cPFence Change Logs

Version 3.3.99.2

Latest

4th December 2025

Fixed

• WAF issue from the last build affecting some advanced setups.

Version 3.3.99

3rd December 2025

Added

• Firewall Rules and Ports editor in WebUI
  You can now control inbound and outbound traffic by defining which TCP and UDP ports to block or allow. You can also block IPs with comments for reference.
  

Improved

• An improved menu structure that better organizes firewall-related tools.
• Several malware false positives addressed.

Fixed

• SimplePie Integrity Check false positive after the recent WordPress 6.9 upgrade.
• Freezing issue in the Bulk Update WordPress tool.

Version 3.3.98

30th November 2025

Added

• Support for PHP 8.5 across all modules.
• Ability to upload plugins and themes from the WebUI and bulk install them across your cluster.
  

Improved

• Tightened SSH compromise detection to adapt to the latest attack patterns reported to us.

Fixed

• File permission regression from the previous version.

Version 3.3.97

26th November 2025

Added

• Machine Learning – Smart malware classification
  cPFence now includes a basic LSTM machine learning model that helps reduce false positives and improve detection accuracy. It currently supports the malware detection module, with plans to expand to other modules. This reduces issues like clean images being flagged as malware.
• cPFence now monitors shell init dotfiles for infections and SSH backdoors in all containers, with auto cleanup and instant alerts.
• WebUI CSRF protection layer for sensitive data and API calls.
• Bulk IP status checker for lists and URLs
  
• Ability to SSO auto login to clients WordPress sites and Enhance control panel
  
• Bulk new websites creation with optional WordPress auto-install
  
• Cluster-wide WordPress Auto-Install for existing sites
  
• Cluster-wide Cloudflare API token management for organizations and domains
  
• Cluster-wide PHP Opcache enable and disable.
• Cluster-wide PHP extension management.
• Ability to refresh lists in Select Domains, Select WordPress Sites, and Cluster Site Overview pages.

Improved

• Refactored WebUI layouts for better usability and easier navigation.

Fixed

• Several CSS and UI glitches fixed.

Version 3.3.96

9th November 2025

Added

• Owl v4.0 – Advanced Server Monitoring & Statistics
  The all-new Owl v4.0 introduces a unified cluster monitoring system with 30-day performance history and advanced metrics visualization.
  Read more: Owl v4.0: Unified Cluster Monitoring with 30-Day Performance History

  

  • New CLI tool to view live Owl statistics: cpfence --owl-stats
  • Automatic cleanup of metrics history (retains the last 30 days data)
  • Ability to view currently blocked ASNs from both CLI and WebUI
  • New feature to preview quarantined file contents and now sorted by date directly in the WebUI

  

Improved

• Enhanced WAF compatibility and fixed issues affecting some edge cases.
• Resolved several email and general malware detection false positives.
• Improved DKIM bulk tool – it now automatically skips domains that already have DKIM enabled or disabled.

Version 3.3.95

4th November 2025

Improved

• Enhanced WAF compatibility with Moodle sites and resolved related issues.
• Added the username column in the vulnerabilities CSV export for easier identification of site owners.

Version 3.3.94

30th October 2025

Added

• • Automatic Outbound Spam Lockdown with Instant Alerts
    Read more in the full blog post:
    Automatic Outbound Spam Lockdown with Instant AlertsCompared to Enhance’s default behavior:
    • Enhance limiter: Temporary throttling, no permanent auto-block, and no notifications.
    • cPFence protection: Permanent block, real-time alerts, and quick recovery when ready.

    To get started, enable the Spam AutoShield Module if not already active:
    cpfence --activate-spam-autoshield
    Outbound spam protection is enabled by default when the Spam AutoShield module is active. To disable it, set SPAM_AUTOSHIELD_LIMITS to off in the config file or via WebUI settings.

    To manually suspend an email account:
    WebUI: Tools & Utilities → Spam AutoShield Tools → Block / Unblock Outgoing Email
    CLI: Run cpfence | grep out-email for more info.

• • DDNS Whitelisting in cPFence Firewall
    Perfect for users with dynamic IPs who need to stay whitelisted in the WebUI.
    Simply create a free DDNS account (e.g., DuckDNS) and run:
    cpfence --add-whitelist-ddns your_ddns_subdomain.duckdns.org --webui
    Available through CLI only — run cpfence | grep ddns for more info.

• Block or Whitelist Spam Emails By Subject in WebUI
  Block emails based on specific words in their subject lines.
  This helps block spam messages from services like Gmail or Outlook that usually bypass filters.
  Available in WebUI or via CLI — run cpfence | grep subject for details.

Improved

• Added WAF compatibility with Enhance Control Panel servers using IP-only configurations with no domain.
• Improved WAF handling for rare Cloudflare edge cases.
• Updated IP database for more accurate geolocation.
• Optimized IMAP/POP3 brute-force protection module for better speed and accuracy.
• All JavaScript files are now bundled within the WebUI for improved stability and faster performance, removing reliance on external sources.

Version 3.3.93

19th October 2025

Added

• Custom Account Scanning
  You can now quickly start a custom scan on a specific account for faster and more precise detection.
  Available in WebUI > Threat & Malware Detection > Custom Scan.
  
  Displays both domain and account name for quick identification.
• New ApiMachine Tools (3 New)
  Added new backup management tools using the Enhance API – all can be applied to a single site, a specific server, or your full cluster:
  • Initiate full backups for selected websites
  • Retrieve detailed backup summaries
  • Delete all backups for chosen websites

  
  Available in both WebUI and CLI – run cpfence | grep backups for more info.

• ASN-Based Blocking in Spam AutoShield Module
  You can now blacklist or whitelist entire ASN ranges for enhanced spam control.
  Available in WebUI > Tools & Utilities > Spam AutoShield Tools
  
  or via CLI – run cpfence | grep asn for details.
• New WP-AutoShield Bulk Tools
  Manage automatic updates for a specific theme or plugin – apply actions to one site, a specific server, or the full cluster:
  • Update one specific theme
  • Update one specific plugin
  • Enable or disable automatic updates for a specific theme
  • Enable or disable automatic updates for a specific plugin

  Available in WebUI > Tools & Utilities > WP-AutoShield Bulk Tools > Manage Updates & Cron
  
  or use CLI – run cpfence | grep "automatic updates" for more info.

• New Disk Speed Test Tool
  Quickly identify low-performance disks using: cpfence --disk-speed-check
  Ideal for detecting slow HDDs. It’s recommended to disable Proactive Scan if running on low-performance drives, Using HDDs for hosting is not recommended in 2025; they are only suitable for storage and backups.

Improved

• Disabled the Save button when switching between files in “Edit Configuration Files” to prevent accidental overwrites.
• ApiMachine Module now skips duplicate accounts for account-level tools (like Restart container, Backups and Set PHP version) to avoid redundant operations.
• Several CSS fixes and WebUI interface tweaks.
• Improved MultiRun tool – now automatically loads all servers in autopilot mode.
  Run cpfence --multirun to try it, or add manual to restore the old behavior.

