Knowledge Base

cPGuard ChangeLog

Version 2.9 [ 21 Jun-2019]
[+] Remote MySQL support
[*] Fixed issues with symbolic link handling while manual scanning
[*] Additional logic in scanner engine to handle shell scripts in user space
[*] Fixed bug with DoS IP block in CSF

Version 2.8 [ 06 Jun-2019]
[+] Hook script added after file detection
[*] Symbolic link additional whitelisting
[*] Fixed whitelist file path bug 
[*] CageFS skeleton update after captcha locale change
[*] Updated scanner binaries

Version 2.7 [ 25 May-2019]
[+] Google reCaptcha support for brute-force protection
[+] Google reCaptcha support for RBL protection
[+] Multiple language support for Captcha Page
[+] License check from the command line
[*] Improved symbolic link notification and processing
[*] WAF license verification before activation
[*] Modified texts in UI

Version 2.6 [ 06 Apr-2019]
[*] Enabled log suppressing for RBL WAF Protection for POST DDoS
[*] Setup RBL WAF Protection for POST DDoS as optional
[*] Rootkit false positive alarm for PostgreSQL fix 

Version 2.5 [ 03 Apr-2019]
[+] Added ModSec RBL to protect from POST DDoS attacks
[+] Automatic Rootkit Scanning and email alerts
[*] Bug fixes to avoid cPanel PHP memory error
[*] Fixed bug in domain whitelist in automatic account suspension
[*] Fixed watchlist duplicates
[+] Signature updates 

Version 2.45 [ 25 Feb-2019]
[*] Core Binary updates to fix reported bugs and false positives
[*] Signature updates 
[*] brute-force script updates
[*] Modified access log analyzer and daily update file check logic
[+] Added logic to detect sloworis type brute-force attacks

Version 2.4 [ 15 Jan-2019]
[+] Added script to report false positives and virus files to us
[*] Fixed outstanding PHP errors
[*] Fixed bug in removing multiple quarantined files
[*] Fixed bug in update cases 

Version 2.3 [ 8 Jan-2019]
[*] Updates to handle LibClamAV changes in RHEL 6 distro
[*] Patches and updates in brute-force detection scripts

Version 2.2 [ 01 Jan-2019]
[*] Binary updates to work with LibClamAV library updates
[*] Improved WAF license checks
[*] Filter added to avoid foreign characters in scanner log
[*] Updated WAF log to fix to log table update issue
[+] Added the requested URI in brute-force logs
[+] Access logs processing to scan real-time exploited files
[+] Manual scan updates to avoid receiving system directories as input

Version 2.1 [ 18 Dec-2018]
[*] Updated brute-force logic to handle reverse proxy not passing client IP address
[*] cPGuard updates to stop adding unnecessary files to watch 

Version 2.0 [ 08 Dec-2018]
[*] New license check logic to avoid license error on some systems
[*] Anonymous cPGuard core error reporting
[*] Fix for various PHP warnings in WHM package
[*] Updated scanner rules

Version 1.99 [ 02 Dec-2018]
[+] Added new scanner layer to decode and scan encoded files. We are one of the first providers offering this scan logic.
[*] Updated logic for account suspension for virus files
[*] Core binary updates to address various bugs
[*] Updated scanner engine rules
[*] Reduced debug logs
[*] Scanner engine optimizations
[*] IP Reputation check for the additional IPs bug fix

Version 1.93-1.97 [ 1 Nov-2018 to 12 Nov-2018]
[*] Various updates to fix the cPanel internal PHP update
[*] Fix for the repeated email alert for same file detection
[*] Quarantine files list enhancements
[*] Updated scanner engine rules
[*] Bug fix for MySQL 5.7 table updates
[*] Disabled auto-clean if the action is set to email-only
[*] WAF rules updates

Version 1.92 [ 25 Oct-2018]
[+] Automatic account suspend option 
[+] Binary file action is now available 
[*] Fixed bug in WAF rule whitelist
[*] Updated scanner engine rules
[*] Package modification to work with cPanel internal PHP updates  

Version 1.91 [ 26 Sep-2018]
[+] Additional file scanner layer in WAF
[*] Fixed bug in RBL exclusion 
[*] Modified WAF rules
[*] Modified core binaries to fix license issues
[*] Fixed bug with the signature update with IPv6 

