Changelog

Legend

[+] New Feature
[*] Updated feature
[-] Fixed bug

2.05-1 (11 April 2018)

  • [+] Added support for free trial licenses.
  • [+] Added USE_FTPHELPER option under General Settings.
  • [+] Added ICMP_TIMESTAMPDROP option under Port Settings.
  • [=] Updated misc components to follow Plesk extension guidelines.
  • [=] Updated the default bocklist for GREENSNOW to use https

2.04-1 (14 March 2018)

  • [+] Added support for cluster ignore in the dashboard actions widget.
  • [+] Added a zgrep binary location setting to Binary Locations page.
  • [+] Added a support section to the settings page.
  • [+] Added wildcard search support to the logs area (-W checkbox).
  • [+] Added support for Cloudflare blocking for login failure custom triggers.
  • [+] Added new Docker Settings page under Firewall Settings.
  • [+] Added an IP version field to connection tracking page so you can filter based on IPv4 or IPv6 connections.
  • [+] Added a copy button next to country select lists so you can copy and paste values when duplicating country settings across servers.
  • [+] Added missing reporting templates.
  • [+] Added terminal type search filter to the login log page.
  • [=] Updated the defaults for /etc/csf/csf.dyndns to include Plesks new license check port 443 to and from ka.plesk.com.
  • [=] Updated the legend titles to include the full path to the data source.
  • [=] Updated WYSIWYG editor and codemirror plugins to their latest versions.
  • [=] Updated the HTML Purifier library to the latest version.
  • [=] Updated the WYSIWYG editor to allow script tags.
  • [=] Updated the minimum Plesk version to 17.0 so we can use the new Plesk APIs.
  • [=] Updated the install / upgrade process to use the new Plesk Long Tasks API to provide a better installation experience.
  • [=] Updated the new install process to defer any changes to the server until the user specifically runs the installer script.
  • [=] Updated the scheduled task cron to use the new Plesk APIs.
  • [=] Updated the default lookup type from A to ANY for the network lookup information tool.
  • [=] Updated the autosuggest help search tool.
  • [*] Updated the default first sort order for tracking grids so that most columns will sort descending on first click.
  • [-] Fixed apt-get installation warnings about frontend not being set Debian/Ubuntu.
  • [-] Fixed bug when selecting the state filter on the connection tracking page.

2.03-1 (08 Dec 2017)

  • [+] Added LF_MODSECIPDB_ALERT and LF_MODSECIPDB_FILE under Login Failure Blocking so users can get an alert if their modsecurity persistent IP storage file on the server gets too large.
  • [+] Added PT_SSHDKILL option to process tracking. This option will terminate the SSH processes created by the blocked IP.
  • [+] Added a status search select list to the top of the Web Access and Modsecurity grids.
  • [+] Added the ability to toggle the tag editor on or off.
  • [=] Updated the modsecurity disable rules tab not to include additional owasp-modsecurity-crs version 3 correlation ids.
  • [=] Updated the HTTP status code list to include additional codes.
  • [-] Fixed autosuggest on advanced searches.
  • [-] Fixed bug where modsecurity transactions were not clickable in the grids.
  • [-] Fixed bug where no delete was not showing on the network information firewall actions tab.
  • [-] Fixed bug where certain login failure custom triggers could get cut off when editing them.
  • [-] Fixed SELinux permission issues on the modsecurity audit directory.
  • [-] Fixed permissions problems on Plesk 17.8.

2.02-1 (14 Nov 2017)

  • [+] Added LF_APACHE_ERRPORT under Login Failure Blocking so users can set if their Apache 2.4 error log has port number attached to client IP address.
  • [+] Added a javascript duration widget for fields where the user provides values in seconds.
  • [*] Updated the application to only display an exception backtrace when in development mode.
  • [*] Updated the log files for grids to be sorted intelligently.
  • [*] Updated the Panel log grid to hide actions performed by localhost by default.
  • [*] Updated the setup scripts to create the csf user home directory for use by the messenger service if it does not exist.
  • [*] Updated default login triggers for horde, roundcube, and Plesk from 600 to 86400 seconds.
  • [*] Updated the Login Failure Custom Triggers grid to display permanent instead of 1 for the block time.
  • [*] Updated the network information lookup tool to be able to parse advanced firewall rules.
  • [-] Disabled sort option for all action columns.
  • [-] Fixed bug on Cloudlinux where certain package dependencies were not being installed.
  • [-] Fixed grid loading text when performing various actions.
  • [-] Fixed action search For the Panel log grid.
  • [-] Security improvements.

2.01-1 (24 Oct 2017)

  • [+] Added cloudflare firewall support (Cloudflare settings, Cloudflare users, and Cloudflare actions widget).
  • [+] Added support for comma separated list of ports for Advanced Allow/Deny Filters.
  • [*] Updated the system logs grid to match php based log lines.
  • [-] Fixed Panel log grid and reports to be compatible with Plesk 17.8.
  • [-] Fixed language auto-detection.
  • [-] Fixed notice display when saving a form that has errors.
  • [-] Fixed settings management bug when importing empty groups.