Version 3.3.92

15th October 2025

Added

• New Dashboard Charts
  Two new visual charts were added to the System Dashboard, providing a clearer overview of attack origins and defense performance at a glance. These insights help you quickly identify which countries generate the most attacks and decide which ones to block or monitor more closely.
• Country Indicators for IP Lists
  Country codes are now displayed next to each IP address in the Top DDoS/Brute-force and IPDB Attacker lists for easier source identification.

Improved

• Dashboard layout refined for better readability and information balance.
• Minor UI consistency updates across all dashboard widgets.

Version 3.3.91

8th October 2025

Added

• New Firewall & IPDB Engine
  The Firewall and IPDB modules have been completely rewritten for speed and accuracy.
  cPFence now performs firewall operations significantly faster while using less CPU and memory.
  The difference is night and day – for example, blacklisting a large country like China now takes just seconds instead of 15 minutes.
• New ASN Management Tool
  You can now remove previously blocked ASNs directly from the WebUI or via CLI:
  cpfence --remove-asn
• Quick Scan Mode – Fast & Lightweight Malware Scanner
  This new quick-scan mode bypasses exclusions and skips quarantine actions, even if quarantine is enabled in your settings.
  Perfect for fast sanity checks and verifying if exclusions are preventing malware detection.
  Available via CLI only:
  cpfence --quick-scan

Improved

• Additional scanners now automatically skip files outside /var/www to prevent symlink-related issues.
• Addressed several WAF and Malware false positives for improved accuracy and reliability.

Fixed

• Resolved issue fetching plugin slugs for certain plugins in the bulk install tool.
• Fixed a bug where the WebUI sometimes displayed old scan results instead of the latest scan output.

Version 3.3.90

5th October 2025

Added

• ApiMachine Module Expansion – Advanced Nginx Control Tools
  Easily manage and automate key Nginx operations across your entire cluster using the Enhance API.
  Now available directly in the WebUI — apply changes to all or selected sites across your cluster.
  CLI commands are also available for all tools; use cpfence --help for more.
  • Bulk enable FastCGI cache
  • Bulk disable FastCGI cache
  • Bulk clear FastCGI cache
  • Bulk add cache exclusion paths
  • Bulk remove cache exclusion paths
• New PHP Management Tools
  Cluster-wide PHP management made simple:
  • Bulk restart PHP containers instantly
  • Bulk update PHP versions for all or selected domains
• SSH Key Auto-Deployment Tool
  Instantly configure passwordless SSH access across your servers (main CP only).
  Run the following command:
  cpfence --deploy-ssh-key
• License Alert System
  Automatic email notifications when a license fails to validate due to IP or key mismatches, ensuring your server remains protected.

Improved

• Renamed cache directory from /y/ to /.cpf_cache/ to avoid confusion (Reference).
• WebUI now automatically detects and fixes SSH key issues.
• Quarantined files now have updated modification times upon isolation for improved accuracy.

Fixed

• Resolved false positives incorrectly identified as spam-related files (spamchunks and spamtags).

Version 3.3.89

26th September 2025

Added

• This release introduces the most powerful bulk WordPress management tools in cPFence.
• 13 new tools to manage Users, Themes, and Plugins per website, per server, or cluster-wide.
  Read more: New! Bulk Manage Themes, Users, Plugins, and Updates Across All Sites

• Bulk Install Theme or ZIP
• Bulk Activate Theme by Slug
• Bulk Delete Theme by Slug
• Bulk Create WP User (redesigned)
• Bulk List WP Users
• Bulk Reset All Passwords
• Bulk Reset One User Password
• Bulk Delete WP User (Reassign Content)
• Bulk Delete WP User (No Reassign)
• Bulk Disable Plugin by Slug
• Bulk Enable Plugin by Slug
• Bulk Update All WordPress Sites (Choose exactly what gets updated: core, plugins, themes, translations—or everything)
• Bulk Enable LiteSpeed Heartbeat from WebUI

• Ability to control retention period for quarantined files in settings. You can modify QUARANTINE_DAYS in WebUI or config file. Default value is 60.

Improved

• Per-website license IP sync improvement.
• Increased WAF compatibility with popular plugins.
• “Bulk Enable DNSSEC” tool now skips domains that already have DNSSEC enabled.

Fixed

• Fixed the WebUI [stream error: TypeError…] that appeared sometimes when running bulk actions on several servers.
• Fixed incorrect detection of CP main domain when resellers activate their whitelisted control panel feature.
• Fixed ApiMachine Module to be compatible with new Enhance API recently introduced by Enhance Team.

Version 3.3.88.1

23rd September 2025

Improved

• Resolved false positives triggered by the new Node.js feature.
• WebUI updated to prepare for the upcoming New WordPress Bulk Tools – manage users, themes, and plugins cluster-wide, on steroids. Coming soon.

Version 3.3.88

12th September 2025

Added

• Search by Server Name or IP Address to quickly switch between servers in the WebUI.
• New file search inside Edit Configuration Files page in WebUI – instantly locate any file by name.

Improved

• Enhanced compatibility and performance in both WAF and Malware Protection modules.

Version 3.3.87

9th September 2025

Added

• Quarantine restore in WebUI now marks entries as Restored or Quarantined.
  Once a file is restored, cPFence automatically updates the status and disables further restoration attempts to prevent duplication or errors.

Improved

• Enhanced infection log processing and smarter scan log pruning for faster performance and improved protection.

Version 3.3.86.2

7th September 2025

Improved

• Updated IP ranges database to improve country detection accuracy and coverage in the IPDB module.
• Addressed several malware false positives reported through WebUI.
• Addressed several WAF false positives reported through WebUI.

Version 3.3.86

5th September 2025

Improved

• Per-website license system and cPFence WebUI now automatically exclude soft-deleted websites.
• Resolved several reported false positives, further improving detection accuracy.

Version 3.3.85

30th August 2025

Added

• Auto SSL is now active on the cPFence WebUI control panel.
• Automatic IP whitelisting for new root logins. No more manual IP whitelisting, just log in to SSH as root and cPFence will auto-whitelist it for WebUI access.
  Works only if the Root Login Alerts option is enabled on your main control panel server.
• With these improvements, we recommend everyone use direct WebUI access instead of Cloudflare tunnels to avoid timeout issues and limitations.

Improved

• Improved per-website license IP sync.
• Increased WAF compatibility with popular plugins.

Version 3.3.84

27th August 2025

Added

• Malicious Plugin Detection:
  cPFence can now automatically detect plugins that attempt to hide themselves from the WordPress admin dashboard or sneak in a backdoor. When found, you’ll receive instant alerts and automated remediation will be applied.
• Malicious Cronjob Detection:
  Attackers often add hidden cronjobs for persistence. cPFence now detects these malicious cronjobs, alerts you immediately, and takes automated remediation actions when necessary.

