF and HTTPS lookup support to the network information tools.
  • [+] Added ASN support to the country settings page. You can now add ASN numbers to any CC_ fields.
  • [+] Added support for advanced iptables filters in the deny and allow areas.
  • [+] Added support for viewing logs from the Atomic custom mod_security package.
  • [+] Added "do not delete" support in the deny permanently area. Entries marked "no delete" will not be rotated if the csf.deny line limit is reached.
  • [+] Added real time port tracking to the tracking area.
  • [+] Added an iptables search dashboard widget.
  • [+] Added port number support to the temp deny / allow IP actions dashboard widget.
  • [+] Added a login failure daemon log dashboard widget.
  • [+] Added firewall and login failure daemon restart buttons to grids.
  • [+] Added PID column to login failure daemon logs.
  • [+] Added error highlighting to the login failure daemon logs.
  • [+] Added settings management area to manage all application settings. You can import, export, or reset any settings from a single page.
  • [+] Added a cron task to automatically remove modsecurity transactions from the audit log directory that are older than 90 days.
  • [+] Added login failure daemon start and stop support to the services dashboard widget.
  • [+] Added firewall version check and update to the product information dashboard widget.
  • [+] Added* [+] custom login failure daemon triggers for apache-overflows, php-url-fopen, wordpress and atomicturtles custom mod_security package.
  • [+] Added location and flag columns to modsecurity and iptables logs.
  • [*] Updated the modsecurity log to include status text allow with the status code.
  • [*] Updated iptables log message to only show the full message when hovering over the column.
  • [*] Updated the settings area to be more congruent with the CSF firewall config file.
  • [*] Updated country flag icons to now use CSS sprites and a single image.
  • [*] Updated the connection tracking grid connections option to be clickable to bring up the connection information dialog.
  • [*] Updated the dashboard interface to improve usability.
  • [*] Updated the UI to redirect to the admin homepage if the Plesk session has timed out and the Juggernaut interface is not being loaded within frames.
  • [*] Updated default theme to match the style of Plesk 12.5
  • [*] Updated file grid searches to be case insensitive be default.
  • [*] Updated Reverse DNS allow defaults to allow operations like whois lookup, Plesk license checks, and CSF downloads to work even if the country is being blocked by the firewall.
  • [*] Updated all dashboard widget screen shots.
  • [*] Updated the ports listening dialog to display using a table.
  • [*] Updated DYNDNS default to update every 6 hours.
  • [*] Updated grid action icons to include text.
  • [*] Updated grid to use form editing instead of cell editing.
  • [*] Updated the UI popup dialogs to automatically resize to the browser window height.
  • [*] Updated PT_APACHESTATUS config default to use localhost vs because some modsecurity rules block requests to the server-status page using the IP address.
  • [*] Updated apache tracking virtual host to not show the port information when running in reverse proxy mode.
  • [*] Updated the allow permanently area to include the administrators IP address by default.
  • [*] Updated comment fields to be textareas instead of text fields.
  • [-] Fixed iframe scrollbar issue on Plesk 12.5.
  • [-] Fixed grid showing error notice when refreshing or clicking away from the grid.
  • [-] Fixed comma separated input validation used for validating port numbers.
  • [-] Fixed ports listening dashboard widget not showing all results.
  • [-] Fixed settings export exception when exporting settings that contain characters not valid for XML.
  • [-] Fixed log file extended regex search not working in some situations.
  • [-] Fixed disk I/O not displaying on Centos / RHEL 7.
  • [-] Fixed cluster actions dashboard widget not allowing CIDRs.
  • [-] Fixed ports listening dashboard widget not showing all results.
  • [-] Fixed URL validation to allow localhost and IPv6 addresses.
  • [-] Fixed exception when browsing using a URL different than the server hostname.

