cPFence Change Logs - cPFence Web Security

Version 3.3.2

Latest

16th November 2024

Added

cPFence now automatically syncs your server’s IPs with the license system every 48 hours when using per-website billing. To trigger the sync immediately, use the command: /opt/cpfence/app/setup/validate on your main control panel only. There’s no need to open a ticket; it will be synced automatically.

Version 3.3.1

14th November 2024

Added

Added the ability to perform server-wide scans to detect WordPress vulnerabilities. To initiate a vulnerability scan on your server, use cpfence --vuln-scan

Version 3.3.0

6th November 2024

Fixed

Fixed a minor issue with cPFence Owl IP monitoring and blocking functionality.
Applied several updates and improvements to the WAF module to address issues reported by clients. Thank you for your valuable feedback!

Added

Added WAF compatibility for Moodle and other CMS platforms, improving security integration for a broader range of applications.

Improved

Enhanced the virus database with numerous new generic rules to enhance detection and blocking of recently discovered PHP malware infections.
Upgraded the country IP detection database for improved accuracy and reliability.

Version 3.2.9.1

12th October 2024

Improved

Optimized the update logic to ensure a more efficient upgrade process for the upcoming v12 release.

Fixed

Fixed a minor issue where old backups were not being deleted correctly, ensuring proper cleanup and storage management.

Version 3.2.9

11th October 2024

Improved

Implemented preliminary updates to streamline compatibility with the upcoming v12 release of Enhance, minimizing the transition time when v12 is officially released.

Fixed

Several minor issues have been fixed in the Owl Module.

Version 3.2.8

8th October 2024

Added

Added the ability to use SMTP for cPFence notification emails. This allows you to receive notifications via your SMTP server. To manage this feature, use the following commands:
- Enable: cpfence --enable-cpfence-smtp
- Disable: cpfence --disable-cpfence-smtp
- More info can be found on this link.

Improved

Addressed several minor false positives, improving overall detection accuracy and reducing unnecessary alerts.

Version 3.2.7

28th September 2024

Added

Added the ability to check the current state of an IP and retrieve full details. Use cpfence --check-ip 87.251.75.136 to get information about whether the IP is whitelisted, blacklisted, and how many times it has been blocked.+-----------------------------+-----------------------------+ | IP Check Results for: | 87.251.75.136 | +-----------------------------+-----------------------------+ | Whitelisted (File) | No | | Whitelisted (IPSet) | No | | Blacklisted (File) | No | | Blacklisted (IPSet) | Yes | | Times Blocked | 58407 | | Times Blocked by CPF DDoS | 0 | +-----------------------------+-----------------------------+
Added the ability to enable or disable email quarantine for infected attachments or phishing links. By default, email quarantine is off, allowing full control over automated actions. You can turn it on or off using the following commands:
- Enable: cpfence --enable-email-quarantine
- Disable: cpfence --disable-email-quarantine
This allows separate control of email and file quarantine.
Added the ability to enable or disable spam protection. By default, it is off. When enabled, cPFence will automatically quarantine pure spam emails that do not contain infections or phishing links but are otherwise annoying or misleading or are trying to deceive and blackmail the user. To manage spam protection, use the following commands:
- Enable: cpfence --enable-spam-protection
- Disable: cpfence --disable-spam-protection

Version 3.2.6

24th September 2024

Added

Added the ability to activate optional per-website billing for greater flexibility. For only $0.10 per website, Learn more at this link.
Added the ability to block Tor IPs directly from the CLI. Use cpfence --blacklist-country tor to block all traffic from Tor exit nodes.

Version 3.2.4

21st September 2024

Added

Added a new feature to enable or disable Auto Quarantine. The default setting is “Off.” Use cpfence --enable-quarantine to enable it. Infected files will be automatically moved to `/opt/cpfence/quarantined/`.
It is recommended to perform an initial scan without quarantine using cpfence --full-scan to review and whitelist any safe files. After reviewing, you can enable Auto Quarantine to automatically isolate detected threats.
To disable Auto Quarantine at any time, use cpfence --disable-quarantine. You will still receive notifications about malware, but no quarantine actions will be taken.