Improved

• MonitorPro Module: Will now skip 301 status codes to prevent unnecessary “down” alerts.
• Clickable Blocked IPs: Top blocked IPs displayed in the WebUI are now clickable, giving you quick access to detailed information on why each IP was blocked.

Version 3.3.83

22nd August 2025

Added

• False Positive Reporting:
  You can now report false positives for both WAF and Malware directly from the WebUI.Available under:
  • Threat & Malware Detection > Quarantine Management > Report Malware False Positive
  • WAF Management > WAF Tracking > Report WAF False Positive

Improved

• Additional WAF optimizations to further improve compatibility with plugins and themes.

Version 3.3.82

20th August 2025

Added

• Automatic Cleanup for Quarantined Files:
  cPFence will now automatically clear quarantined files older than 60 days (along with their logs and stats). This helps keep your server tidy, especially if you deal with lots of infections or run busy environments.

Improved

• Even more WAF optimizations for better compatibility with a wide range of plugins and themes.
• Added new detection signatures to catch clever and hidden attack patterns that older scanners may have missed.

Version 3.3.81

16th August 2025

Fixed

• Fixed a small glitch where WordPress sites weren’t showing up in the WebUI on some systems.

Version 3.3.80

15th August 2025

Improved

• Several minor fixes and improvements in the WebUI bulk tools.
• Improved compatibility with PHP 8.4.

Fixed

• Resolved a false positive issue with the latest Clientexec version.

Version 3.3.79

6th August 2025

Fixed

• Resolved an issue with the WAF module affecting certain setups in the previous version.

Version 3.3.78

5th August 2025

Improved

• Upgraded the WAF Module to enhance application and API security. cPFence WAF is now scoring new records in WAF testing tools.

Test results shown below are from Nginx and LiteSpeed Enterprise servers only:

Fixed

• Resolved an issue where SMTP settings were not being saved correctly.

Version 3.3.77

27th July 2025

Added

• Captcha WAF
  Silent, offsite bot protection is now live. Block bad bots on login pages across all domains with one click. WebUI and CLI controls included. No user interaction, no server load. Just smarter security.
  Learn more about Captcha WAF →Key Features:
  • Intercepts bots offsite before they hit your server
  • Seamless for real users, no interaction required
  • Blocks brute-force, dictionary, and credential-stuffing attacks
  • Offloads heavy logic to reduce server load
  • Supports WordPress, Joomla, Laravel, and custom logins
  • Apply protection to any URL you define
  • Fast, accurate validation via cPFence’s load-balanced backend
• WP-AutoShield: Now auto disables LiteSpeed cache on WordPress login pages to allow Captcha WAF interception.
  Default is on
  Config setting: autoshield_disable_ls_cache_login_page
  CLI commands:
  • cpfence --bulk-enable-ls-cache-login-page
  • cpfence --bulk-disable-ls-cache-login-page

Improved

• Lots of WAF optimizations to improve compatibility with popular plugins and themes.

Version 3.3.76

11th July 2025

Improved

• WP-AutoShield daily cron now respects both “on” and “off” settings for all toggle options, not just “on” values.
• Additional WAF optimizations applied to improve compatibility across more platforms and plugins.

Version 3.3.75

9th July 2025

Added

• Ability to enable or disable Layer 7 WAF protection per domain.
• Ability to enable or disable Bot protection per domain.
• New global toggles for Layer 7 WAF and bot protection – enable or disable server-wide in one click.
• Fully supported via CLI. Run cpfence | grep WAF to explore available WAF options.

This only disables auto-protection — you can still use your own custom blacklist/whitelist in this mode:

• Bots:

  • Blacklist: nano /opt/cpfence/app/cpfwaf/userdata_bl_agents

  • Whitelist: nano /opt/cpfence/app/cpfwaf/userdata_wl_agents

• Layer 7 WAF:

  • Block custom IPs via: /opt/cpfence/app/cpfwaf/userdata_bl_IPs

All editable from the WebUI > Edit Config Files as well.

Improved

• Several minor fixes and overall improvements applied.

Version 3.3.74

6th July 2025

Added

• Asynchronous WebUI with Live FeedbackThe WebUI now gives real-time task feedback. No more “Please wait…” messages with no updates! You’ll now see output live, line by line, as it happens—for actions like status checks, malware scans, or bulk WordPress management.
  This improves user experience significantly and helps bypass the 100-second limitation of Cloudflare Zero Trust.

Improved

• Updated TOR IP list to improve detection. To block TOR exit nodes (App level with WAF + Server level with IPDB), run cpfence --blacklist-country tor or use the WebUI bulk tools.
• More WAF optimizations for enhanced compatibility.

Fixed

• Eliminated unnecessary email alerts when email is not set.
• Apache WAF stats were not displaying correctly in the WebUI.

Version 3.3.73

3rd July 2025

Added

• Proxy-Aware Layer 7 WAF with IPDBRead more: Layer 7 WAF with IPDB – Auto block real IPs behind Cloudflare, Akamai, and more
  • Introduced Layer 7 WAF with IPDB: Automatically detects and blocks real attacker IPs behind proxies like Cloudflare, Akamai, Fastly, and Nginx.
  • Tight integration with Brute-Force & Log Analysis modules – no need for Fail2ban.
  • Full IPv6 WAF Support – real-time blocking of IPv6-based DDoS and brute-force attacks.
  • Performance Optimized: Offloads malicious proxy traffic before it reaches the application layer, reducing CPU/memory spikes.

Improved

• MonitorPro now includes cache busting for more accurate and reliable monitoring results.

Version 3.3.72

1st July 2025

Improved

• Minor UI CSS tweaks and fixes for Dark Theme.
• More WAF optimizations to enhance compatibility.

Version 3.3.71

1st July 2025

Added

• New Dark Mode Interface – improves readability and reduces eye strain.
  
  Let us know what you think of the new design. Join the conversation:
  https://community.cpfence.app/d/16-dark-mode-enhanced-light-mode-now-available

Improved

• Redesigned Light Mode layout – better spacing and button organization across all WebUI pages.
  
• Improved WAF compatibility with MainWP, InfiniteWP, and other WordPress management plugins.

Version 3.3.70

28th June 2025

Added

• Ability to customize the appearance of the WebUI using custom CSS. This customization is preserved during updates.
  Available via WebUI: Edit Configuration Files > Edit cPFence WebUI custom.css
  Or manually edit: /opt/cpfence/webui/static/css/custom.css

Improved

• Optimized several modules to reduce I/O and CPU usage, especially if you’re using the Integrity Auto-Repair feature.
• Enhanced WAF module for stronger protections and improved compatibility with various platforms.

Version 3.3.69

26th June 2025

Improved

• Several WebUI improvements based on client feedback to enhance usability and ease of use.
• Further WAF optimizations to improve compatibility with more setups.

