Version 3.3.22

Latest

16th January 2025

Added

  • WordPress Bulk Backups: Simplify WordPress site management with a powerful new backup tool.
    • cpfence --bulk-backup-wp-sites: Create backups of all WordPress sites on your server, including both files and databases. Backups are stored in /cpf_wp_backups/ for easy access.
  • LiteSpeed Heartbeat Management: Fine-tune server performance with advanced LiteSpeed Cache plugin options.
    • cpfence --bulk-enable-ls-heartbeat: Bulk enable and configure LiteSpeed Cache heartbeat settings, disabling heartbeat on the frontend and setting it to minimal on the backend.
    • No need for Redis or Heartbeat plugins; you can now combine all functionalities into a single plugin and perform bulk actions for all websites.

Version 3.3.21

14th January 2025

Added

  • Introducing cPFence MultiRun tool for bulk server management.

Designed for experienced system administrators, the MultiRun Tool enables you to bulk run commands across all servers in your Enhance cluster with unparalleled ease. Say goodbye to tedious individual server management and hello to true cluster-wide efficiency. Whether you’re deploying plugins, clearing cache, running cron jobs, or updating security features, MultiRun puts the power in your hands.

Key Highlights:

  • Effortless Cluster Management: Automatically fetch server IPs and set up a synchronized Tmux session to run commands across all servers in one go.
  • Collaborative Real-Time Monitoring: Share sessions with your team for collaborative bulk operations and monitor commands as they execute cluster-wide.
  • Flexible and Versatile: Supports any Linux commands, from WordPress management to system-level tasks.

Getting Started:

  • Ensure passwordless SSH login is enabled across all servers for seamless functionality.
  • Run the command cpfence --multirun to launch the tool.
  • Attach to the Tmux session with tmux attach to begin executing commands cluster-wide.

Note: This tool is extremely powerful and designed for experienced administrators. Misuse can result in unintended consequences across all servers. Proceed with Extreme caution.

Read the full guide on how to use the MultiRun Tool and set it up here:
Simplify Cluster Management with cPFence Bulk Tools + MultiRun.

Version 3.3.20

12th January 2025

Added

  • Bulk WordPress User Creation: Simplify user management across all your WordPress sites.
    • cpfence --bulk-create-wp-user: Create a WordPress user server-wide. You will be prompted for the username, email, password, and role.

    This feature is particularly useful for adding a “support” user to all managed WordPress sites. You can choose a fixed password for all accounts or generate random passwords for each site. A detailed list of created users and their passwords will be provided for your reference.

Improved

  • Enhanced the cPFence MU Plugin to eliminate performance warnings in the WordPress Site Health page, ensuring a cleaner and optimized experience.

Version 3.3.19

11th January 2025

Added

  • IP Reputation Monitoring: cPFence now scans your server’s IP reputation daily against global blacklists to detect signs of malicious or spam activity. If anything suspicious is found, the admin will be notified immediately. This helps you stay ahead and be the first to know when issues arise, preventing hackers from abusing your server for attacks or spam campaigns and ensuring your server remains secure and your services uninterrupted.
    • cpfence --ip-reputation-on: Enable regular monitoring of your server’s IP reputation for malicious and spam activity (recommended).
    • cpfence --ip-reputation-off: Disable regular monitoring of your server’s IP reputation for malicious and spam activity.

Version 3.3.18

10th January 2025

Added

  • LiteSpeed Features:
    • Want more flexibility? We heard you. With these new tools, you’re in full control of your LiteSpeed Cache configurations.
    • cpfence --bulk-enable-ls-redis: Enable Redis caching within the LiteSpeed plugin server-wide.
    • cpfence --bulk-reset-ls-plugin: Reset all options in the LiteSpeed Cache plugin to factory defaults server-wide.
  • WordPress Bulk Management:
    • Got stuck cron jobs? Easily handle overdue WordPress tasks server-wide.
    • cpfence --bulk-run-due-wp-cron: Run all WordPress cron events due right now server-wide.
    • New server migration with hundreds of sites? Ensure they’re clean and reset to a secure state with ease.
    • cpfence --bulk-force-wp-core-files: Force restore WordPress core files to default server-wide (for experienced system administrators only).