2.00-2 (12 Oct 2017)

  • [-] Fixed bug where the "no delete" checkbox was not showing on the firewall actions tab when selecting the deny option.
  • [-] Fixed redirection loop when the trusted host and license checks both failed.
  • [-] Fixed exception when running the log maintance action.

2.00-1 (27 Sept 2017)

  • [+] Juggernaut Firewall is now a fully compatible Plesk extension with one click install / un-install.
  • [+] Added new option LF_APACHE_401 trigger that works in a similar way to LF_APACHE_404 and LF_APACHE_403 triggers.
  • [+] Added new option RECAPTCHA_ALERT. This will send an email when a reCAPTCHA unblock request is attempted by lfd. This option is enabled by default.
  • [+] Added a new tagging javascript widget to all comma separated input fields for easier editing and more screen real estate. Port and IP address fields are now sorted automatically when saved.
  • [+] Added autosuggest capability to port and network interface fields.
  • [+] Added the ability to copy ipv4 and ipv6 port fields back and forth.
  • [+] Added the ability to generate reports on a domains web access and error log.
  • [+] Added client side column sorting to all table based reports.
  • [+] Added over 50+ reports to the reports area.
  • [+] Added LFD messenger log grid to the logs area.
  • [+] Added a cancel button to settings forms.
  • [+] Added the name of the file being edited to grid and textarea titles.
  • [+] Added a pattern search to all firewall grids.
  • [+] Added location and flag columns to all firewall grids.
  • [+] Added a Wordpress user enumeration custom trigger.
  • [+] Added Spamhaus DROPv6 and Stop Forum Spam IPv6 blocklists to csf.blocklists
  • [+] Added CSF built in RBL checker to the tools and settings areas.
  • [+] Added trusted hosts option to application settings to protect against host header spoof attacks.
  • [+] Added no frames action to application settings to give users the ability of what to do when the application is loaded without the sidebar.
  • [+] Added option to optionally schedule security and RBL reports if an email and interval is provided.
  • [+] Added option to set the number of days of modsecurity logs you want to keep under Log Maintenance -> Log Settings.
  • [*] Updated most reports to now be actionable. You can click on a report item to search for that value in its logs area.
  • [*] Switched all file management and suexec functions to use Plesks extension APIs.
  • [*] Increased the default value for MESSENGER_RATE to 100/s (from 30/s) and MESSENGER_BURST to 150 (from 5) for all installations to alleviate slow MESSENGER response times.
  • [*] Updated the IP address information connection tracking tab to show service names instead of just port numbers.
  • [*] Updated login failure web application triggers to include ports 7080,7081.
  • [*] Updated DNS and geolocation vendor classes to latest versions.
  • [*] Updated the regex for the Wordpress brute force trigger to include 500 and 503 status codes.
  • [*] Updated javascript libraries to their latest versions.
  • [*] Updated the WYWIWYG editor used for editing messenger templates to the latest TinyMCE and added source code stying and the ability to upload and embed images.
  • [*] Updated all CSF alert settings to be on a single page.
  • [*] Updated default order of the status column the modsecurity grid.
  • [*] Updated the referrer and user agent for the web access log to be on its own subgrid.
  • [*] Updated the full message for the iptables log to be on its own subgrid.
  • [*] Updated the defaults for the config item WAITLOCK to enabled.
  • [*] Updated the whitelist entry for plesk license checks from ka.odin.com to ka.plesk.com
  • [*] Updated the modsecurity view transations rules tab to include msg descriptions along with the rule id.
  • [*] Updated the modsecurity disable rules instructions to not include OWASP ModSecurity Core Rule Set correlation rule ids.
  • [*] Updated the web error log modsecurity unique_id to be clickable to search though the modsecurity log for that transaction.
  • [*] Removed email settings pages as they were not currently being used.
  • [*] Removed the cluster actions dashboard widget. Cluster actions functionality is now built into the main dashboard actions widget.
  • [*] Removed dead blocklist entries from our master list.
  • [*] Security improvements.
  • [-] Fixed bug where scheduled tasks were not running properly.
  • [-] Fixed bug where null coordinates for an IP address would crash the map renderer.
  • [-] Fixed 'pm_Context' not found error when Plesks own internal error logging was enabled.
  • [-] Fixed IP address context menu popup styling in Google Chrome.
  • [-] Fixed wrong path for messenger "Virtualhost SSL definitions" default on Debian.
  • [-] Fixed bug where grid column chooser was not working properly.
  • [-] Fixed cluster master detection logic.
  • [-] Fixed PHP compatibility, coding errors, and performance improvements using static PHP code inspection tools.

1.44-1 (25 June 2017)

  • [+] Added new option "DROP_OUT" under Settings-> Firewall -> Logging Settings. This option sets the default target for blocked outgoing ports.
  • [-] Removed OpenBL blocklists as they are no longer active.
  • [-] Fixed issue with the country dropdown scrolling to top when selecting a country. This will make it easier when adding multiple countries.