Fixed

• Resolved a cPFence cron issue that was affecting some Apache servers.

Version 3.3.69

Latest

26th June 2025

Improved

• Several WebUI improvements based on client feedback to enhance usability and ease of use.
• Further WAF optimizations to improve compatibility with more setups.

Fixed

• Resolved a cPFence cron issue that was affecting some Apache servers.

Version 3.3.67

22nd June 2025

Fixed

• Resolved WAF compatibility issues with popular WordPress builders like Elementor and Divi, as well as the WooCommerce plugin.
  If you encounter any further issues, please don’t hesitate to open a support ticket.

Version 3.3.66

21st June 2025

Added

• Bulk WAF Control from WebUI:
  You can now easily enable or disable WAF across all or selected servers directly from the WebUI in WAF Management > WAF Global Toggle.

Improved

• User Homelinks Now Auto-Synced Daily:
  The cpfence --create-user-homelinks tool now auto-syncs daily to reflect new, removed, or updated accounts. This keeps your /var/www/username links up-to-date, mimicking cPanel-style access.To benefit from this enhancement, please reinitialize the tool:

  cpfence --remove-user-homelinks
  cpfence --create-user-homelinks

  You can also manage this from WebUI for all servers at once:
  WebUI → Tools & Utilities → System Utilities → Manage User Homelinks

Fixed

• Several minor fixes and improvements across multiple modules.

Version 3.3.65

16th June 2025

Improved

• Enhanced Whitelisting Logic in Spam AutoShield:
  Email addresses and domains added to the whitelist must now pass either SPF or DKIM checks. This ensures better protection against spoofed or forged emails while keeping your whitelist secure and reliable.
• To apply these changes, you need to disable and re-enable Spam AutoShield using:
  cpfence --deactivate-spam-autoshield
cpfence --activate-spam-autoshield

Version 3.3.64

15th June 2025

Added

• MonitorPro Module now supports all subdomains and add-on domains across your cluster.
  Full visibility for all types of domains is now available.
  Learn how to use MonitorPro in WebUI →
• ApiMachine Module now supports all subdomains and add-on domains across your cluster.
  You can now apply bulk tools on all domains—primary or secondary.
  Learn how to use ApiMachine in WebUI →

Improved

• Database scanning will now auto-retry on failure. This should resolve any previous errors users encountered during scans.
• Server status tool now includes total domains and containers count for better overview.

Fixed

• Staging sites are now properly excluded from MonitorPro to avoid false alerts.

Version 3.3.63

13th June 2025

Improved

• Several minor fixes and overall improvements across multiple modules to enhance stability and performance.

Version 3.3.62

12th June 2025

Added

• New! Full WAF Support for Apache and Nginx Web Servers: Read more →
  The cPFence WAF module now officially supports Apache and Nginx, expanding beyond OpenLiteSpeed and LiteSpeed Enterprise.
  This makes cPFence the most versatile WAF solution for Enhance-based servers.
  Key highlights:
  • Capability to block malicious IPs even when they’re hiding behind Cloudflare proxies
  • Full integration with the cPFence WebUI, allowing you to manage WAF rules easily
  • Advanced filtering, intrusion prevention, and protection rules
  • Strong XSS and SQL injection mitigation
  • Full bot protection with support for whitelisting or blocking specific user-agents

  Read more →

Version 3.3.61

10th June 2025

Added

• New! Integrity Auto-Repair: The New Self-Healing Shield for WordPress – Read More Here
  The Integrity Check module now supports auto-repair of infected or modified WordPress core files.
  When Auto File Action is enabled, cPFence will:
  • Auto quarantine suspicious files
  • Restore the original clean core files instantly
  • Prevent downtime caused by core file tampering

  This makes your WordPress installations virtually bulletproof.

  Highly recommended: Turn this feature on via:
  WebUI → Threat & Malware Detection → Integrity Auto-Repair On

  

Improved

• Added PHP 5.6 compatibility in WP-AutoShield module for legacy WordPress installations.

Fixed

• Resolved a WebUI issue related to displaying WordPress website IDs correctly.

Version 3.3.60

9th June 2025

Added

• Automatic Security Headers for WordPress:
  WP-AutoShield now sets security headers automatically for all WordPress sites to help protect against XSS, clickjacking, and protocol downgrade attacks—no manual setup required.
  WP-AutoShield applies these headers automatically each day at 6:10 AM. To trigger a manual run immediately, execute:/opt/cpfence/app/wpautoshield/cpfautoshield🔐 Read More: Server-wide Security Headers Now Available in WP-AutoShield
  Use securityheaders.com to instantly check your score. Don’t forget to clear cache plugins or append ?nocache=1 to get accurate results.
• Forced Plugin Installation:
  Automatically installs all plugins listed in your /var/log/cpfenceav/wp-plugin-bundle.txt file on every WordPress site daily. Enforce plugin policies across your entire stack, like this one-click spam blocker:
  Block WordPress Comment Spam Across All Sites →
  (This feature is off by default; set autoshield_force_plugin_bundle in WebUI → System Settings to “on”.)
• Daily LiteSpeed Cache Clearing:
  Automatically clears LiteSpeed cache daily to prevent layout issues from stale CSS or JS.
  (This feature is off by default; set autoshield_clear_litespeed_cache in WebUI → System Settings to “on”.)

Improved

• Upgraded WAF to cPFence WAF v13.00 — getting closer to full Nginx support.
• SMTP password input now fully supports the following special characters: % # @ : / + ? & ! $ ; = , ' ( ) *
• The root login alert logic has been improved to ensure that alerts are skipped for whitelisted IPs.

Fixed

• Fixed formatting issues with some Slack notifications.
• Weekly scan jobs now run as expected—no more early triggers.

Version 3.3.59

4th June 2025

Added

• New Daily Settings Backup Feature:
  cPFence now backs up your settings automatically every day and retains the last 30 backups with automatic cleanup. Backups are now stored in /var/cpf_backups instead of the /tmp directory.
• New: Restore a Specific Backup File:
  You can now restore any specific settings backup manually using:cpfence --restore-cpf-settings <backup-file-name>
  Example:
  cpfence --restore-cpf-settings cpfence_backup_20250603231650.tar.gz

Improved

• Slack Notifications now apply setting changes instantly without requiring a restart.
• Improved support for sending long Slack messages without issues.
• The cPFence update process now automatically runs a pre-update settings backup and uses it if the built-in backup step fails.

Fixed

• Minor warning logs in LogSpot module resolved.
• Slack notification for root login is now correctly triggered.
• Fixed an issue with restoring cPFence settings via the WebUI.