Version 1.89 [ 16 Sep-2018]
[+] Option to specify the time to block IPs in CSF for brute-force attacks
[+] Option to add additional RBLs by users
[+] Revamped RBLs list
[+] New Signature update system
[+] Pro-active cleanup of files reg wp-crypt attack and duplicator plugin vulnerability 
[*] Fixed issues with JSON files in cPanel plugin  [ Reported by Rack911 Labs ]
[*] Fixed installer to eliminate temporary files in /tmp [ Reported by Rack911 Labs ]
[*] Fixed symbolic link follow from user space to system files [ Reported by Rack911 Labs ]
[*] Improved ModSec rules for additional checks
[*] Enhanced scanner engine with additional checks
[*] Fixed repeated submission of same files for clean-up

Version 1.87 [ 23 Aug-2018]
[+] Improved WAF logs with additional information for each hit
[+] Direct file whitelist option from scanner log file details window 
[+] Signature updates
[*] Fixed bug in the core to stop checking PHP selector symlinks. Additional symlink false positive bug fixes.
[*] Improved ModSec rule for brute-force check

Version 1.86 [ 14 Aug-2018]
[+] More bad IP collections from servers. 
[+] Improved file viewer/editor with a back button 
[+] Improved email templates with license warning 
[+] Signature updates
[*] Amendments in UI texts and fixed issues with license checking

Version 1.85 [ 02 Jul-2018]
[+] Real-time brute-force attack block using CSF. 
[+] Optional extended WAF rules for extra protection 
[+] ModSec rule whitelisting from GUI
[+] Updated signatures list
[+] Additional notification option to enable/disable suspicious files notification.

Version 1.84 [ 15 Jun-2018]
[*] Fixed mobile view issues in WHM interface
[*] Corrected website link in the interface
[+] Added daily scan for the updated files with less CPU affinity
[+]Signature updates

Version 1.83 [ 22 May-2018]
[*] Bug fix in cPanel plugin to list the scanner jobs
[+] Updated logic for domain reputation with a rotated job list 
[+] ELF binary detection in the auto-scanner
[+] Updated signatures list

Version 1.82 [ 08 May-2018]
[*]Bug fix in cPanel plugin  report for RoundCube database backup symbolic link 
[*]Bug fix in manual scan report for RoundCube database backup symbolic link 
[+] Updated signatures list

Version 1.81 [ 19 Apr-2018]
[+] Specific File whitelist [ using complete path ] along with file name whitelist
[+] Turning File Cleanup into Stable 
[+] ModSec rule whitelisting tool
[+] Updatedsignatures list
[*]Bug fix in cPanel plugin  to report views with custom home directory 

Version 1.80 [ 09 Apr-2018]
[*] Stopped scanning some SQL dump file [ format] 
[*] Updated YARA rule to avoid some reported false positives
[*] Altered logic for dynamic watch addition for new accounts
[+] Updatedsignatures list

Version 1.79 [ 02 Apr-2018]
[*] Fixed the signature update bug on some systems
[*] Fixed bug cPanel plugin files listing pagination
[+] Added signatures list
[+] Billing panel URL updates

Version 1.78 [ 12 Mar-2018]
[*] Fixed the rogue directory structure handling exception in core
[*] Fixed bug in RBL status listing
[*] Improved core daemon to manage more directory loops
[+] Added dynamic reloading of watch list to reduce IO/CPU usage and restart count
[+] Added cPGuard sRBL
[+]Signature updates

Version 1.77 [ 02 Mar-2018]
[*] Fixed bug in tun ON/OFF of auto-clean button
[+] Improved auto-clean logic
[+] cPanel icon branding options
[+] Updated signature set

Version 1.76 [ 18 Feb-2018]
[*] Bug fix in removing quarantine files during file rotation
[*] Optimized pattern matching for FilesMan
[*] Bug fix in signature updates
[+] Updated signature set

Version 1.75 [ 07 Feb-2018]
[*] Bug fix in scanner in file ownership during quarantine
[*] Bug fix in clean-up in file ownership during restore
[*] Bug fix in watch list creation during enable/disable scanner
[*] Bug fix in scanner log status

Version 1.74 [ 02 Feb-2018]
[*] Bug fix in brute-force DB auto correction 
[*] Refined virus upload logic
[+] Virus files auto-cleanup beta version
[+] Improved virus signatures

Version 1.73 [ 25 Jan-2018]
[*] Bug fix in the main daemon for big file systems
[*] Bug fix in scanner to process file name with space
[*] Bug fix in manual scanner for big file systems
[+] Tuned brute-force rules to reduce total load
[+] Virus files collection to improve scanner