1.43-1 (23 May 2017)

  • [-] Fixed default access and error log locations on Debian / Ubuntu

1.42-1 (14 May 2017)

  • [+] Added a web access log grid for viewing your server and vhost access logs.
  • [+] Added a web error log grid for viewing your server and vhost error logs.
  • [+] Added reCAPTCHA template to the lfd log search templates.
  • [+] Added location data to log exports.
  • [*] Updated mod_security rules tab to include instructions on how to disable rules for the entire domain or by a specific URL only.
  • [*] Updated iso country list to include the latest recognized countries.
  • [*] Updated the country settings to only display a warning when adding countries when ipset not enabled.
  • [*] Updated the file offset and limit to be reversed so they are more understandable.
  • [-] Fixed a permission error on modsecurity_audit_clean.sh script so it can clean the mod_security audit directory after 30 days.
  • [-] Fixed IP lookup menu bug not allowing search by connection or Apache tracking
  • [-] Fixed file offset giving an error if the line count wasn't fully loaded.

1.41-1 (22 April 2017)

  • [+] Added a WHMCS custom login failure trigger.
  • [+] Added a Joomla custom login failure trigger. The Joomla fail2ban extension must be installed on their domain for it to work properly: https://extensions.joomla.org/extension/fail2ban/
  • [*] Updated default mail log location to /var/log/maillog on Debian / Ubuntu installations
  • [-] No longer try to guess ETH_DEVICE for openvz kernels.
  • [-] Fixed Google Chrome blocking saving the re-captcha template because it includes embedded Javascript.

1.40-1 (12 March 2017)

  • [+] Added superuser ignore to the ignore area so you can skip the LF_EXPLOIT SUPERUSER check for some users.
  • [+] Added missing SMTP_REDIRECT option under SMTP settings from CSF 8.17
  • [*] Updated CLUSTER_SENDTO and CLUSTER_RECVFROM options to use one entry per line instead of commas to make it easier to read.
  • [*] Removed email address from messenger templates now that CSF has Google recaptcha support so users can unblock themselves.
  • [-] Fixed javascript error on pages where no form validation rules were defined.

1.39-1 (02 March 2017)

  • [+] Added CSF HTTPS messenger options so you can now redirect and display a message for blocked SSL traffic.
  • [+] Added CSF Google ReCAPTCHA messenger support so a user can now unblock themselves by filling out a captcha.
  • [*] Updated JQuery and JQuery UI libraries.
  • [-] Fixed issue with ignore IP addresses not being recognized properly by LFD when the IP address is entered without a comment.

1.38-1 (23 January 2017)

  • [+] Added the Firewall Profiles section for applying pre-defined security profiles or creating and restoring configuration backups.
  • [+] Added no delete option to the dashboard actions widget.
  • [+] Added cluster temp deny / temp allow to the cluster actions dashboard widget.
  • [+] Added cluster search functionaility in the iptables search.
  • [+] Added PT_USERRSS (RSS memory usage set) tracking to process tracking settings.
  • [+] Added predefined search templates for all grids to improve productivity when searching for data.
  • [*] Updated ignoring an IP address to restart the login failure daemon automatically.
  • [*] Updated the allow DynDNS grid restart button to restart both the firewall and login failure daemon.
  • [*] Updated PT_USERMEM default to be 512 MB.
  • [*] Updated grid error notices to include the error status code message in addition to the status number.
  • [-] Fixed the grid column chooser to automatically refresh the page when making changes.
  • [-] Fixed issue with help documentation not redirecting to the proper page now that we are using https://
  • [-] Fixed issue when updating the firewall not showing you the installation results.

1.37-1 (16 December 2016)

  • [+] Switched all RSS feeds to go over SSL for extra security.
  • [+] Added port 23 to DROP_NOLOG default.
  • [-] Fixed the mysqld login failure trigger. Removing then re-adding the trigger will apply the* [-] trigger.

1.36-1 (11 October 2016)

  • [+] Added auto refresh functionality to all grids.
  • [+] Added auto suggest to the modsecurity and login log area.
  • [+] Added single row deny buttons to the tracking grids.
  • [*] Updated the custom 4 log location to include "proxy_access" files for users running nginx only
  • [*] Updated system logs area to now use the same grid format as the other logs.
  • [*] Updated the comment textarea size for firewall grid comments.
  • [*] Updated the statistics report images to be responsive.
  • [*] Updated auto refresh functionality for tracking pages to a grid button instead of a separate form.
  • [*] Updated the Panel log to have the company pre-selected when searching.
  • [*] Updated the IP address lookup tool to use ajax for each tab.
  • [-] Fixed DNS query lookup tool displaying authority info in the response.
  • [-] Fixed process kill button running running terminate instead of kill.
  • [-] Fixed log offset support not working.
  • [-] Fixed z-index issue for grid autosuggests.

1.35-1 (25 September 2016)

  • [+] Added POP3/IMAP Log and SMTP Auth Log to the logs area so you can track the IP locations of authenticated users sending and receiving email from the server.
  • [+] Added CSF beta config options WAITLOCK and WAITLOCK_TIMEOUT to the general firewall settings page.
  • [+] Added auto suggest for the company and customer names to make it easier when searching the Panel log grid.
  • [-] Fixed German translations (special thanks to Dennis Klemmer).
  • [-] Fixed DB exception in the panel logs page when searching by cstomer or when exporting data.
  • [-] Fixed security check not displaying correctly after changes in CSF 9.22

1.34-1 (09 September 2016)

  • [-] Fixed issue on Debian / Ubuntu where the custom log locations were not being set properly.