Version 3.3.17

8th January 2025

Added

  • LiteSpeed Features:
    • Who said you need paid LiteSpeed Enterprise to enjoy bulk features? With cPFence, you can now achieve the same functionality on OpenLiteSpeed (OLS) with just one click!
    • cpfence --bulk-install-ls-plugin: Install the LiteSpeed cache plugin on all WordPress sites server-wide.
    • cpfence --bulk-configure-ls-plugin: Configure the LiteSpeed cache plugin with “Advanced” presets and Redis enabled server-wide.
    • cpfence --bulk-clear-litespeed-cache: Clear the LiteSpeed cache on all WordPress sites server-wide.
  • WordPress Bulk Management:
    • Gone are the days of relying on tools like MainWP or InfiniteWP to bulk manage your WordPress sites. With cPFence, you can now handle it all seamlessly with server-wide commands.
    • cpfence --bulk-install-wp-plugin: Search and install any WordPress plugin using a name, ZIP file path, or URL to ZIP server-wide.
    • cpfence --bulk-uninstall-wp-plugin: Deactivate and uninstall any WordPress plugin server-wide using the plugin slug.

Improved

  • Enhanced cPFence MU Plugin compatibility with multi-factor authentication (MFA) plugins.

Version 3.3.16

6th January 2025

Added

  • Introducing Owl AutoMySQL – a revolutionary feature for effortless MySQL resource management.
    Owl AutoMySQL automates the monitoring and management of abusive MySQL users, solving a major pain point for shared hosting servers with high user volumes. It ensures optimal server performance by preventing resource abuse, all without manual intervention.

    • One-Click Activation: Activate with a single command: cpfence --owl-automysql-on. Owl AutoMySQL will begin 24/7 smart monitoring and management instantly.
    • Customizable Exclusions: Exclude specific websites or priority clients by adding them to your configuration file: /opt/cpfence/config.conf.

    This game-changing feature streamlines MySQL resource management while preserving user experience and server stability.
    Learn more here.

Version 3.3.15

4th January 2025

Improved

  • Minor improvements and fixes for the WP AutoShield module.
  • Updated the country IP database to the latest version for improved accuracy in geo-based features.

Version 3.3.14

3rd January 2025

Added

  • Added the ability to bulk remove the cPFence MU plugin from all WordPress sites server-wide. Use the command:
    cpfence --bulk-remove-mu-plugin.

Improved

  • Enhanced the WP AutoShield idle logout feature: jQuery is now enqueued only when the idle logout functionality is enabled, optimizing resource usage.
  • Improved the WP AutoShield limit login feature: IP addresses are now hashed before being stored in the database, ensuring full anonymization and GDPR compliance.
  • WP AutoShield will now automatically clear all expired transients storing hashed IPs daily, further ensuring GDPR compliance.

To further ensure transparency and compliance with GDPR, we recommend including the guidance provided in the following link in the privacy policies of your hosting company website or any client’s website concerned about GDPR compliance:

https://my.cpfence.app/knowledgebase/63/Is-cPFence-GDPR-Compliant.html

Version 3.3.13

2nd January 2025

Added

  • The ability to exclude specific sites from the daily WP AutoShield security measures.
    To configure exclusions, edit the file:
    nano /var/log/cpfenceav/wp-exclude-list.txt

    • Add /var/www/site_id/ to exclude all WordPress installations under a specific account.
    • Add /var/www/site_id/public_html/blog to exclude a single WordPress installation.

Improved

  • Enhanced the “Set Secure Keys” function to only update keys when they are missing, skipping sites where keys are already set.