Version 3.3.58

3rd June 2025

Added

• Slack Notifications Integration
  cPFence now supports real-time Slack alerts — perfect for receiving critical notifications on your mobile or desktop.Read more in our blog post: cPFence Security Alerts Now on your Mobile
  Also check out our step-by-step Knowledgebase setup guide: How to Set Up Slack Notifications in cPFence?Notifications include:
  • Malware Found
  • Full / Smart / Custom Scans Completed
  • Rootkit Detected
  • WordPress Vulnerabilities Found
  • Malicious Entry Found in Database Scan
  • Root Login Detected
  • IP Reputation Blacklist Detected
  • WordPress Integrity Issues Detected
  • Watchdog: Server Services Down
  • Website Up/Down or Keyword Monitoring Alerts
  • High CPU / RAM / Disk / Inode Usage
  • cPFence Software Updated
  • WordPress Backup Completed

  To enable: Go to System Settings → Slack Notifications in your WebUI.

Improved

• Scan results (Full / Smart / Custom) now automatically notify you via email and Slack (if enabled).
• Major enhancements in the WAF module including new detection for web shells, fish shell files, and XSS payloads.
• Improved several WAF rules to enhance compatibility with upcoming Nginx support, including dedicated Nginx test support.
• Configuration variable OLS_WAF has been deprecated and replaced by CPF_WAF.
• Commands --enable-ols-waf and --disable-ols-waf are now replaced with --enable-cpf-waf and --disable-cpf-waf.

Fixed

• Several minor bug fixes reported by users have been resolved.

Version 3.3.57

26th May 2025

Fixed

• Resolved an issue where restoring quarantined files via the WebUI was failing on some servers.

Improved

• Enhanced WAF compatibility with the Breakdance Builder for smoother site operation.
• Updated the Server Status tool to detect and display disk info correctly on systems using SSD/HDD with MD arrays.

Version 3.3.56

23th May 2025

Added

• New WordPress Backup & Restore Module (Beta):A powerful new module to automate and manage WordPress backups across your entire infrastructure. Read More on this post.Key features include:
  • Bulk backup or restore a single site, full server, or entire cluster via the Central Dashboard.
  • Customizable backup schedules (daily or specific days).
  • Email notifications for success or failure, with detailed logs.
  • File exclusion support:
    • Per WP install: /var/www/uuid/.cpfence/cpfbackup-exclude.txt
    • Global (per server): /var/log/cpfenceav/cpfbackup-exclude.txt
  • Auto detection and exclusion of nested WordPress installs to save space.
  • Ability to exclude entire sites or specific installs via:
    /var/log/cpfenceav/cpfbackup-exclude-sites.txt
  • Support for remote backups via passwordless SSH (with custom port support).
  • Restore from a specified backup snapshot date.
  • Retention settings configurable per server.
  • Trigger and monitor backup schedules from the Central Dashboard.
• New Tool: Bulk Update Server Packages from Central DashboardUpdate all server packages across your cluster with one click and view whether restarts are needed and why.
  Available under: Tools & Utilities → Bulk Update Server Packages

Improved

• cPFence will now auto-trigger weekly scans when no recent scan is detected.
• Scanner performance optimized for better efficiency on low-end VPS environments.
• WAF logic enhanced in preparation for future Apache and Nginx support (in progress).

Fixed

• Resolved an issue where User Agent blocking wasn’t functioning correctly on some servers.

Version 3.3.55

12th May 2025

Improved

• Resolved false positives reported for both the WAF and Malware Scanner modules.
• Several minor fixes and applied overall improvements to the WebUI.

Version 3.3.54

7th May 2025

Added

• AutoMySQL Killed Queries Monitoring:
  Monitor MySQL queries automatically terminated by the Owl AutoMySQL module in real-time.
  This helps in reviewing and optimizing problematic query patterns.
• Web Server Log Monitoring (Per Site or Server-Wide):
  New flexible logging tool to monitor HTTP access logs:
  • Per site: using the UUID
  • Server-wide: monitor all active domains at once

Improved

• Enhanced PHP Malware Detection:
  New detection logic improves identification of threats in WordPress, Joomla, and Laravel applications—resulting in significantly better PHP-based malware protection.

Fixed

• Resolved an issue with inaccurate WordPress site counts on large clusters.

Version 3.3.53

4th May 2025

Added

• WP-AutoShield Site Whitelisting in WebUI:You can now easily exclude specific sites from the WP-AutoShield daily cron tasks directly from the WebUI — no need to manually edit files.
• One-Click Integrity Check Whitelisting:Whitelist sites or individual files from the WordPress Integrity Check module cluster-wide with a single click from the WebUI — saving time and simplifying management.

Improved

• Smarter Root Login Notifications:
  Root login alerts will now automatically skip whitelisted IPs to prevent unnecessary notifications.
• Improved WebUI Performance on Large Clusters:
  Increased timeout limits when collecting WordPress sites from the cluster—ensuring smoother performance on servers with a high number of sites.

Version 3.3.52

2nd May 2025

Added

• Introducing the cPFence Central Dashboard – One Panel. Full Power.
  Say goodbye to jumping between servers. The all-new Central Dashboard brings everything under one roof—manage all your cPFence-protected servers and WordPress sites from a single, powerful web interface. Experience next-level control, real-time insights, and bulk tools that simplify even the most complex tasks. Learn More
• Spam AutoShield: Domain & Email Whitelisting Support
  You can now whitelist trusted domains or specific sender email addresses to avoid blocking legitimate messages.
  Available via CLI or the WebUI.

Improved

• SMTP Headers:
  SMTP notifications now include the custom X-AuthUser: header to improve email deliverability and inbox placement.
• Plugin Upgrade Logic in Bulk Installer:
  The bulk plugin installation tool now auto-overwrites older versions, making it easy to push updates accross your cluster using custom ZIP files.

Version 3.3.51

22th April 2025

Added

• Faster Real-Time Malware Detection:
  Real-time protection is now significantly faster.
  Malware is now detected in under 5 minutes—giving you a quicker response window and improved overall security.

Improved

• Optimizations for Upcoming Browser-Based WebUI:
  Multiple performance improvements and architectural tweaks to support the upcoming brand new WebUI.
  This modern dashboard will allow you to manage all your servers from one place—right in your browser.

Version 3.3.50

12th April 2025

Added

• Whitelist Specific Database Entries from Database Scanning Module:
  You can now exclude known-safe database entries from the daily malware scan.
  Simply add the exact string to:/opt/cpfence/user-config/cpfmrtp/whitelisted_db_entries.txtAlso available via the UI:
  Admin UI → Edit Configuration Files → Manage Whitelisted DB Entries

Improved

• Smarter Owl WatchDog for Services:
  The Owl module now verifies that a service is truly down before sending alerts or attempting recovery.
  This prevents false positives when services are simply restarting.
• Enhanced Server Status Tool:
  The cpfence --server-status tool now displays even more useful system info, including:
  • CPU model, clock speed, and core count
  • Total installed RAM and disk size
  • Needed server reboots and pending security updates

  Tip: Please include this output when opening support tickets—it helps speed up diagnostics.

Fixed

• Improved WAF compatibility when specific server-side software packages are installed.