1.24-1 (09 October 2015)

  • [+] Added realtime bandwidth and disk IO tracking.
  • [+] Added page refresh options to all tracking pages.
  • [+] Added connection total to grid footer of connection tracking page.
  • [+] Added realtime bandwidth and disk IO tracking.
  • [+] Added page refresh options to all tracking pages.
  • [+] Added connection total to grid footer of connection tracking page.
  • [+] Added CIDR support in cluster dashboard widget.
  • [+] Added dbus and time systemd regexes to log ignore defaults.
  • [+] Added "ports listening" dashboard widget.
  • [*] Updated tracking areas to automatically hide connections from the administrative IP address.
  • [*] Updated Apache and Network tracking to refresh every 10 seconds.
  • [*] Updated Kohana framework to the latest version.
  • [*] Updated HTML purifier to the latest version.
  • [*] Removed ignore settings from the settings area.
  • [-] Fixed jqgrid error bar display when switching pages.
  • [-] Fixed tracking page searches to automatically reset refresh interval when starting a* [+] search.
  • [-] Fixed Plesk 12.5 iframe resize issue.

1.23-1 (16 July 2015)

  • [+] Added* [+] CSF option CC6_LOOKUPS. This adds IPv6 support for Country Code and Country lookups.
  • [+] Added* [+] CSF option LF_NETBLOCK_IPV6. This adds IPv6 support for LF_NETBLOCK.
  • [+] Added* [+] CSF options LF_IPSET_HASHSIZE and LF_IPSET_MAXELEM to allow for larger ipset sets.
  • [+] Added* [+] CSF option X_ARF_ABUSE. This option allows for automatic sending of X_ARF reports to the IP addresses abuse contact. (Use with caution)
  • [+] Added* [+] CSF option PT_SSHDHUNG. Terminate hung SSHD sessions.
  • [+] Added* [+] CSF option HOST. LF_LOOKUPS now uses the host binary if available for more reliable IPv4 and IPv6 reverse lookups.
  • [+] Added default process tracking exclusions for Postfix.
  • [-] Fixed auto detection of ipset on Debian/Ubuntu.
  • [-] Fixed mod_security transactions not loading on RHEL 7 / Centos 7.
  • [-] Fixed help search highlight not showing after* [+] responsive theme.

1.22-1 (04 June 2015)

  • [+] Added* [+] Plesk 12.1 default responsive skin
  • [+] Opened port 24441 UDP for Spamassassin Razor2
  • [+] Allow reserved IP ranges to IP address validation
  • [*] Changed network lookup information dialogs now wrap content
  • [-] Fixed exception when exporting settings that had invalid characters.
  • [-] Fixed exception when running the security check when CSF had been disabled.
  • [-] Fixed cron task module not running properly.
  • [-] Fixed viewing ports and form help dialogs during the setup wizard.

1.21-1 (19 April 2015)

  • [+] Added CSF options LF_SPI, TAIL, GREP, IPSET, SYSTEMCTL
  • [+] Added the ability for the interface to be loaded within frames to support Plesk web admin and web app editions.
  • [+] Added fixes for the upcoming Plesk 12.1.
  • [+] Added better dialog ajax loading indicators and error handling.
  • [+] Added login failure daemon PHP suhosin alert detection.
  • [+] Added machine translations for French, Spanish, Italian, Dutch, Polish, Portuguese, Russian, Chinese Simplified, Chinese Traditional, Japanese.
  • [+] Added a warning to enable ipset support if using excessive country blocks or allows.
  • [*] Changed Grid ID columns to not displayed by default.
  • [*] Changed the security check to use Plesk table styling.
  • [*] Changed LF_IPSET to be enabled by default if ipset is detected.
  • [*] Changed DENY_IP_LIMIT and DENY_IP_LIMIT to be higher if ipset is detected.
  • [*] Changed reports to auto hide the report legend if it has over 15 labels.
  • [*] Changed messenger templates to include a contact email by default.
  • [*] Changed ignore options to be displayed with their respective settings area.
  • [*] Changed network and Apache tracking grids to refresh every 15 seconds by default.
  • [*] Changed help form label popup dialogs to be more sticky so you can view them easier.
  • [*] Changed statistics page to not display the MySQL password. The MySQL password is now validated and saved only if it is filled in.
  • [-] Fixed Plesk sendmail wrapper SIGCHLD problem using workaround from CSF team.
  • [-] Fixed search grid order by bug.
  • [-] Fixed locale bug that caused reports with specific locales to not render.
  • [-] Fixed wrong systemctl location for Debian / Ubuntu OS betas.