1.33-1 (31 August 2016)

  • [+] Added the "login log" so you can now monitor who has successfully logged into the server using the console, SSH, or FTP.
  • [+] Added the "panel log" so you can now monitor all Plesk panel actions.
  • [+] Added process tracking to the tracking page. You can now monitor all process information similar to "top" right though the plesk interface.
  • [+] Added lookup dialogs for looking up process and user information.
  • [+] Added process hangup, terminate, and kill actions.
  • [+] Added listing ipv4 and ipv6 rules tabs to the iptables search page.
  • [+] Added different map provider functionality so you can choose from 25 different map types. You can choose your map provider on the geolocation settings page.
  • [+] Added cluster mapping functionality when displaying many points on a single map.
  • [*] Updated connection tracking, apache tracking and bandwidth tracking to show grid row differently if the IP address is located in the CSF deny file.
  • [] Updated the port tracking page to include the [+] process functions to be able to hang up , terminate or kill a process.
  • [-] Fixed exception when trying to perform the log maintenance action.
  • [-] Fixed the loading indicator not displaying when performing dashboard actions.

1.31-1 (19 August 2016)

  • [+] Added "ext.plesk.com" to the Allow DynDNS default so you can still install extensions even when blocking Russia on the firewall.
  • [+] Made improvements to the network information lookup tool.
  • [-] Fixed various Plesk 17 Onyx issues.
  • [-] Fixed connection lookups not working for ipv6 IP addresses.
  • [-] Fixed network information context menu z-index issue on grids.

1.30-1 (07 August 2016)

  • [+] Added health widget to the dashboard so you can view the number of active iptables rules as well as login failure daemon memory and CPU usage.
  • [+] Added pre-filtering and offset support for parsing large log files.
  • [+] Added PID information lookup tool to the connection tracking grid.
  • [+] Added log maintenance tasks to auto prune DB logs after a specified amount of days.
  • [*] Updated the services widget statuses to be clickable to get detailed information about that service.
  • [*] Updated licensing restrictions so subdomains no longer count towards domain limits.
  • [*] Updated tracking grids to hide private IP addresses.
  • [*] Updated report heights to take up less screen space.
  • [*] Updated the file data set limit to be a select list.
  • [*] Updated the modsecurity audit directory cleanup script to remove folders older than 30 days.
  • [*] Updated the reports yaxis to always start at zero.
  • [-] Fixed bug with country settings select lists not displaying ASN numbers properly.
  • [-] Fixed datetime pickers not using 24 hour format properly.
  • [-] Fixed timezone detection on some systems.
  • [-] Fixed log search case insensitive and extended regex options.
  • [-] Fixed whois bug for two letter TLDs not returning the correct base domain name.

1.29-1 (15 March 2016)

  • [+] The Juggernaut web interface will automatically download and install CSF during the setup wizard if it is not installed already.
  • [-] Fixed extra slashes in some language files.
  • [-] Fixed fatal error when Plesk debug logging is enabled.
  • [-] Fixed fatal error on the network information page when using legacy Plesk versions.
  • [-] Fixed invalid redirection error when running outside of frames when using legacy Plesk versions.
  • [-] Fixed error when mod_security log file is not present.
  • [-] Fixed "db_dir must be a valid directory" error when applying all recommended settings.
  • [-] Fixed map report lookup speed when you have a large number of IP addresses being displayed.
  • [-] Fixed db schema version number not getting properly [] on some systems.

1.28-1 (03 March 2016)

  • [+] Added restart LFD button to network information firewall actions panel.
  • [+] Added apache-referrers custom trigger to block referrer spammers.
  • [+] Added "no delete" option to the network information firewall actions panel.
  • [+] Added messaging when restarting LFD if CSF has unresolved errors.
  • [+] Added delete row button to grid actions columns.
  • [*] Updated IP network information panel to display tabs in order of most use.
  • [-] Removed duplicate rules from the modsecurity rules tab.
  • [-] Fixed bugs and optimized most of the custom triggers. To use the* [+] triggers just delete the old custom rule then re-enable. removed Removed STOPFORUMSPAM block list because it wasn't parsable by CSF (other lists by this maintainer do work).

1.27-1 (28 February 2016)

  • [+] Added www.stopforumspam.com block lists now that CSF 8.15 supports downloading zip file block lists.
  • [+] Added "Home" button to the the breadcrumb tree for those users who want the run apple outside of the Plesk Interface.
  • [+] Added support for the IP binary in the binary locations page.
  • [] Updated apache-useragents custom trigger to include more unwanted search bots and vulnerability scanners. To use the [+] trigger delete the old trigger then re-enable it.
  • [*] Updated report renders to show legends even the chart has many series. The legend will now display with a scroll bar.
  • [*] Updated the custom login failure triggers page to show the real log file location instead of just the configuration option.
  • [-] Fixed Exception when going to email template page.
  • [-] Fixed redirection loop when trying to run the application outside of the Plesk interface.