Version 3.3.49

9th April 2025

Added

• .htaccess Injection Detection:cPFence now monitors and warns you of any suspicious .htaccess modifications, helping you identify potential malware or redirect injections early.
• New Heuristic Analysis Module (Beta):Our new heuristic engine detects suspicious file behavior and structures, even in unknown or modified malware samples. This feature is in beta, and currently provides email alerts only (no auto actions). Please report any false positives to help us improve it further.
• Owl WatchDog Extended to Cover More Services:Owl now monitors the following additional services and will auto-restart them on failure and notify you by email:
  • SSH
  • CRON
  • Rspamd
  • Postfix
  • Dovecot
  • Pure-FTP
• New Server Status Tool:Quickly check the health of your system and services with:cpfence --server-statusIt provides a detailed overview including hostname, resource usage, IPv4/IPv6, running services, and uptime—all in one clear table.Sample Output:

  +----------------------------------------+---------------+-----------------------------------------------+
  | Check                                  | Status        | Details                                       |
  +----------------------------------------+---------------+-----------------------------------------------+
  | Hostname                               | OK            | server20.test.com                             |
  | Enhance Control Panel                  | OK            | Enhance Version 12.1.0                        |
  | Operating System                       | OK            | Ubuntu 24.04.2 LTS                            |
  | Kernel Version                         | OK            | 6.8.0-57-generic                              |
  | Server IPv4                            | OK            | 88.999.777.66                                 |
  | Server IPv6                            | OK            | 3a01:7f8:c018:646e::1                         |
  | CPU Usage                              | OK            | 31%                                           |
  | Memory Usage                           | OK            | 42%                                           |
  | Disk Usage (root)                      | OK            | 34%                                           |
  | Disk I/O (sda)                         | OK            | 0.40%                                         |
  | Inode Usage (root)                     | OK            | 17%                                           |
  | Uptime                                 | OK            | 16 hours, 58 minutes                          |
  | Load Averages                          | OK            | 0.75, 0.82, 0.84                              |
  | orchd.service                          | NOT INSTALLED | Enhance Orchd                                 |
  | appcd.service                          | ACTIVE        | Enhance Appcd v12.1.0                         |
  | pdns.service                           | ACTIVE        | PowerDNS                                      |
  | ssh.service                            | ACTIVE        | OpenSSH Daemon                                |
  | cron.service                           | ACTIVE        | Cron Scheduler                                |
  | postfix.service                        | ACTIVE        | SMTP Server                                   |
  | dovecot.service                        | ACTIVE        | IMAP/POP Mail Server                          |
  | rspamd.service                         | ACTIVE        | Spam Filtering                                |
  | pure-ftpd.service                      | ACTIVE        | FTP Server                                    |
  | mysql.service                          | ACTIVE        | Database Server                               |
  | Webserver                              | ACTIVE        | OpenLiteSpeed                                 |
  +----------------------------------------+---------------+-----------------------------------------------+
  

• Support Access Tool:Need to share temporary access with cPFence support?
  • cpfence --add-support-key → Creates a temporary key valid for 6 hours to allow secure support access.

Improved

• MonitorPro Enhancement: Now retains uptime history across cPFence upgrades to avoid duplicate alert emails.

Fixed

• Resolved a false positive in the rootkit scanner related to the “bindshell” signature.

Version 3.3.48

6th April 2025

Added

• Auto Login Support for LogSpot (WHMCS Integration):
  The LogSpot module now supports auto-login from WHMCS, allowing your users to access their traffic reports instantly with one click—no manual password entry required.This feature uses the website UUID as the login key. The original password stored in the file still works alongside this method.Note: Only enable this if you’re comfortable with using the UUID as a login password.How to activate Auto Login:
  cpfence --ui → System Settings → cPFence LogSpot Module → Enable/Disable Website ID loginDownload the updated WHMCS function for the Enhance Module:
  Donwload the updated Module
• Extended Support for Alternative Document Roots:
  LogSpot now supports websites using /httpdocs in addition to /public_html.
  This is especially useful for sites imported from Plesk servers.

Improved

• Removed the cPFence branding link from the LogSpot login page for a fully white-labeled experience.

Fixed

• Resolved a false positive in the database scanning module when the Defender plugin is active on the website.

Version 3.3.47

4th April 2025

Added

• Introducing the All-New LogSpot Module – Per-Site Traffic Logs, Reinvented!
  Meet LogSpot — the sleek, modern, and ultra-lightweight web log analyzer built for Enhance servers. Designed with zero CPU/RAM footprint, LogSpot gives you deep visibility into per-site traffic stats in real-time.
  Read more about LogSpot
• Key Features:
  • One-click setup and works instantly for all main domains.
  • Accessible via browser at: https://domain.com/traffic-reports/
  • Beautiful, modern UI with:
    • Geo Location
    • Operating System and Browser stats
    • Unique visitor tracking
    • Dark mode support
  • Secure per-user password-protected access (auto-generated for each user).
  • Log size limit per website configurable (default: 100MB).
  • Automatic geolocation database updates (IPv4 + IPv6 supported).
  • Bonus CLI tool for real-time terminal log viewing with interactive search by UUID or username:
    • cpfence --logspot-logs-viewer
  • Improved WHMCS module to display the traffic report link to your clients.

  How to Get Started:

  1. Run: cpfence --enable-logspot
  2. A unique password will be generated under each site’s directory:
     /var/www/uuid/cpf_logs/yourpassword.txt
  3. Clients can edit this file to change their password anytime.

  Additional Commands:

  • cpfence --disable-logspot – Disable the LogSpot module and stop collecting logs.
  • cpfence --remove-logspot-data – Remove all LogSpot logs and reports server-wide.

Fixed

• Resolved multiple false positives in the database scanning module. If you had this module disabled, we recommend re-enabling it and reporting any further false positives via support tickets.

Improved

• SMTP now sets a default “Reply-To” header to improve inbox deliverability.
• cPFence Settings Backup/Restore now includes your SMTP configurations—making migrations easier.
• Spam AutoShield Module optimized further to improve both performance and spam detection accuracy.

Version 3.3.46

29th March 2025

Added

• New: Spam AutoShield Module – Total Server-Wide Spam Protection
  Introducing an advanced email filtering and spam-blocking system for your entire server. Built for precision and performance, Spam AutoShield helps you eliminate unwanted messages, phishing attempts, and spam floods.Read more: Spam AutoShield Overview
  • cpfence --activate-spam-autoshield – Enable the full spam protection suite with one click.
  • cpfence --deactivate-spam-autoshield – Disable all related spam-blocking features.
  • cpfence --configure-spam-autoshield – Apply recommended Spam AutoShield settings across your entire mail server.
  • cpfence --rspamd-training-tool – Instantly train the Rspamd Bayes filter using 170,000+ real-world spam samples for maximum detection accuracy.
  • cpfence --reset-rspamd-training-data – Reset Rspamd training data for a clean start.
  • cpfence --add-spam-autoshield-ip / --del-spam-autoshield-ip – Manage sender IP blocklist.
  • cpfence --add-spam-autoshield-email / --del-spam-autoshield-email – Manage sender email blocklist.
  • cpfence --add-spam-autoshield-domain / --del-spam-autoshield-domain – Manage sender domain blocklist.
  • cpfence --add-spam-autoshield-subject / --del-spam-autoshield-subject – Block or remove spammy email subjects.
  • cpfence --add-spam-autoshield-tld / --del-spam-autoshield-tld – Block or unblock TLDs like .ru, .xyz, etc.