Version 3.3.12

1st January 2025

Added

  • Introducing the all-new WP AutoShield® Module for complete WordPress automation. Simply run cpfence --wp-autoshield-on to get started. This update makes securing WordPress sites effortless by automating tasks like vulnerability scans, Server-Wide CAPTCHA Integration, cron disabling, Daily Security Hardening, Admin Username auto change, and brute force protection and much more.
    Just activate WP AutoShield, and it will manage everything for you, keeping all your WordPress sites secure. Read more here.
  • Want to see it in action? Trigger WP AutoShield manually:
    /opt/cpfence/app/wpautoshield/cpfautoshield
  • Added the ability to enable Math CAPTCHA for login, registration, and lost password forms on all WordPress sites with a single command:
    cpfence --bulk-enable-wp-captcha.
  • New command to sync IPs for per-website billing clients, making it easier to add new servers to your license:
    cpfence --sync-ips.
  • Added the ability to back up and restore cPFence settings for seamless migration across servers:
    • cpfence --backup-cpf-settings: Back up your cPFence settings.
    • cpfence --restore-cpf-settings: Restore your cPFence settings.
  • Two new helper commands to fix permissions and avoid backup issues by identifying and correcting files or folders owned by root:
    • cpfence --fix-permissions-dry: Perform a dry run to preview changes.
    • cpfence --fix-permissions: Apply fixes server-wide.

Fixed

  • Resolved an issue where the idle user logout feature for WordPress was not working on the frontend.

Improved

  • Significant enhancement to bot detection mechanisms to completely block malicious bots and reduce server load.
  • cPFence now preserves file ownership on quarantined files during updates, simplifying the restore process.
  • Increased the idle logout limit to 60 minutes for improved user convenience.

Version 3.3.11

27th December 2024

Added

  • More powerful WordPress security tools to make your website even more bulletproof and give you peace of mind:
    • cpfence --bulk-enable-wp-idle-logout: Automatically log out idle users after 30 minutes across all WordPress sites.
    • cpfence --bulk-disable-wp-idle-logout: Disable idle logout protection for all WordPress sites.
    • cpfence --bulk-rename-wp-admin: Replace the default ‘admin’ username with a unique, secure name on all WordPress sites.
      You can find a report of changed usernames in ‘/var/log/wordpress-rename-admin-success.log’.
    • cpfence --bulk-disable-xss-in-wp-posts: Block XSS and risky code like iframes, embeds, or scripts in WordPress posts across all sites.
      Avoid enabling this for developer clients or those requiring full access to editor features like WPBakery or Elementor. While it won’t cause any issues in frontend, it will disable some risky plugin features in the admin panel silently.
    • cpfence --bulk-enable-xss-in-wp-posts: Restore XSS and risky code functionality in WordPress posts across all sites.
  • Enhanced malware scanning exclusions:
    • cpfence --exclude-hash FILE_PATH: Exclude a specific file hash from malware scans.
    • cpfence --del-exclude-hash HASH: Remove a file hash from the exclusion list.
    • cpfence --exclude-sig SIGNATURE_NAME: Exclude specific malware signatures from scans.
    • cpfence --del-exclude-sig SIGNATURE_NAME: Remove a signature from the exclusion list.

Fixed

  • Addressed an issue where the virus scanner could initiate multiple scan jobs simultaneously.

Improved

  • Optimized the email protection module to reduce false positives based on client feedback.

Version 3.3.10

23rd December 2024

Improved

  • Enhanced the scanner and added numerous new generic signatures to improve detection rates for zero-day malware threats.

Version 3.3.9

22nd December 2024

Fixed

Improved

  • Updated the country IP database to the latest version, improving accuracy and detection capabilities.

Version 3.3.8

20th December 2024

Added

Elevate your WordPress server security with a suite of powerful bulk security tools.

  • cpfence --bulk-disable-wp-xmlrpc: Fully disable XML-RPC across all sites, blocking attacks with a 403 response.
  • cpfence --bulk-enable-wp-xmlrpc: Re-enable XML-RPC server-wide for supported use cases.
  • cpfence --bulk-enable-wp-limit-login: Protect wp-login by limiting login attempts to 5 in 5 minutes, deterring brute force attacks.
  • cpfence --bulk-disable-wp-limit-login: Disable wp-login protection when no longer needed.
  • cpfence --bulk-set-wp-secure-keys: Automatically generate and set secure WordPress keys.
  • cpfence --bulk-set-wp-permissions: Fix file and directory permissions server-wide, ensuring compliance with security best practices.
  • cpfence --bulk-enable-wp-hardening: Apply core WordPress hardening measures like securing uploads, wp-includes, and wp-config.php.
  • cpfence --bulk-disable-wp-hardening: Revert WordPress hardening measures as needed.
  • cpfence --bulk-disable-wp-file-edit: Disable file editing in WordPress admin panel to prevent unauthorized code changes.
  • cpfence --bulk-enable-wp-file-edit: Re-enable file editing in WordPress admin panel when required.
  • cpfence --bulk-disable-wp-pingback: Disable pingbacks across all sites to prevent DDoS attacks using your server.
  • cpfence --bulk-enable-wp-pingback: Re-enable pingbacks for WordPress sites where the feature is needed.
  • cpfence --bulk-disable-wp-cron: Disable WordPress Cron jobs for better performance on high-traffic servers.
  • cpfence --bulk-enable-wp-cron: Re-enable WordPress Cron jobs as needed for server tasks.