1.26-1 (19 February 2016)

  • [+] Added apache-scanners login failure trigger
  • [+] Added apache-useragents login failure trigger
  • [*] Optimized wordpress brute force trigger
  • [-] Fixed encoding issue when adding block lists and login failure custom triggers

1.25-1 (17 February 2016)

  • [+] Added interface for managing dynamic block lists. You can now choose from over 100+ blocklists.
  • [+] Added interface for managing custom login failure triggers.
  • [+] Added Geo, ASN, Ping, Traceroute, SPF and HTTPS lookup support to the network information tools.
  • [+] Added ASN support to the country settings page. You can now add ASN numbers to any CC_ fields.
  • [+] Added support for advanced iptables filters in the deny and allow areas.
  • [+] Added support for viewing logs from the Atomic custom mod_security package.
  • [+] Added "do not delete" support in the deny permanently area. Entries marked "no delete" will not be rotated if the csf.deny line limit is reached.
  • [+] Added real time port tracking to the tracking area.
  • [+] Added an iptables search dashboard widget.
  • [+] Added port number support to the temp deny / allow IP actions dashboard widget.
  • [+] Added a login failure daemon log dashboard widget.
  • [+] Added firewall and login failure daemon restart buttons to grids.
  • [+] Added PID column to login failure daemon logs.
  • [+] Added error highlighting to the login failure daemon logs.
  • [+] Added settings management area to manage all application settings. You can import, export, or reset any settings from a single page.
  • [+] Added a cron task to automatically remove modsecurity transactions from the audit log directory that are older than 90 days.
  • [+] Added login failure daemon start and stop support to the services dashboard widget.
  • [+] Added firewall version check and update to the product information dashboard widget.
  • [+] Added* [+] custom login failure daemon triggers for apache-overflows, php-url-fopen, wordpress and atomicturtles custom mod_security package.
  • [+] Added location and flag columns to modsecurity and iptables logs.
  • [*] Updated the modsecurity log to include status text allow with the status code.
  • [*] Updated iptables log message to only show the full message when hovering over the column.
  • [*] Updated the settings area to be more congruent with the CSF firewall config file.
  • [*] Updated country flag icons to now use CSS sprites and a single image.
  • [*] Updated the connection tracking grid connections option to be clickable to bring up the connection information dialog.
  • [*] Updated the dashboard interface to improve usability.
  • [*] Updated the UI to redirect to the admin homepage if the Plesk session has timed out and the Juggernaut interface is not being loaded within frames.
  • [*] Updated default theme to match the style of Plesk 12.5
  • [*] Updated file grid searches to be case insensitive be default.
  • [*] Updated Reverse DNS allow defaults to allow operations like whois lookup, Plesk license checks, and CSF downloads to work even if the country is being blocked by the firewall.
  • [*] Updated all dashboard widget screen shots.
  • [*] Updated the ports listening dialog to display using a table.
  • [*] Updated DYNDNS default to update every 6 hours.
  • [*] Updated grid action icons to include text.
  • [*] Updated grid to use form editing instead of cell editing.
  • [*] Updated the UI popup dialogs to automatically resize to the browser window height.
  • [*] Updated PT_APACHESTATUS config default to use localhost vs 127.0.0.1 because some modsecurity rules block requests to the server-status page using the IP address.
  • [*] Updated apache tracking virtual host to not show the port information when running in reverse proxy mode.
  • [*] Updated the allow permanently area to include the administrators IP address by default.
  • [*] Updated comment fields to be textareas instead of text fields.
  • [-] Fixed iframe scrollbar issue on Plesk 12.5.
  • [-] Fixed grid showing error notice when refreshing or clicking away from the grid.
  • [-] Fixed comma separated input validation used for validating port numbers.
  • [-] Fixed ports listening dashboard widget not showing all results.
  • [-] Fixed settings export exception when exporting settings that contain characters not valid for XML.
  • [-] Fixed log file extended regex search not working in some situations.
  • [-] Fixed disk I/O not displaying on Centos / RHEL 7.
  • [-] Fixed cluster actions dashboard widget not allowing CIDRs.
  • [-] Fixed ports listening dashboard widget not showing all results.
  • [-] Fixed URL validation to allow localhost and IPv6 addresses.
  • [-] Fixed exception when browsing using a URL different than the server hostname.

1.24-1 (09 October 2015)

  • [+] Added realtime bandwidth and disk IO tracking.
  • [+] Added page refresh options to all tracking pages.
  • [+] Added connection total to grid footer of connection tracking page.
  • [+] Added realtime bandwidth and disk IO tracking.
  • [+] Added page refresh options to all tracking pages.
  • [+] Added connection total to grid footer of connection tracking page.
  • [+] Added CIDR support in cluster dashboard widget.
  • [+] Added dbus and time systemd regexes to log ignore defaults.
  • [+] Added "ports listening" dashboard widget.
  • [*] Updated tracking areas to automatically hide connections from the administrative IP address.
  • [*] Updated Apache and Network tracking to refresh every 10 seconds.
  • [*] Updated Kohana framework to the latest version.
  • [*] Updated HTML purifier to the latest version.
  • [*] Removed ignore settings from the settings area.
  • [-] Fixed jqgrid error bar display when switching pages.
  • [-] Fixed tracking page searches to automatically reset refresh interval when starting a* [+] search.
  • [-] Fixed Plesk 12.5 iframe resize issue.