Version 3.2.3

19th September 2024

Added

Added the ability to run a custom scan without quarantine or exclusions. Please use cpf_scan PATH

Improved

Massive boost in malware detection. It’s highly recommended to run a new Smart Scan with the enhanced new scanning engine using: cpfence –smart-scan

Version 3.2.2

15th September 2024

Added

Added the ability to restart the Owl module using the CLI. Please use cpfence --restart-owl

Improved

Improved detection of some previously missed malware.
QUIC.cloud CDN IPs are now whitelisted by default, along with the already-whitelisted Cloudflare IPs.

Version 3.2.1

14th September 2024

Improved

Resolved minor issues in the cPFence Owl module.

Version 3.2.0

12th September 2024

Improved

cPFence has been optimized to use significantly less RAM, improving performance across all systems. This change allows cPFence to run efficiently even on servers with limited memory.
For the paid version, Proactive mode can now be enabled on low-end systems with as little as 2GB of RAM.

Version 3.1.9

11th September 2024

Improved

Fixed several WAF false positives reported for various CMS platforms, including WHMCS, Joomla, and Drupal.

Version 3.1.8

9th September 2024

Added

New WAF Management CLI Commands

- cpfence --disable-waf-domain DOMAIN: Disable OLS/LS WAF entirely for a specific domain.
- cpfence --enable-waf-domain DOMAIN: Re-enable OLS/LS WAF for a previously disabled domain.
- cpfence --disable-waf-domain-byid DOMAIN ID-LIST: Disable one or more specific WAF rules for a domain by providing a list of rule IDs (e.g., –disable-waf-domain-byid example.com 2007,2270).
- cpfence --enable-waf-domain-byid DOMAIN: Re-enable one or more WAF rules for a specific domain that were previously disabled using RuleRemoveById.

These features provide greater flexibility in managing WAF rules on a per-domain basis, allowing users to disable or re-enable specific rules or the entire WAF as needed. For more information, check our help pages.

Version 3.1.7

8th September 2024

Improved

Enhanced IP database for more accurate detection and improved performance.
Applied additional tweaks to WAF rules for minimizing false positives and enhancing reliability.

Version 3.1.6

7th September 2024

Improved

Improved WAF rules to reduce unnecessary false positives.
Updated Owl module to v2.9.9, resolving issues where config file changes were not being detected correctly in certain cases.
Implemented several code optimizations in the Owl module for enhanced security and performance.

Version 3.1.5

5th September 2024

Improved

Further optimizations for low-end, low-RAM VPS with 4GB RAM or less. If you are operating one of these systems, please ensure that you execute cpfence --disable-proactive to take full advantage of these improvements.

Version 3.1.4

3rd September 2024

Added

Automatic Fallback on Update Failure.
– Introduced a robust fallback mechanism that automatically restores the previous version of cPFence if the update process fails. This ensures that cPFence remains operational even in the event of an update error.
Email Notification on Successful Update
– Implemented an email notification feature that sends a confirmation email upon successful cPFence updates. This notification can be enabled or disabled via the SEND_CPF_UPDATE_NOTIFICATION setting in the configuration file.The default setting is on.

Version 3.1.3

2nd September 2024

Fixed

Fixed an issue where updates were failing on some systems running Ubuntu 22.04.If you’re running Ubuntu 22.04 and encounter any issues, please run the installation command again and choose to back up the current installation when prompted. If you need any help, please open a ticket.

Added

Ability to bulk import IPs from files or URLs for whitelisting or blacklisting.
– Now you can bulk whitelist or blacklist IPs across all your servers in one step.
For example, use cpfence --bulk-whitelist-ip https://a.com/custom_whitelist.txt.
You can also automate this process with a cron job to keep all your servers synced with your custom rules, Use something like:
0 * * * * /usr/local/bin/cpfence –bulk-blacklist-ip https://a.com/custom_blacklist.txt
This feature supports both full paths and valid URLs. Please check help pages for more info.
Ability to block or whitelist certain user agents and preserve them across cPFence updates
– Edit the following files to manage user agents: ‘/opt/cpfence/app/cpfwaf/userdata_bl_agents’ (for blacklisting)
and ‘/opt/cpfence/app/cpfwaf/userdata_wl_agents’ (for whitelisting).
To apply your changes, disable and re-enable WAF with:
cpfence --disable-ols-waf
cpfence --enable-ols-waf

Improved

cPFence is now able to detect and block more than 800 different bots. Combined with the IPDB module, this will significantly reduce server load and mitigate many attacks and risks.

