ConfigServer Community Forum

Thinking about it, I don't think the dir: ignore will work for a single file. I'll look into it further today...

You should edit /etc/cxs/cxsftp.sh and add the --ignore /path/to/your/ignorefile to the cxs command. If this still doesn't work, then try the lines without trailing /'s in the ignore file. Let me know the outcome. I'll see if I can tighten the file magic that identifies scripts to avoid the false-po...

What is the exact line you have in your ignore file for this? Is cxsftp.sh using that ignore file as it is not mentioned on the command line in the email? For the jpg, are you sure it's a jpg. There are exploits that are in fact scripts that upload as image files, though it is possible for a false-p...

Many thanks to all of your posts to this thread. We've a few things to tidy up, then hopefully we'll have a release candidate available shortly.

We've taken on board your ideas and suggestions. Though some may not be included in the first release of the product, they may well appear over time.

Changes: Regex checking expanded for determining the FTP IP address to make it much more reliable Documentation updated to reflect the more reliable nature of the IP address Ensure cxs UI sets permissions on cxs.defaults and cxs.ignore to 644 Added perl module check for IPC::Open3 Tidied up cxs POD ...

Changes: Improved PHP script detection Added --block option to block FTP IP addresses using csf (CGI IP addresses can be blocked using lfd and LF_MODSEC or LF_SUHOSIN as appropriate) Fixed UI rendering problems viewing Quarantine files Fixed UI rendering problems viewing/editing Other Files Fixed pr...

ForumAdmin wrote:I'll keep it under consideration, but am not holding out a great deal of hope for a secure solution to that one

Burnt some plastic cogs in my brain and have come up with a secure way to do it using lfd

Many thanks indeed for all your comments, it's very helpful. I have been looking into a tie in with csf. It's simple to do with FTP as the scanner runs as root. With upload scanning there is a significant security issue as the scanner runs either under the user account or the nobody account. Providi...

A reminder, please, to all testers who haven't expressed an opinion to respond to: http://forum.configserver.com/showthread.php?t=2873 Changes: Fixed problem with --virusscan not showing the full path to the infected file in the Scan Report Removed option --[no]scripts and replaced it with --options...

So, the web page is being developed for cxs now. We're looking for peoples general opinions about the product. Do you like it? Do you think it's useful? Are there features missing? How is the documentation? Do you think it is ready for release? What do you think about the competency required to use ...