For more information, explore the knowledge base or read more here.

Fixed

  • Fixed an issue where some obfuscated malware scripts could bypass cPFence detection.

Version 3.3.7

13th December 2024

Added

Introducing WordPress Auto-Updates: Transform the way you manage WordPress sites with these powerful new features. Learn more.

  • cpfence --bulk-update-wordpress: Perform bulk updates for WordPress core, plugins, themes, and translations across all sites.
  • cpfence --enable-wp-auto-updates: Enable automatic updates for WordPress core, plugins, and themes on all sites.
  • cpfence --disable-wp-auto-updates: Disable automatic updates for WordPress core, plugins, and themes on all sites.

For detailed guidance, visit the documentation page.

Version 3.3.6

5th December 2024

Improved

  • Optimized the WordPress Security module to enhance performance on large servers with 500+ accounts.

Fixed

  • Fixed an issue where some cPFence virus signatures were not loading correctly.

Version 3.3.5

2nd December 2024

Added

  • Introducing a powerful new WordPress Security and Maintenance module in cPFence to enhance the protection of your WordPress sites. This feature includes tools for automated integrity checks, file quarantine, and more:
    • Enable WordPress Integrity Check to safeguard your sites: cpfence --enable-integrity-check.
    • Disable WordPress Integrity Check anytime: cpfence --disable-integrity-check.
    • Automatically quarantine unexpected files detected during integrity checks: cpfence --enable-auto-file-action.
    • Disable automatic file quarantine for manual control: cpfence --disable-auto-file-action.
    • Set the frequency of integrity checks to daily or hourly: cpfence --set-check-frequency daily or hourly.
    • Generate a list of WordPress sites and their owners on the server for easy management: cpfence --generate-wp-sites-list.

    This module performs server-wide integrity checks, identifying unexpected or tampered files and providing actionable steps to resolve them. Optional automatic quarantine ensures that malicious files are isolated immediately, keeping your WordPress installations secure.

Fixed

  • Fixed an issue where the cPFence virus scan was not starting correctly on servers with a large number of sites.

Version 3.3.4

23rd November 2024

Improved

  • Improved the exported vulnerability report to include clear file paths instead of the generic `/var/www` path, making it easier to locate and resolve vulnerabilities. Use the command cpfence --vuln-export to generate the report.

Fixed

  • Fixed an issue with IP synchronization with the license server that was occurring on some servers.

Version 3.3.3

21st November 2024

Added

  • Added the ability to export vulnerability scan results to a detailed CSV report saved at `/var/log/cpfenceav/vulnerabilities.csv`. Use the command cpfence --vuln-export to generate the report. More information is available here.

Fixed

  • Fixed multiple minor issues and addressed false positives reported by cPFence users.

Version 3.3.2

16th November 2024

Added

  • cPFence now automatically syncs your server’s IPs with the license system every 48 hours when using per-website billing. To trigger the sync immediately, use the command: /opt/cpfence/app/setup/validate -sync-ips on your main control panel only. There’s no need to open a ticket; it will be synced automatically.

Version 3.3.1

14th November 2024

Added

  • Added the ability to perform server-wide scans to detect WordPress vulnerabilities. To initiate a vulnerability scan on your server, use cpfence --vuln-scan

Version 3.3.0

6th November 2024

Fixed

  • Fixed a minor issue with cPFence Owl IP monitoring and blocking functionality.
  • Applied several updates and improvements to the WAF module to address issues reported by clients. Thank you for your valuable feedback!

Added

  • Added WAF compatibility for Moodle and other CMS platforms, improving security integration for a broader range of applications.

Improved

  • Enhanced the virus database with numerous new generic rules to enhance detection and blocking of recently discovered PHP malware infections.
  • Upgraded the country IP detection database for improved accuracy and reliability.