Version 1.72 [ 18 Jan-2018]
[+] Domain reputation check
[+] Multiple file restore option
[+] Back button for cPanel
[+] Updated virus signature
[*] Fixed crashed brute-force database
[*] Periodic quarantine files clearing

Version 1.71 [ 29 Dec-2017] 
[+] File scanning method has been updated as batch processing 
[+] Domain distributed brute force attack alerting system
[+] IP brute force DoS blocking 
[+] Updated brute force analysis logic
[+] Updated virus signature
[*] CSF will not be able to select in configuration if CSF is disabled or not installed
[*] Fixed bug in manual scan duration
[*] CentOS 6 bug is fixed with HTTP firewall
[*] Main daemon frequent exit bug is fixed

Version 1.69 [ 12 Dec-2017] 
[*] Fixed bug in WAF configuration during changing license key
[*] Fixed bug in high CPU during processing large files
[*] Fixed null device in scanner location list
[+] Introduced size limit for files to scan
[+] Updated virus database
[+] Enabled log rotation with multiple retention options
[+] Stopped extended logging of ModSec deny rules
[+] Added redirect to Deny Page for denied IPs 

Version 1.67 [ 05 Dec-2017] 
[*] Fixed bug in RBL alert email
[*] Improved cPGuard core 
[+] Added CSF Configuration Editor. Will continue to add more features in future versions
[+] In CSF Configuration editor, option to scan scripts which send emails more than defined count.
[+] Daily scan for updated files 
[+] Auto restart for cPGuard daemon in case of inactivity 
[+] Added signatures

Version 1.66 [ 24 Nov-2017] 
[*] Fixed bug in WAF Management 
[*] Fixed bug in installer SQL

Version 1.65 [ 22 Nov-2017] 
[+] RBL check can be enabled for additional IP addresses. UI has the option to add additional IP address to the check pool
[+] Manual scan option from command line
[+] Much improved cPGuard Core with memory optimization
[+] Updated Signatures
[+] cPanel users can scan the complete home directory
[*] Fixed manual scan view report issues
[*] WAF enhanced configurations
[*] Fixed issues with the brute-force scripts
[*] cPanel plugin scan license error fix

Version 1.64 [ 11-Nov-2017] 
[+] Introduced WAF which can manage from the UI
[+] Quarantine file listing with delete and restore option
[+] New software update system, which can use to update on demand
[+] Domain whitelist for brute-force attacks
[+] Logs are now stored in MySQL for organized storage and analysis
[+] Manual scan report can view even if it is interrupted
[*] CSF block intermittent issues
[*] Broken JSON files is fixed
[*] Manual Scan report view AJAX reload is fixed
[*] Missing email alerts issues are fixed
[*] Broken stats issue is fixed

Version 1.63 [ 19-Oct-2017] 
[*] Fixed bug with blocking IP addresses using CSF firewall   
[*] Fixed bug in quarantine files and add additional checks to evaluate the action
[*] Fixed multiple logging of manual scan
[*] Updated cPGuard algorithm to detect and watch new directories 
[+] Added more virus signatures
[+] cPanel plugin which can use cPanel users to scan their directories 

Version 1.62 [ 11-Oct-2017]
[*] Fixed the listing of IP addresses in RBL summary list even after removed from the list or removed from the server  
[*] Fixed RBL link on dashboard
[*] Fixed brute-force log data format issues

Version 1.61 [ 02-Oct-2017]
[+] Updated Signatures
[*] Fixed cross-link file quarantine issue for automatic scanning and manual scanning 
[*] Fixed bug in brute-force protection and eliminate listing server IP address

Version 1.60 [ 20-Sep-2017]
[+] Manual scan stop option
[+] Interrupted manual scan status will be updated accordingly in UI
[+] Display actual file path in manual scan report
[+] Enhanced RBL alert email template
[*] Fixed bogus IP address in RBL checking
[*] Implemented autocorrection for brute-force database error
[*] Removed repeated logging of same infected files
[-] Removed DDoS guard module from future plans. We will consider a more generic solution

Version 1.58 [ 18-Sep-2017]
[+] Updated Signatures
[*] Fixed settings data overwriting issues while updates 
[*] Fixed false symbolic link alarm for www and access-logs during manual scanning

Development and Trial Versions [ 12-Feb-2017 to 18-Sep-2017 ] 

[*] Bug fixes or enhancements 
[-] Feature removed
[+] Feature added

 

 

 

 

Please rate this article to help us improve our Knowledge Base.

3 0