Version 3.1.1

31st August 2024

Fixed

Fixed false positives in LiteSpeed WAF on WordPress sites.

Improved

Added [cPFence] tag to the subject line of all emails for easier filtering and organization.

Version 3.1.0

30th August 2024

Improved

Optimized the statistics displayed by cpfence --show-stats for accuracy.
Improved the accuracy of the Country IP blocking module.

Version 3.0.9

28th August 2024

Improved

Updated country IP blocks to enhance the accuracy of IP detection.
Optimized the licensing module for improved speed and performance.
cPFence now effectively blocks any fake bot that pretends to be Google.
Significant improvements in the Bot Fight module, with cPFence now able to detect and block over 600 different bots.
Upgraded cPFence WAF to version 12.02, with additional optimizations and fine-tuning.

Version 3.0.8

26th August 2024

Added

Release of cPFence Owl v2.9.8, all Owl features are now fully compatible with Apache and Nginx.

Version 3.0.7

25th August 2024

Added

cPFence now detects email malware and common spam-infected links in your users’ inboxes. Infected spam emails is automatically quarantined, ensuring a safer and more secure email experience for all users.

Improved

Improved the generic signatures to catch even more malware, with shared hosting environments in mind.
cPFence signatures are now much more powerful, with over 600 signatures of the most active malware on the internet in the last 24 hours added daily.
Any missed malware reported to our team will be added to our database within an hour and automatically syndicated to all cPFence-protected servers, including users of the Free version.
These new improvements proudly bring cPFence’s detection rate to over 90%.

Version 3.0.6

24th August 2024

Added

cPFence Antivirus Free forever version is now available!

Improved

Optimized WAF to reduce the occurrence of rare false positives.
Enhanced the licensing module for increased speed and security.
Significantly improved the reliability and accuracy of the Virus Scanner.

Version 3.0.5

15th August 2024

Added

New Feature: Added the ability to blacklist users with poorly coded scripts to prevent excessive load caused by slow SQL queries.
cPFence now detects Java and ELF malware, in addition to the previously supported PHP, Python, Perl , HTML and Bash.

Improved

The Update system will now preserve infected files in quarantine after upgrading to a new version.

Fixed

Resolved issue with incorrect value in email Notification (Owl Module).
Resolved issue where the Smart and Full scans wouldn’t start on certain systems.

Version 3.0.3

8th August 2024

Improved

Optimized speed and resource usage on high-traffic servers.
Improved DDoS protection algorithms for better detection of malicious traffic.
Optimized malware detection engine with updated signature database.

Fixed

Resolved issue with IPDB not syncing correctly under high server loads.

Version 2.9.0

15th May 2024

Added

Introduced cPFence Owl™ for 24/7 process monitoring with automated actions.
Added rootkit detection module for enhanced security against hidden threats.

Version 2.8.0

10th March 2024

Improved

Improved compatibility with different server environments, including custom setups.
Enhanced CLI commands for easier management of WAF rules and IPDB.

Fixed

Fixed bug causing incorrect reporting in the process monitoring module.

Version 2.5.0

20th February 2024

Improved

Improved compatibility with LiteSpeed and OpenLiteSpeed web servers.
Enhanced IP/Country management tools for better control of server access.

Fixed

Fixed an issue where the malware scanner was causing high CPU usage during peak hours.

Version 2.3.0

5th January 2024

Added

Introduced new CLI commands for advanced WAF management.
Added real-time logging for DDoS protection actions.

Improved

Enhanced GDPR compliance with additional privacy features.

Version 2.0.0

10th December 2023

Added

Introduced real-time malware detection with hourly signature updates.
Added DDoS protection module capable of blocking high-volume attacks.

Improved

Optimized the WAF rules for better performance and reduced false positives.

Version 1.8.0

5th October 2023

Improved

Updated the IPDB with an additional 100,000 abusive IPs for better threat management.
Improved load reduction techniques, especially during malware scans.

Version 1.7.0

20th September 2023

Added

Support for custom firewall rules based on user-defined criteria.
Ability to show statistics about protection modules.

Fixed

Resolved issue with WAF not triggering on specific rule sets.

Version 1.6.0

5th August 2023

Improved

Improved integration with external security monitoring tools.
Optimized performance for high-traffic websites with multiple layers of protection.

Fixed

Fixed a rare bug causing false positives in malware detection under specific conditions.