Version 3.2.9.1

12th October 2024

Improved

  • Optimized the update logic to ensure a more efficient upgrade process for the upcoming v12 release.

Fixed

  • Fixed a minor issue where old backups were not being deleted correctly, ensuring proper cleanup and storage management.

Version 3.2.9

11th October 2024

Improved

  • Implemented preliminary updates to streamline compatibility with the upcoming v12 release of Enhance, minimizing the transition time when v12 is officially released.

Fixed

  • Several minor issues have been fixed in the Owl Module.

Version 3.2.8

8th October 2024

Added

  • Added the ability to use SMTP for cPFence notification emails. This allows you to receive notifications via your SMTP server. To manage this feature, use the following commands:
    • Enable: cpfence --enable-cpfence-smtp
    • Disable: cpfence --disable-cpfence-smtp
    • More info can be found on this link.

Improved

  • Addressed several minor false positives, improving overall detection accuracy and reducing unnecessary alerts.

Version 3.2.7

28th September 2024

Added

  • Added the ability to check the current state of an IP and retrieve full details. Use cpfence --check-ip 87.251.75.136 to get information about whether the IP is whitelisted, blacklisted, and how many times it has been blocked.+-----------------------------+-----------------------------+
    | IP Check Results for: | 87.251.75.136 |
    +-----------------------------+-----------------------------+
    | Whitelisted (File) | No |
    | Whitelisted (IPSet) | No |
    | Blacklisted (File) | No |
    | Blacklisted (IPSet) | Yes |
    | Times Blocked | 58407 |
    | Times Blocked by CPF DDoS | 0 |
    +-----------------------------+-----------------------------+
  • Added the ability to enable or disable email quarantine for infected attachments or phishing links. By default, email quarantine is off, allowing full control over automated actions. You can turn it on or off using the following commands:
    • Enable: cpfence --enable-email-quarantine
    • Disable: cpfence --disable-email-quarantine

    This allows separate control of email and file quarantine.

  • Added the ability to enable or disable spam protection. By default, it is off. When enabled, cPFence will automatically quarantine pure spam emails that do not contain infections or phishing links but are otherwise annoying or misleading or are trying to deceive and blackmail the user. To manage spam protection, use the following commands:
    • Enable: cpfence --enable-spam-protection
    • Disable: cpfence --disable-spam-protection

Version 3.2.6

24th September 2024

Added

  • Added the ability to activate optional per-website billing for greater flexibility. For only $0.10 per website, Learn more at this link.
  • Added the ability to block Tor IPs directly from the CLI. Use cpfence --blacklist-country tor to block all traffic from Tor exit nodes.

Version 3.2.4

21st September 2024

Added

  • Added a new feature to enable or disable Auto Quarantine. The default setting is “Off.” Use cpfence --enable-quarantine to enable it. Infected files will be automatically moved to `/opt/cpfence/quarantined/`.
  • It is recommended to perform an initial scan without quarantine using cpfence --full-scan to review and whitelist any safe files. After reviewing, you can enable Auto Quarantine to automatically isolate detected threats.
  • To disable Auto Quarantine at any time, use cpfence --disable-quarantine. You will still receive notifications about malware, but no quarantine actions will be taken.

Version 3.2.3

19th September 2024

Added

  • Added the ability to run a custom scan manually. Please use cpf_scan PATH

Improved

  • Massive boost in malware detection. It’s highly recommended to run a new Smart Scan with the enhanced new scanning engine using: cpfence –smart-scan

Version 3.2.2

15th September 2024

Added

  • Added the ability to restart the Owl module using the CLI. Please use cpfence --restart-owl

Improved

  • Improved detection of some previously missed malware.
  • QUIC.cloud CDN IPs are now whitelisted by default, along with the already-whitelisted Cloudflare IPs.

Version 3.2.1

14th September 2024

Improved

  • Resolved minor issues in the cPFence Owl module.

Version 3.2.0

12th September 2024

Improved

  • cPFence has been optimized to use significantly less RAM, improving performance across all systems. This change allows cPFence to run efficiently even on servers with limited memory.
  • For the paid version, Proactive mode can now be enabled on low-end systems with as little as 2GB of RAM.