1.23-1 (16 July 2015)

  • [+] Added* [+] CSF option CC6_LOOKUPS. This adds IPv6 support for Country Code and Country lookups.
  • [+] Added* [+] CSF option LF_NETBLOCK_IPV6. This adds IPv6 support for LF_NETBLOCK.
  • [+] Added* [+] CSF options LF_IPSET_HASHSIZE and LF_IPSET_MAXELEM to allow for larger ipset sets.
  • [+] Added* [+] CSF option X_ARF_ABUSE. This option allows for automatic sending of X_ARF reports to the IP addresses abuse contact. (Use with caution)
  • [+] Added* [+] CSF option PT_SSHDHUNG. Terminate hung SSHD sessions.
  • [+] Added* [+] CSF option HOST. LF_LOOKUPS now uses the host binary if available for more reliable IPv4 and IPv6 reverse lookups.
  • [+] Added default process tracking exclusions for Postfix.
  • [-] Fixed auto detection of ipset on Debian/Ubuntu.
  • [-] Fixed mod_security transactions not loading on RHEL 7 / Centos 7.
  • [-] Fixed help search highlight not showing after* [+] responsive theme.

1.22-1 (04 June 2015)

  • [+] Added* [+] Plesk 12.1 default responsive skin
  • [+] Opened port 24441 UDP for Spamassassin Razor2
  • [+] Allow reserved IP ranges to IP address validation
  • [*] Changed network lookup information dialogs now wrap content
  • [-] Fixed exception when exporting settings that had invalid characters.
  • [-] Fixed exception when running the security check when CSF had been disabled.
  • [-] Fixed cron task module not running properly.
  • [-] Fixed viewing ports and form help dialogs during the setup wizard.

1.21-1 (19 April 2015)

  • [+] Added CSF options LF_SPI, TAIL, GREP, IPSET, SYSTEMCTL
  • [+] Added the ability for the interface to be loaded within frames to support Plesk web admin and web app editions.
  • [+] Added fixes for the upcoming Plesk 12.1.
  • [+] Added better dialog ajax loading indicators and error handling.
  • [+] Added login failure daemon PHP suhosin alert detection.
  • [+] Added machine translations for French, Spanish, Italian, Dutch, Polish, Portuguese, Russian, Chinese Simplified, Chinese Traditional, Japanese.
  • [+] Added a warning to enable ipset support if using excessive country blocks or allows.
  • [*] Changed Grid ID columns to not displayed by default.
  • [*] Changed the security check to use Plesk table styling.
  • [*] Changed LF_IPSET to be enabled by default if ipset is detected.
  • [*] Changed DENY_IP_LIMIT and DENY_IP_LIMIT to be higher if ipset is detected.
  • [*] Changed reports to auto hide the report legend if it has over 15 labels.
  • [*] Changed messenger templates to include a contact email by default.
  • [*] Changed ignore options to be displayed with their respective settings area.
  • [*] Changed network and Apache tracking grids to refresh every 15 seconds by default.
  • [*] Changed help form label popup dialogs to be more sticky so you can view them easier.
  • [*] Changed statistics page to not display the MySQL password. The MySQL password is now validated and saved only if it is filled in.
  • [-] Fixed Plesk sendmail wrapper SIGCHLD problem using workaround from CSF team.
  • [-] Fixed search grid order by bug.
  • [-] Fixed locale bug that caused reports with specific locales to not render.
  • [-] Fixed wrong systemctl location for Debian / Ubuntu OS betas.

1.20-1 (01 March 2015)

  • [+] Added real-time network connection and Apache connection tracking.
  • [+] Added connections tab to the IP address lookup tools so you can see exactly what ports an IP address is connected to.
  • [+] Added LF_DISTFTP_ALERT option so you can disable distributed FTP attack alerts.
  • [+] Added "Region" display to IP address lookup tools.
  • [*] Grouped settings area and documentation into functionality so it is easier to understand. All settings options are now one level deep.
  • [*] Updated system logs area to display on page load.

1.19-1 (19 February 2015)

  • [+] Added the ability to use a hostname as the nameserver when using the network information tool.
  • [*] Improved the network information lookup tool to allow you to query by input, domains and IP addresses all at the same time.
  • [*] Improved content editing textareas to now auto grow with content.
  • [*] Reduced padding for dashboard widgets, tabs and forms so they take up less screen space.
  • [*] Updated application DB connection hostnames from 127.0.0.1 to localhost so PHP will use the MySQL socket.
  • [*] Updated the ipv6 port setting page to match the same order of the ipv4 page.
  • [*] Updated the modsecurity log area to display a warning instead of an exception if modsecurity is not configured.
  • [-] Fixed bug where firewall action widget color styling was not getting displayed.
  • [-] Fixed grid javascript error when checking for application updates.
  • [-] Fixed bug where firewall action widget color styling was not getting displayed.
  • [-] Fixed grid top paging number getting cut off in some browsers.
  • [-] Fixed bug where iptables running status could not be determined on Debian 6.