  How to Get Started?

  1. First, upgrade Rspamd and activate its Web UI by following this guide:
     Upgrade Rspamd Guide
  2. Then activate Spam AutoShield using:
     cpfence --activate-spam-autoshield
• New Helper Tool: Username-Based Symlinks for /var/www
  Create cPanel-style paths for easier navigation using usernames. Great for sysadmins and developers!
  • cpfence --create-user-homelinks – Create symlinks like /var/www/username.
  • cpfence --remove-user-homelinks – Remove previously created symlinks.

Fixed

• Resolved a false positive in the database scanning module caused by the Ninja Firewall plugin.

Improved

• Enhanced WAF rule handling for improved compatibility with LiteSpeed Enterprise.

Version 3.3.45

19th March 2025

Added

• New Tool: List All Websites & UUIDs
  Easily retrieve and save a list of all website UUIDs for reference or management.
  • cpfence --list-website-uuids → Lists all website UUIDs and saves them to /var/log/cpfenceav/website-uuid-list.txt.
• New Website Resource Monitor:
  Monitor real-time resource usage (CPU, memory, and IO) for all or selected websites, with the ability to quickly search by UUID and owner usernames.
  • cpfence --website-resource-monitor → Track and analyze resource usage per website in real time.

Version 3.3.44

18th March 2025

Fixed

• Resolved several minor UI issues reported by users, ensuring a smoother experience.

Improved

• Enhanced WAF rules for improved security and better compatibility with various applications.

Version 3.3.43

13th March 2025

Improved

• Optimized Log Analysis for Large-Scale Attacks:
  Enhanced the logs analysis module to reduce CPU usage when “Under Attack Mode” is active during high-volume DDoS attacks.
• MonitorPro Module Now Uses a Custom Referrer & User Agent:MonitorPro now identifies itself with a dedicated user agent:
  Mozilla/5.0 (compatible; cPFence MonitorPro; +https://cpfence.app/)
  • Helps bypass third-party protections that may block uptime checkers.
  • Allows easy whitelisting of “cPFence MonitorPro” user agent in Cloudflare and similar security services.
• General Fixes & Improvements:
  Several enhancements and optimizations across various helper and bulk tools.

Version 3.3.42

12th March 2025

Added

• Automatic IP Whitelisting on Main Control Panel Server:
  cPFence will now automatically whitelist all your server IPs on your main control panel server, ensuring secure and seamless communication.Note: This feature is available only if cPFence is installed on the main control panel.
• Quick Whitelisting for Secondary Servers:
  For secondary servers, use the following script to whitelist all your server IPs across your cluster:bash <(curl -ks https://api.cpfence.app/whitelist_your_ips.sh)Why is this important? Starting with Enhance v12, DNS servers listen on IPv6 by default, and cPFence protections now extend to IPv6. Proper IP whitelisting ensures smooth operations and security across all servers.

Improved

• Enhanced “Under Attack Mode” with smarter security actions for even better DDoS protection.
• Improved cPFence compatibility with widely used WordPress plugins and themes.

Version 3.3.41

11th March 2025

Added

• ASN Blocking – A First in Server Security!
  cPFence is now the first security product to offer ASN blocking for both IPv4 and IPv6, bringing unmatched flexibility to Enhance users.Blocking entire ASN ranges is a powerful defense mechanism, especially during large-scale DDoS attacks.
  • cpfence --blacklist-asn → Instantly block an entire ASN range to neutralize threats.
• New Under Attack Mode (Beta) – Rapid DDoS Defense
  cPFence now features an Under Attack Mode designed to apply stricter and faster DDoS defenses when an attack is detected. This mode ensures enhanced protection against high-volume attacks while maintaining server stability.
  • cpfence --under-attack-on → Activates aggressive protections against ongoing DDoS attacks.
  • cpfence --under-attack-off → Restores recommended security settings once the attack is over.

Version 3.3.40

9th March 2025

Added

• Inode Usage Monitoring:
  cPFence Owl now tracks filesystem inode usage in real-time, ensuring early detection of excessive file creation, potential abuse, or misconfigurations that could impact system stability and security. High inode usage can lead to server instability, failed writes, and performance issues—this new monitoring feature helps prevent these risks before they cause serious problems.
• New Interactive Tool for Real-Time WAF Log Tracking:
  Quickly identify and troubleshoot potential false positives in cPFence WAF logs with this new interactive tool. This tool:
  • Automatically detects rule numbers responsible for blocked requests.
  • Suggests ready-to-use whitelisting commands for immediate action.

  Run the tool using:

  cpfence --debug-domain-waf

Improved

• Enhanced WP-AutoShield compatibility with Bedrock-based WordPress installations.
• Optimized WAF rules to prevent conflicts with phpMyAdmin on Enhance v12.

Version 3.3.39

7th March 2025

Improved

• Enhanced the Admin UI to better handle scenarios where users get disconnected or close the terminal with no clean exit, ensuring improved performance and stability during sessions.

Version 3.3.38

5th March 2025

Added

• Meet ApiMachine®: The Smartest Way to Manage Your Enhance Cluster
  Introducing ApiMachine – a powerful new module designed for full Enhance cluster control. Perform bulk actions across your entire cluster or specific servers directly from the cPFence UI.
  • Bulk Enable/Disable Redis: Manage Redis caching for all or selected domains.
  • Bulk SSL Generation: Generate SSL certificates for all or selected domains and mail subdomains.
  • Bulk Force HTTPS: Enable or disable forced HTTPS across multiple domains.
  • Bulk Enable/Disable DNSSEC: Manage DNSSEC and retrieve DS records in bulk.
  • Bulk Enable/Disable DKIM: Control DKIM email signing across all domains.
  • Cluster Sites Export: Export a full list of all cluster sites with organization and server details.
  • Secure API Key Storage: Store and encrypt your Enhance API key for secure cluster operations.

  Read more: Meet ApiMachine®: The Smartest Way to Manage Your Enhance Cluster

Version 3.3.37

2nd March 2025

Added

• Bulk WordPress Language Change:
  Now you can easily change the language of all or selected WordPress sites in bulk.

Improved

• Owl Now Monitors systemd for OpenLiteSpeed (OLS) & LiteSpeed (LS):
  Owl will now ensure systemd remains in sync with the actual LiteSpeed Web Server status, preventing unnecessary restarts. More details: Enhance Community Discussion.
  • Alerts will only be triggered if OLS/LS Web Server fails to start.
• WAF Optimizations:
  Additional compatibility improvements for various plugins and themes.