Version 3.1.9

11th September 2024

Improved

  • Fixed several WAF false positives reported for various CMS platforms, including WHMCS, Joomla, and Drupal.

Version 3.1.8

9th September 2024

Added

New WAF Management CLI Commands

    • cpfence --disable-waf-domain DOMAIN: Disable OLS/LS WAF entirely for a specific domain.
    • cpfence --enable-waf-domain DOMAIN: Re-enable OLS/LS WAF for a previously disabled domain.
    • cpfence --disable-waf-domain-byid DOMAIN ID-LIST: Disable one or more specific WAF rules for a domain by providing a list of rule IDs (e.g., –disable-waf-domain-byid example.com 2007,2270).
    • cpfence --enable-waf-domain-byid DOMAIN: Re-enable one or more WAF rules for a specific domain that were previously disabled using RuleRemoveById.

These features provide greater flexibility in managing WAF rules on a per-domain basis, allowing users to disable or re-enable specific rules or the entire WAF as needed. For more information, check our help pages.

Version 3.1.7

8th September 2024

Improved

  • Enhanced IP database for more accurate detection and improved performance.
  • Applied additional tweaks to WAF rules for minimizing false positives and enhancing reliability.

Version 3.1.6

7th September 2024

Improved

  • Improved WAF rules to reduce unnecessary false positives.
  • Updated Owl module to v2.9.9, resolving issues where config file changes were not being detected correctly in certain cases.
  • Implemented several code optimizations in the Owl module for enhanced security and performance.

Version 3.1.5

5th September 2024

Improved

  • Further optimizations for low-end, low-RAM VPS with 4GB RAM or less. If you are operating one of these systems, please ensure that you execute cpfence --disable-proactive to take full advantage of these improvements.

Version 3.1.4

3rd September 2024

Added

  • Automatic Fallback on Update Failure.
    – Introduced a robust fallback mechanism that automatically restores the previous version of cPFence if the update process fails. This ensures that cPFence remains operational even in the event of an update error.
  • Email Notification on Successful Update
    – Implemented an email notification feature that sends a confirmation email upon successful cPFence updates. This notification can be enabled or disabled via the SEND_CPF_UPDATE_NOTIFICATION setting in the configuration file.The default setting is on.

Version 3.1.3

2nd September 2024

Fixed

  • Fixed an issue where updates were failing on some systems running Ubuntu 22.04.If you’re running Ubuntu 22.04 and encounter any issues, please run the installation command again and choose to back up the current installation when prompted. If you need any help, please open a ticket.

Added

  • Ability to bulk import IPs from files or URLs for whitelisting or blacklisting.
    – Now you can bulk whitelist or blacklist IPs across all your servers in one step.
    For example, use cpfence --bulk-whitelist-ip https://a.com/custom_whitelist.txt.
    You can also automate this process with a cron job to keep all your servers synced with your custom rules, Use something like:
    0 * * * * /usr/local/bin/cpfence –bulk-blacklist-ip https://a.com/custom_blacklist.txt
    This feature supports both full paths and valid URLs. Please check help pages for more info.
  • Ability to block or whitelist certain user agents and preserve them across cPFence updates
    – Edit the following files to manage user agents: ‘/opt/cpfence/app/cpfwaf/userdata_bl_agents’ (for blacklisting)
    and ‘/opt/cpfence/app/cpfwaf/userdata_wl_agents’ (for whitelisting).
    To apply your changes, disable and re-enable WAF with:
    cpfence --disable-ols-waf
    cpfence --enable-ols-waf

Improved

  • cPFence is now able to detect and block more than 800 different bots. Combined with the IPDB module, this will significantly reduce server load and mitigate many attacks and risks.

Version 3.1.1

31st August 2024

Fixed

  • Fixed false positives in LiteSpeed WAF on WordPress sites.

Improved

  • Added [cPFence] tag to the subject line of all emails for easier filtering and organization.

Version 3.1.0

30th August 2024

Improved

  • Optimized the statistics displayed by cpfence --show-stats for accuracy.
  • Improved the accuracy of the Country IP blocking module.