1.20-1 (01 March 2015)

  • [+] Added real-time network connection and Apache connection tracking.
  • [+] Added connections tab to the IP address lookup tools so you can see exactly what ports an IP address is connected to.
  • [+] Added LF_DISTFTP_ALERT option so you can disable distributed FTP attack alerts.
  • [+] Added "Region" display to IP address lookup tools.
  • [*] Grouped settings area and documentation into functionality so it is easier to understand. All settings options are now one level deep.
  • [*] Updated system logs area to display on page load.

1.19-1 (19 February 2015)

  • [+] Added the ability to use a hostname as the nameserver when using the network information tool.
  • [*] Improved the network information lookup tool to allow you to query by input, domains and IP addresses all at the same time.
  • [*] Improved content editing textareas to now auto grow with content.
  • [*] Reduced padding for dashboard widgets, tabs and forms so they take up less screen space.
  • [*] Updated application DB connection hostnames from to localhost so PHP will use the MySQL socket.
  • [*] Updated the ipv6 port setting page to match the same order of the ipv4 page.
  • [*] Updated the modsecurity log area to display a warning instead of an exception if modsecurity is not configured.
  • [-] Fixed bug where firewall action widget color styling was not getting displayed.
  • [-] Fixed grid javascript error when checking for application updates.
  • [-] Fixed bug where firewall action widget color styling was not getting displayed.
  • [-] Fixed grid top paging number getting cut off in some browsers.
  • [-] Fixed bug where iptables running status could not be determined on Debian 6.

1.18-1 (02 February 2015)

  • [+] Added "Follow Us" Twitter link in announcements dashboard widget.
  • [+] Added CC_LOOKUPS option 3 to also include IP ASNs via the MaxMind GeoIPASNum database.
  • [*] Dashboard layout and widget state is now stored for each admin user in the database instead of a browser cookie.
  • [*] Dashboard widget widths improved for smaller screen sizes.
  • [*] Deny, allow, and ignore grid search defaults to "begins with" instead of "equal" so you can search for an IP faster.
  • [*] URLGET default now set to "2" to use LWP::Useragent for downloads (Supports SSL).
  • [*] RESTRICT_SYSLOG default set to 2, PORTKNOCKING_ALERT default set to 0.
  • [*] Report start time default was changed from 1 month to 7 days ago.
  • [-] Fixed license key properties display issue when issued to multiple hosts.
  • [-] Fixed report "Firewall Deny - Reason" not being displayed.
  • [-] Fixed login failure daemon restart and status issue on systems running systemd and CSF 7.60.

1.16-1 (30 December 2014)

  • [*] PS_INTERVAL default now set to 0.
  • [*] PORTS_bind default now set to 53;udp,53;tcp
  • [*] All install/updates are now using SSL in addition to being GPG signed.
  • [-] Fixed incorrect default location of HTACCESS_LOG for servers running Plesk 11.09.
  • [-] Fixed file not found error for the statistics widget when the login failure daemon had never been started before.

