cPFence Change Logs - cPFence Web Security

Version 3.2.3

Latest

19th September 2024

Added

Added the ability to run a custom scan without quarantine or exclusions. Please use cpf_scan PATH

Improved

Massive boost in malware detection. It’s highly recommended to run a new Smart Scan with the enhanced new scanning engine using: cpfence –smart-scan

Version 3.2.2

15th September 2024

Added

Added the ability to restart the Owl module using the CLI. Please use cpfence –restart-owl

Improved

Improved detection of some previously missed malware.
QUIC.cloud CDN IPs are now whitelisted by default, along with the already-whitelisted Cloudflare IPs.

Version 3.2.1

14th September 2024

Improved

Resolved minor issues in the cPFence Owl module.

Version 3.2.0

12th September 2024

Improved

cPFence has been optimized to use significantly less RAM, improving performance across all systems. This change allows cPFence to run efficiently even on servers with limited memory.
For the paid version, Proactive mode can now be enabled on low-end systems with as little as 2GB of RAM.

Version 3.1.9

11th September 2024

Improved

Fixed several WAF false positives reported for various CMS platforms, including WHMCS, Joomla, and Drupal.

Version 3.1.8

9th September 2024

Added

New WAF Management CLI Commands

- –disable-waf-domain DOMAIN: Disable OLS/LS WAF entirely for a specific domain.
- –enable-waf-domain DOMAIN: Re-enable OLS/LS WAF for a previously disabled domain.
- –disable-waf-domain-byid DOMAIN ID-LIST: Disable one or more specific WAF rules for a domain by providing a list of rule IDs (e.g., –disable-waf-domain-byid example.com 2007,2270).
- –enable-waf-domain-byid DOMAIN: Re-enable one or more WAF rules for a specific domain that were previously disabled using RuleRemoveById.

These features provide greater flexibility in managing WAF rules on a per-domain basis, allowing users to disable or re-enable specific rules or the entire WAF as needed. For more information, check our help pages.

Version 3.1.7

8th September 2024

Improved

Enhanced IP database for more accurate detection and improved performance.
Applied additional tweaks to WAF rules for minimizing false positives and enhancing reliability.

Version 3.1.6

7th September 2024

Improved

Improved WAF rules to reduce unnecessary false positives.
Updated Owl module to v2.9.9, resolving issues where config file changes were not being detected correctly in certain cases.
Implemented several code optimizations in the Owl module for enhanced security and performance.

Version 3.1.5

5th September 2024

Improved

Further optimizations for low-end, low-RAM VPS with 4GB RAM or less. If you are operating one of these systems, please ensure that you execute cpfence –disable-proactive to take full advantage of these improvements.

Version 3.1.4

3rd September 2024

Added

Automatic Fallback on Update Failure.
– Introduced a robust fallback mechanism that automatically restores the previous version of cPFence if the update process fails. This ensures that cPFence remains operational even in the event of an update error.
Email Notification on Successful Update
– Implemented an email notification feature that sends a confirmation email upon successful cPFence updates. This notification can be enabled or disabled via the SEND_CPF_UPDATE_NOTIFICATION setting in the configuration file.The default setting is on.

Version 3.1.3

2nd September 2024

Fixed

Fixed an issue where updates were failing on some systems running Ubuntu 22.04.If you’re running Ubuntu 22.04 and encounter any issues, please run the installation command again and choose to back up the current installation when prompted. If you need any help, please open a ticket.

Added

Ability to bulk import IPs from files or URLs for whitelisting or blacklisting.
– Now you can bulk whitelist or blacklist IPs across all your servers in one step.
For example, use ‘cpfence –bulk-whitelist-ip https://a.com/custom_whitelist.txt’.
You can also automate this process with a cron job to keep all your servers synced with your custom rules, Use something like:
0 * * * * /usr/local/bin/cpfence –bulk-blacklist-ip https://a.com/custom_blacklist.txt
This feature supports both full paths and valid URLs. Please check help pages for more info.
Ability to block or whitelist certain user agents and preserve them across cPFence updates
– Edit the following files to manage user agents: ‘/opt/cpfence/app/cpfwaf/userdata_bl_agents’ (for blacklisting)
and ‘/opt/cpfence/app/cpfwaf/userdata_wl_agents’ (for whitelisting).
To apply your changes, disable and re-enable WAF with:
cpfence –disable-ols-waf
cpfence –enable-ols-waf

Improved

cPFence is now able to detect and block more than 800 different bots. Combined with the IPDB module, this will significantly reduce server load and mitigate many attacks and risks.

