cPFence & Ubuntu Upgrade

wcors

@cPFence I have a question regarding the Enhance Control Panel that I am currently running on Ubuntu 22 LTS. I plan to upgrade it in the future, in about a year. Do you provide the necessary upgrade instructions for cPFence, specifically for upgrading from Ubuntu 22 to 24 LTS?

Does @cPFence cover the immediate ban on an IP address that is disturbing the environment with too many GET requests? Also, does it address WordPress security?

cPFence

wcors

For upgrading, you can follow this step-by-step guide: How to Upgrade from Ubuntu 22.04 to 24.04.

Yes, cPFence automatically blocks IPs that make more than 100 concurrent connections to the server, helping to maintain server stability.

As for WordPress security, we’ve introduced a new WordPress Security module packed with great features. You can learn more about it here: WordPress Security Made Easy with cPFence’s New Features.

wcors

Thanks! i have purchased that. where to see quarantine files? that are affected? and why OLS/LS WAF Module is by default turned off?

cPFence

wcors

Thanks for your order. The WAF module is disabled because you are likely not using OLS/LS web servers, and cPFence WAF currently only supports those.

To view a list of quarantined files, you can use the following command:

ls /opt/cpfence/quarantined/

Additionally, you can check the log of quarantined files here:

/var/log/cpfenceav/infections.history

gmakhs

cPFence Does file integrity check offers a DYI option so the client can do the changes himself or an admin has to manage ?

Would be nice if enhance give you the option to have a UI interface as a plugin in their theme

cPFence

gmakhs Does file integrity check offers a DYI option so the client can do the changes himself or an admin has to manage ?

No, it's only for the admin at the moment. The way I like to use it is by switching to hourly checks and keeping auto file quarantine off initially to review for false positives.

If you find a client with lots of customizations or stupid core WordPress changes, you can add their site to the whitelist:
/opt/cpfence/user-config/cpfowl/exclude_integrity_check_sites.txt
Then whitelist specific legitimate file names (if any):
/opt/cpfence/user-config/cpfowl/exclude_integrity_check_files.txt

Once that's done and there are no further notifications from cPFence, I enable auto file quarantine and keep hourly checks to ensure WordPress installations remain bulletproof.

grady

cPFence I tried this and set hourly for the past week with 0 notifications. Earlier today I manually added a comment line in /wp-content/index.php without notification. I am receiving notifications from cPFence, most recently last night.

cPFence

grady

I’ve replied to your ticket now. Please check it so we can get this sorted out for you. Thanks.