1.15-1 (13 January 2014)

  • [+] Ipset 6+ is now supported. Ipset is an extension to iptables that allows you to create firewall rules that match entire "sets" of addresses at once. IP sets are stored in indexed data structures, making lookups very efficient, even when dealing with large sets.
  • [+] Added ability to view ports on the server that have a running process behind them listening for external connections (In the Tools and Port Settings areas). This allows you to easily determine what ports you need open on your firewall.
  • [+] Added support for CSF's built in graphing for system statistics.* [+] statistics are available under Reports -> Statistics.
  • [] Updated the default firewall blocklist settings to include the fail2ban blocklist from This is large blocklist to it is recommended that you use this list with the [+] ipset support enabled.
  • [*] Default configuration setting changes: IPV6 enabled by default, LF_SSH_EMAIL_ALERT enabled by default, LF_CONSOLE_EMAIL_ALERT disabled by default, USE_CONNTRACK disabled by default, unused custom logs set to /var/log/customlog
  • [*] Website and documentation is now going over SSL (SHA256) certificates.
  • [-] Fixed debug level using a checkbox instead of a select list.
  • [-] Fixed documentation for mod security audit log setup setup when selinux is enabled.

1.14-1 (29 August 2014)

  • [+] Added support for RHEL/Centos 7.
  • [-] Fixed fatal error when exporting some table render type reports.
  • [-] Removed regex fixes for smtp auth for Plesk 12 now that they are included in CSF 7.09

1.13-1 (08 August 2014)

  • [+] Added grid search highlighting.
  • [*] Changed default modsecurity log file location to /var/log/modsec_audit.log now that Plesk12 has added proper log rotation for it.
  • [-] Fixed grid live editing error when editing large files.
  • [-] Fixed smtp_auth regex for Qmail and Postfix with Plesk 12. To apply these fixes go to Settings -> Login Failure and Alerts -> Login Failure Blocking Custom Regex -> Press the default button then restart the login failure daemon. Fixes have been submitted to CSF.

1.12-1 (31 July 2014)

  • [+] Added inline editing of grid comments for permanently deny, allow and ignore. Click on comment to live edit, enter to submit, esc to cancel.
  • [-] Fixed report widgets not rendering in dashboard.
  • [-] Fixed modsecurity search status reporting as not set.

1.11-1 (28 July 2014)

  • [+] Added the ability to export reports and logs to CSV file.
  • [+] Added IP address lookup tools to LFD grid message field.
  • [+] Added JavaScript validation to all dialog forms.
  • [*] Updated log area so logs are listed by most used.
  • [*] Updated all JavaScript plugins to their latest versions.
  • [*] Updated all JavaScript plugins to use their minified versions.
  • [*] Updated show/hide password field functionality.
  • [*] Updated cluster widget change config option to be filterable.
  • [] Updated grid data source select list to be [-] width.
  • [*] Updated the default modsecurity log grid search to default to 403 forbidden status code.
  • [*] Updated the modsecurity status code select list to have the most common status codes listed near the top
  • [*] Updated the height for multi-select boxes to be bigger by default.
  • [-] Fixed web updater to properly login to client area to download updates.
  • [-] Fixed slow loading of domain drop downs on Plesk 12.
  • [-] Fixed cluster service options to hide if the firewall is disabled.
  • [-] Fixed extra horizontal scroll bar for system logs content areas.
  • [-] Fixed dialog errors going to the wrong location.
  • [-] Fixed grid size not using full window width.
  • [-] Fixed time picker locale being included before the plugin.

1.10-1 (11 July 2014)

  • [+] Added LF_DIST_ACTION config option
  • [+] Added DNSBL check IP addresses and DNSBL check options to Network Information settings.
  • [+] Added DNSBL email alert template.
  • [*] Changed Network Information query type to default to domain first.
  • [*] Changed default ports to include TCP_IN 30000:35000 for proftpd and UDP_OUT 33434:33523 for traceroute
  • [*] Changed announcements widget to not allow links in description
  • [-] Fixed Network Information DNSBL button with wrong id
  • [-] Fixed Plesk 12 settings area legend style
  • [-] Fixed Plesk 12 autoloader errors (application will be much faster now)
  • [-] Fixed Plesk 12 class conflict which caused fatal error.
  • [-] Fixed error when trying to hide report legend.