Version 3.3.36

24th February 2025

Added

• Owl Now Monitors AppCD Service:
  The Owl module now includes real-time monitoring for the AppCD service, ensuring it stays online along with other critical services.

Improved

• Further optimizations to WAF rules for the Enhance v12 architecture to prevent conflicts with certain pages and plugins.
• The Owl Module will now disregard the “Activating” state for the OLS web server and will no longer flag it as down.

Version 3.3.35

23rd February 2025

Added

• cPFence Owl Now Keeps a Watchful Eye on Your Critical Server Services!

  Stay ahead of downtime with real-time monitoring for MySQL, Web Server, DNS, and Main Control Panel services. cPFence Owl will:

  • Instantly notify you when any of these services go down.
  • Attempt to restart the service once immediately.
  • If unsuccessful, it will automatically retry after one hour to prevent endless restart loops.

  Be the first to know when issues strike and let cPFence handle recovery efforts for you.

• MonitorPro UI Editor – Smarter, Simpler Domain Management at Your Fingertips:

  

  You can now manage your MonitorPro list directly from the UI! Easily add, edit, or remove monitored domains and modify Keyword Monitoring without manually editing configuration files.

Improved

• WAF rules have been optimized for better performance, fully adapting to the new Enhance v12 architecture.

Fixed

• Resolved an issue where cPFence was not detecting OpenLiteSpeed (OLS) / LiteSpeed Web Server on some servers.

Version 3.3.34

18th February 2025

Added

• • Full IPv6 Compatibility – Setting a New Standard in Server Security!
    cPFence is now 100% IPv6 compatible, making us the the first server security solution in the shared hosting industry to achieve full, unrestricted IPv6 support. While Imunify360 offers partial IPv6 support, it comes with limitations and costs up to 10 times more—cPFence delivers robust IPv6 protection at a fraction of the price. While others are still catching up, cPFence is proud to lead the way. Our IPv6 support includes:
    • IPv6 Blacklisting & Whitelisting: Block or allow IPv6 addresses with ease.
    • Country Blocking Module: Now fully IPv6-ready—ensuring countries you block are truly blocked, regardless of IP type.
    • Brute Force Protection: SSH, FTP, and Web Services protection now fully IPv6-compatible. (Mail services support coming soon!)
    • IPDB IPv6 Support: Our real-time IP threat database is now IPv6-ready. As more IPv6 traffic grows, cPFence will build the most powerful and accurate IPv6 threat intelligence.

• Added the ability to Bulk IP Whitelisting & Blacklisting via Admin UI:
  Managing large IP lists is now easier than ever! You can now bulk add or remove IP addresses to your whitelist or blacklist directly from the Admin UI—no more adding IPs one by one.

Version 3.3.33

16th February 2025

Added

• Database Whitelisting for Database Scan:
  You can now whitelist specific WordPress databases from the daily malware scanning. This is useful for sites with known custom entries or large databases where scanning is not required.
  • Admin UI: Edit Configuration Files → Manage Whitelisted Databases
  • Add the full path of the WordPress installation.
  • Manual File Editing if needed: /opt/cpfence/user-config/cpfmrtp/whitelisted_databases.txt

Improved

• Database Malware Scan Enhancements:
  • Database Spam detections are now completely ignored—scanning will solely focus on malware and injection threats.
  • Email log attachments will now be capped at a maximum size of 5 MB for better deliverability.
  • Refined detection rules to eliminate all reported false positives, while keeping the scanner highly effective.

Version 3.3.32

15th February 2025

Added

Give Your Databases Some Love with cPFence – WP-AutoShield Now Shields and Optimizes Your Databases on Autopilot!

• WordPress Database Malware Scan (Auto-Enabled):
  WP-AutoShield now scans all your WordPress databases daily for malware and injection attacks. If anything suspicious is found, you’ll receive an instant email alert.Want to see it in action? Set up a test WordPress site and intentionally inject this malware test code: Test Malware CodeScan your databases manually anytime:
  • Admin UI: Threat and Malware Detection → Scan All WordPress Databases
  • CLI Command: cpfence --bulk-scan-wp-databases
• WordPress Database Bulk Optimization Tool:
  Boost your site’s performance with automatic daily database optimization. Off by default, but you can enable it from the UI or run it manually:
  • Admin UI: System Settings → WP-AutoShield → Daily Optimize All WP databases
  • CLI Command: cpfence --bulk-optimize-wp-databases

Fixed

• Several minor bug fixes and performance improvements.

Version 3.3.31

14th February 2025

Added

• Enhance v12 Compatibility:
  cPFence is now fully compatible with Enhance v12. Please follow these steps to upgrade safely:
  1. Backup your cPFence settings and uninstall the old version:
     cpfence --backup-cpf-settings
cp /tmp/cpfence_backup_* /root/
cpfence --uninstall
  2. Upgrade to Enhance v12 (latest version).
  3. Reinstall cPFence using the install command from your client area, Example:
     bash <( curl -ks https://api.cpfence.app/install.sh) -k Your-Key
     This will automatically install the latest v12-compatible version of cPFence.
  4. Restore your settings and enjoy! :
     cp /root/cpfence_backup_* /tmp
cpfence --restore-cpf-settings
cpfence --restart
• Added a new Cluster Sites Information Page
  Get a Complete Overview of Your Hosting Environment at a Glance, This page provides you with a real-time summary of all domains in your cluster, giving you instant visibility into:
  
  • Server Name: Easily identify which server each domain belongs to.
  • User Name: Easily identify which Username each domain belongs to.
  • Uptime Status: Integrated with MonitorPro, it shows live uptime monitoring data.
  • Downtime Tracking: Instantly see which sites are down and for how long.
  • Not Monitored Domains: Easily detect domains that aren’t being monitored.

  Available in: Admin UI → System Dashboard → Show Sites Info

  Note: This feature is only available on the main control panel servers.

Version 3.3.30

11th February 2025

Added

• Real-Time Root Login Alerts for Enhanced Security:
  cPFence now detects root logins and instantly notifies you via email. Stay informed about who is accessing your server and when.
  You can easily turn these notifications off in:Admin UI → System Settings → Email & Resource Notifications → Send Root Login Notification → Off
• Custom Idle Session Timeout Per Website:
  Now you have full control over session timeouts for individual WordPress sites.
  Simply define CPFENCE_CUSTOM_IDLE_TIMEOUT in the MU plugin, and your preferred timeout setting will persist across updates—ensuring a personalized and secure experience for each site.
• Bulk Maintenance Mode Management (Tool #44 in WP-AutoShield Arsenal):
  With this new tool, you can enable or disable maintenance mode for all or selected sites in just one click—directly from the Admin UI.
  More powerful tools are on the way!