Version 3.1.1

31st August 2024

Fixed

Fixed false positives in LiteSpeed WAF on WordPress sites.

Improved

Added [cPFence] tag to the subject line of all emails for easier filtering and organization.

Version 3.1.0

30th August 2024

Improved

Optimized the statistics displayed by “cpfence –show-stats” for accuracy.
Improved the accuracy of the Country IP blocking module.

Version 3.0.9

28th August 2024

Improved

Updated country IP blocks to enhance the accuracy of IP detection.
Optimized the licensing module for improved speed and performance.
cPFence now effectively blocks any fake bot that pretends to be Google.
Significant improvements in the Bot Fight module, with cPFence now able to detect and block over 600 different bots.
Upgraded cPFence WAF to version 12.02, with additional optimizations and fine-tuning.

Version 3.0.8

26th August 2024

Added

Release of cPFence Owl v2.9.8, all Owl features are now fully compatible with Apache and Nginx.

Version 3.0.7

25th August 2024

Added

cPFence now detects email malware and common spam-infected links in your users’ inboxes. Infected spam emails is automatically quarantined, ensuring a safer and more secure email experience for all users.

Improved

Improved the generic signatures to catch even more malware, with shared hosting environments in mind.
cPFence signatures are now much more powerful, with over 600 signatures of the most active malware on the internet in the last 24 hours added daily.
Any missed malware reported to our team will be added to our database within an hour and automatically syndicated to all cPFence-protected servers, including users of the Free version.
These new improvements proudly bring cPFence’s detection rate to over 90%.

Version 3.0.6

24th August 2024

Added

cPFence Antivirus Free forever version is now available!

Improved

Optimized WAF to reduce the occurrence of rare false positives.
Enhanced the licensing module for increased speed and security.
Significantly improved the reliability and accuracy of the Virus Scanner.

Version 3.0.5

15th August 2024

Added

New Feature: Added the ability to blacklist users with poorly coded scripts to prevent excessive load caused by slow SQL queries.
cPFence now detects Java and ELF malware, in addition to the previously supported PHP, Python, Perl , HTML and Bash.

Improved

The Update system will now preserve infected files in quarantine after upgrading to a new version.

Fixed

Resolved issue with incorrect value in email Notification (Owl Module).
Resolved issue where the Smart and Full scans wouldn’t start on certain systems.

Version 3.0.3

8th August 2024

Improved

Optimized speed and resource usage on high-traffic servers.
Improved DDoS protection algorithms for better detection of malicious traffic.
Optimized malware detection engine with updated signature database.

Fixed

Resolved issue with IPDB not syncing correctly under high server loads.

Version 2.9.0

15th May 2024

Added

Introduced cPFence Owl™ for 24/7 process monitoring with automated actions.
Added rootkit detection module for enhanced security against hidden threats.

Version 2.8.0

10th March 2024

Improved

Improved compatibility with different server environments, including custom setups.
Enhanced CLI commands for easier management of WAF rules and IPDB.

Fixed

Fixed bug causing incorrect reporting in the process monitoring module.

Version 2.5.0

20th February 2024

Improved

Improved compatibility with LiteSpeed and OpenLiteSpeed web servers.
Enhanced IP/Country management tools for better control of server access.

Fixed

Fixed an issue where the malware scanner was causing high CPU usage during peak hours.

Version 2.3.0

5th January 2024

Added

Introduced new CLI commands for advanced WAF management.
Added real-time logging for DDoS protection actions.

Improved

Enhanced GDPR compliance with additional privacy features.

Version 2.0.0

10th December 2023

Added

Introduced real-time malware detection with hourly signature updates.
Added DDoS protection module capable of blocking high-volume attacks.

Improved

Optimized the WAF rules for better performance and reduced false positives.

Version 1.8.0

5th October 2023

Improved

Updated the IPDB with an additional 100,000 abusive IPs for better threat management.
Improved load reduction techniques, especially during malware scans.

Version 1.7.0

20th September 2023

Added

Support for custom firewall rules based on user-defined criteria.
Ability to show statistics about protection modules.

Fixed

Resolved issue with WAF not triggering on specific rule sets.

Version 1.6.0

5th August 2023

Improved

Improved integration with external security monitoring tools.
Optimized performance for high-traffic websites with multiple layers of protection.

Fixed

Fixed a rare bug causing false positives in malware detection under specific conditions.