1.09-1 (20 June 2014)

  • [+] Added dropdown selection lists for name servers if they are added in network information settings
  • [+] Added Itialian machine translations
  • [-] Fixed OS detection of older Debian distros
  • [-] Updated Switmailer to version 5.2.1
  • [-] Fixed LFD status detection for different locales
  • [-] Fixed whois fatal crash on Plesk 12

1.08-1 (28 May 2014)

  • [+] Added network information bulk lookup tools (DNS, Whois, Map, DNSBL, SURBL)
  • [+] Added network information settings area to control DNS and DNSBL settings
  • [+] Added "Delete and move to ignore" grid actions
  • [+] Added "Unblock and ignore" action to IP tools
  • [+] Added grid refresh on IP tools actions
  • [-] Fixed IP tools actions failing on dashboard recent widgets
  • [-] Fixed grid state cookie is now only saved on column reorder
  • [-] Fixed German translations (Thanks to Stefan Kellenberger)
  • [-] Fixed XML export of array types

1.07-1 (10 May 2014)

  • [+] Default locale switching option included in Application Settings.
  • [+] German machine translation now included.
  • [+] Security check now includes scoring.
  • [+] CSF added DROP_UID_LOGGING option in logging settings.
  • [+] CSF Updated default DSHIELD blocklist URL from to
  • [*] Detect Virtuozzo/Openvz container and apply different firewall setting defaults.
  • [*] PT_LIMIT is now 0 by default.
  • [*] LF_SSH_EMAIL_ALERT is now 0 by default.
  • [*] Auto hide report legend if data set contains too many sets.
  • [-] Fixed calendar, time, and multi-select localization.
  • [-] Fixed Tinymce WYSIWYG fatal error when using other locales.
  • [-] Fixed Juggernaut custom button to open with no frames.

1.06-1 (15 April 2014)

  • [+] Added modsecurity alerts tab on the view transaction dialog so that you can easily view all alerts and their matching rule_ids.
  • [+] Added modsecurity reports Modsecuritytophostname.php, Modsecuritytopsourceip.php.
  • [] Deprecated modsecurity reports Modsecurityrule.php, Modsecurityseverity.php, Modsecuritytoprule.php, Modsecuritytopdomain.php because of the [+] modsecurity concurrent audit log format. The old reports can be removed from the "/usr/local/psa/admin/htdocs/juggernaut/application/classes/Model/Report/Plugin" directory.
  • [*] Updated modsecurity audit log viewer for compatibility with default modsecurity shipping with Plesk 12.
  • [*] LF_SSH_EMAIL_ALERT is now 0 by default.
  • [*] Removed default custom regular expressions for courier-imap, Qmail SMTP AUTH and Postfix SMTP_AUTH for Plesk servers as they are now included with CSF (Thanks Chirpy!).
  • [*] Removed RBN from defaults for csf.blocklist as it is now obsolete.
  • [-] Fixed webupdater backing up plugins and reports to the wrong directory.

1.04-1 (09 April 2014)

  • [+] Plesk 11.0 and Plesk 12 compatability fixes.

1.02-1 (28 March 2014)

  • [+] Added network information lookup tool for doing GeoIP and whois lookups manually.
  • [+] Added more reports for firewall deny, modsecurity and iptables.
  • [+] Added login failure daemon custom regex writing using codemirror.
  • [+] Added autosuggestion search bar for finding config items. Now lookups will take you to the correct page and highlight the selected item.
  • [+] Added grid for IP blocking ignore.
  • [*] Improved CIDR select lists to include number of hosts.
  • [*] Organized login failure blocking features under their own button.
  • [*] Added OS dependent exceptions for process tracking ignore
  • [-] Fixed web updater plugin backups coping to wrong subdirectory.

1.01-1 (20 March 2014)

  • [+] Added release channel select list.
  • [-] Fixed help label tool tip not displaying default value.

1.00-1 (14 March 2014)

  • [+] Initial release.