1.18-1 (02 February 2015)

  • [+] Added "Follow Us" Twitter link in announcements dashboard widget.
  • [+] Added CC_LOOKUPS option 3 to also include IP ASNs via the MaxMind GeoIPASNum database.
  • [*] Dashboard layout and widget state is now stored for each admin user in the database instead of a browser cookie.
  • [*] Dashboard widget widths improved for smaller screen sizes.
  • [*] Deny, allow, and ignore grid search defaults to "begins with" instead of "equal" so you can search for an IP faster.
  • [*] URLGET default now set to "2" to use LWP::Useragent for downloads (Supports SSL).
  • [*] RESTRICT_SYSLOG default set to 2, PORTKNOCKING_ALERT default set to 0.
  • [*] Report start time default was changed from 1 month to 7 days ago.
  • [-] Fixed license key properties display issue when issued to multiple hosts.
  • [-] Fixed report "Firewall Deny - Reason" not being displayed.
  • [-] Fixed login failure daemon restart and status issue on systems running systemd and CSF 7.60.

1.16-1 (30 December 2014)

  • [*] PS_INTERVAL default now set to 0.
  • [*] PORTS_bind default now set to 53;udp,53;tcp
  • [*] All install/updates are now using SSL in addition to being GPG signed.
  • [-] Fixed incorrect default location of HTACCESS_LOG for servers running Plesk 11.09.
  • [-] Fixed file not found error for the statistics widget when the login failure daemon had never been started before.

1.15-1 (13 January 2014)

  • [+] Ipset 6+ is now supported. Ipset is an extension to iptables that allows you to create firewall rules that match entire "sets" of addresses at once. IP sets are stored in indexed data structures, making lookups very efficient, even when dealing with large sets.
  • [+] Added ability to view ports on the server that have a running process behind them listening for external connections (In the Tools and Port Settings areas). This allows you to easily determine what ports you need open on your firewall.
  • [+] Added support for CSF's built in graphing for system statistics.* [+] statistics are available under Reports -> Statistics.
  • [] Updated the default firewall blocklist settings to include the fail2ban blocklist from Blocklist.de. This is large blocklist to it is recommended that you use this list with the [+] ipset support enabled.
  • [*] Default configuration setting changes: IPV6 enabled by default, LF_SSH_EMAIL_ALERT enabled by default, LF_CONSOLE_EMAIL_ALERT disabled by default, USE_CONNTRACK disabled by default, unused custom logs set to /var/log/customlog
  • [*] Website and documentation is now going over SSL (SHA256) certificates.
  • [-] Fixed debug level using a checkbox instead of a select list.
  • [-] Fixed documentation for mod security audit log setup setup when selinux is enabled.

1.14-1 (29 August 2014)

  • [+] Added support for RHEL/Centos 7.
  • [-] Fixed fatal error when exporting some table render type reports.
  • [-] Removed regex fixes for smtp auth for Plesk 12 now that they are included in CSF 7.09

1.13-1 (08 August 2014)

  • [+] Added grid search highlighting.
  • [*] Changed default modsecurity log file location to /var/log/modsec_audit.log now that Plesk12 has added proper log rotation for it.
  • [-] Fixed grid live editing error when editing large files.
  • [-] Fixed smtp_auth regex for Qmail and Postfix with Plesk 12. To apply these fixes go to Settings -> Login Failure and Alerts -> Login Failure Blocking Custom Regex -> Press the default button then restart the login failure daemon. Fixes have been submitted to CSF.

1.12-1 (31 July 2014)

  • [+] Added inline editing of grid comments for permanently deny, allow and ignore. Click on comment to live edit, enter to submit, esc to cancel.
  • [-] Fixed report widgets not rendering in dashboard.
  • [-] Fixed modsecurity search status reporting as not set.

1.11-1 (28 July 2014)

  • [+] Added the ability to export reports and logs to CSV file.
  • [+] Added IP address lookup tools to LFD grid message field.
  • [+] Added JavaScript validation to all dialog forms.
  • [*] Updated log area so logs are listed by most used.
  • [*] Updated all JavaScript plugins to their latest versions.
  • [*] Updated all JavaScript plugins to use their minified versions.
  • [*] Updated show/hide password field functionality.
  • [*] Updated cluster widget change config option to be filterable.
  • [] Updated grid data source select list to be [-] width.
  • [*] Updated the default modsecurity log grid search to default to 403 forbidden status code.
  • [*] Updated the modsecurity status code select list to have the most common status codes listed near the top
  • [*] Updated the height for multi-select boxes to be bigger by default.
  • [-] Fixed web updater to properly login to client area to download updates.
  • [-] Fixed slow loading of domain drop downs on Plesk 12.
  • [-] Fixed cluster service options to hide if the firewall is disabled.
  • [-] Fixed extra horizontal scroll bar for system logs content areas.
  • [-] Fixed dialog errors going to the wrong location.
  • [-] Fixed grid size not using full window width.
  • [-] Fixed time picker locale being included before the plugin.