Version 3.0.9

28th August 2024

Improved

  • Updated country IP blocks to enhance the accuracy of IP detection.
  • Optimized the licensing module for improved speed and performance.
  • cPFence now effectively blocks any fake bot that pretends to be Google.
  • Significant improvements in the Bot Fight module, with cPFence now able to detect and block over 600 different bots.
  • Upgraded cPFence WAF to version 12.02, with additional optimizations and fine-tuning.

Version 3.0.8

26th August 2024

Added

  • Release of cPFence Owl v2.9.8, all Owl features are now fully compatible with Apache and Nginx.

Version 3.0.7

25th August 2024

Added

  • cPFence now detects email malware and common spam-infected links in your users’ inboxes. Infected spam emails is automatically quarantined, ensuring a safer and more secure email experience for all users.

Improved

  • Improved the generic signatures to catch even more malware, with shared hosting environments in mind.
  • cPFence signatures are now much more powerful, with over 600 signatures of the most active malware on the internet in the last 24 hours added daily.
  • Any missed malware reported to our team will be added to our database within an hour and automatically syndicated to all cPFence-protected servers, including users of the Free version.
  • These new improvements proudly bring cPFence’s detection rate to over 90%.

Version 3.0.6

24th August 2024

Added

Improved

  • Optimized WAF to reduce the occurrence of rare false positives.
  • Enhanced the licensing module for increased speed and security.
  • Significantly improved the reliability and accuracy of the Virus Scanner.

Version 3.0.5

15th August 2024

Added

  • New Feature: Added the ability to blacklist users with poorly coded scripts to prevent excessive load caused by slow SQL queries.
  • cPFence now detects Java and ELF malware, in addition to the previously supported PHP, Python, Perl , HTML and Bash.

Improved

  • The Update system will now preserve infected files in quarantine after upgrading to a new version.

Fixed

  • Resolved issue with incorrect value in email Notification (Owl Module).
  • Resolved issue where the Smart and Full scans wouldn’t start on certain systems.

Version 3.0.3

8th August 2024

Improved

  • Optimized speed and resource usage on high-traffic servers.
  • Improved DDoS protection algorithms for better detection of malicious traffic.
  • Optimized malware detection engine with updated signature database.

Fixed

  • Resolved issue with IPDB not syncing correctly under high server loads.

Version 2.9.0

15th May 2024

Added

  • Introduced cPFence Owl™ for 24/7 process monitoring with automated actions.
  • Added rootkit detection module for enhanced security against hidden threats.

Version 2.8.0

10th March 2024

Improved

  • Improved compatibility with different server environments, including custom setups.
  • Enhanced CLI commands for easier management of WAF rules and IPDB.

Fixed

  • Fixed bug causing incorrect reporting in the process monitoring module.

Version 2.5.0

20th February 2024

Improved

  • Improved compatibility with LiteSpeed and OpenLiteSpeed web servers.
  • Enhanced IP/Country management tools for better control of server access.

Fixed

  • Fixed an issue where the malware scanner was causing high CPU usage during peak hours.

Version 2.3.0

5th January 2024

Added

  • Introduced new CLI commands for advanced WAF management.
  • Added real-time logging for DDoS protection actions.

Improved

  • Enhanced GDPR compliance with additional privacy features.

Version 2.0.0

10th December 2023

Added

  • Introduced real-time malware detection with hourly signature updates.
  • Added DDoS protection module capable of blocking high-volume attacks.

Improved

  • Optimized the WAF rules for better performance and reduced false positives.

Version 1.8.0

5th October 2023

Improved

  • Updated the IPDB with an additional 100,000 abusive IPs for better threat management.
  • Improved load reduction techniques, especially during malware scans.

Version 1.7.0

20th September 2023

Added

  • Support for custom firewall rules based on user-defined criteria.
  • Ability to show statistics about protection modules.

Fixed

  • Resolved issue with WAF not triggering on specific rule sets.

Version 1.6.0

5th August 2023

Improved

  • Improved integration with external security monitoring tools.
  • Optimized performance for high-traffic websites with multiple layers of protection.

Fixed

  • Fixed a rare bug causing false positives in malware detection under specific conditions.

Version 1.5.0

10th July 2023

Added

  • Initial release of the IPDB DDoS protection module.
  • Added hourly updates for IP and malware databases.

Improved

  • Enhanced logging features for better transparency and auditability.