1.10-1 (11 July 2014)

  • [+] Added LF_DIST_ACTION config option
  • [+] Added DNSBL check IP addresses and DNSBL check options to Network Information settings.
  • [+] Added DNSBL email alert template.
  • [*] Changed Network Information query type to default to domain first.
  • [*] Changed default ports to include TCP_IN 30000:35000 for proftpd and UDP_OUT 33434:33523 for traceroute
  • [*] Changed announcements widget to not allow links in description
  • [-] Fixed Network Information DNSBL button with wrong id
  • [-] Fixed Plesk 12 settings area legend style
  • [-] Fixed Plesk 12 autoloader errors (application will be much faster now)
  • [-] Fixed Plesk 12 class conflict which caused fatal error.
  • [-] Fixed error when trying to hide report legend.

1.09-1 (20 June 2014)

  • [+] Added dropdown selection lists for name servers if they are added in network information settings
  • [+] Added Itialian machine translations
  • [-] Fixed OS detection of older Debian distros
  • [-] Updated Switmailer to version 5.2.1
  • [-] Fixed LFD status detection for different locales
  • [-] Fixed whois fatal crash on Plesk 12

1.08-1 (28 May 2014)

  • [+] Added network information bulk lookup tools (DNS, Whois, Map, DNSBL, SURBL)
  • [+] Added network information settings area to control DNS and DNSBL settings
  • [+] Added "Delete and move to ignore" grid actions
  • [+] Added "Unblock and ignore" action to IP tools
  • [+] Added grid refresh on IP tools actions
  • [-] Fixed IP tools actions failing on dashboard recent widgets
  • [-] Fixed grid state cookie is now only saved on column reorder
  • [-] Fixed German translations (Thanks to Stefan Kellenberger)
  • [-] Fixed XML export of array types

1.07-1 (10 May 2014)

  • [+] Default locale switching option included in Application Settings.
  • [+] German machine translation now included.
  • [+] Security check now includes scoring.
  • [+] CSF added DROP_UID_LOGGING option in logging settings.
  • [+] CSF Updated default DSHIELD blocklist URL from feeds.dshield.org/block.txt to www.dshield.org/block.txt
  • [*] Detect Virtuozzo/Openvz container and apply different firewall setting defaults.
  • [*] PT_LIMIT is now 0 by default.
  • [*] LF_SSH_EMAIL_ALERT is now 0 by default.
  • [*] Auto hide report legend if data set contains too many sets.
  • [-] Fixed calendar, time, and multi-select localization.
  • [-] Fixed Tinymce WYSIWYG fatal error when using other locales.
  • [-] Fixed Juggernaut custom button to open with no frames.

1.06-1 (15 April 2014)

  • [+] Added modsecurity alerts tab on the view transaction dialog so that you can easily view all alerts and their matching rule_ids.
  • [+] Added modsecurity reports Modsecuritytophostname.php, Modsecuritytopsourceip.php.
  • [] Deprecated modsecurity reports Modsecurityrule.php, Modsecurityseverity.php, Modsecuritytoprule.php, Modsecuritytopdomain.php because of the [+] modsecurity concurrent audit log format. The old reports can be removed from the "/usr/local/psa/admin/htdocs/juggernaut/application/classes/Model/Report/Plugin" directory.
  • [*] Updated modsecurity audit log viewer for compatibility with default modsecurity shipping with Plesk 12.
  • [*] LF_SSH_EMAIL_ALERT is now 0 by default.
  • [*] Removed default custom regular expressions for courier-imap, Qmail SMTP AUTH and Postfix SMTP_AUTH for Plesk servers as they are now included with CSF (Thanks Chirpy!).
  • [*] Removed RBN from defaults for csf.blocklist as it is now obsolete.
  • [-] Fixed webupdater backing up plugins and reports to the wrong directory.

1.04-1 (09 April 2014)

  • [+] Plesk 11.0 and Plesk 12 compatability fixes.

1.02-1 (28 March 2014)

  • [+] Added network information lookup tool for doing GeoIP and whois lookups manually.
  • [+] Added more reports for firewall deny, modsecurity and iptables.
  • [+] Added login failure daemon custom regex writing using codemirror.
  • [+] Added autosuggestion search bar for finding config items. Now lookups will take you to the correct page and highlight the selected item.
  • [+] Added grid for IP blocking ignore.
  • [*] Improved CIDR select lists to include number of hosts.
  • [*] Organized login failure blocking features under their own button.
  • [*] Added OS dependent exceptions for process tracking ignore
  • [-] Fixed web updater plugin backups coping to wrong subdirectory.

1.01-1 (20 March 2014)

  • [+] Added release channel select list.
  • [-] Fixed help label tool tip not displaying default value.

1.00-1 (14 March 2014)

  • [+] Initial release.