XtendWeb-4.6-13 and nginx-1.15.3-4 now available

  • September 14, 2018 by Anoop Alias


XtendWeb-4.6-13 and nginx-1.15.3-4 is now available in the yum repository

Upgrade instructions:






1. TLS Cipherlist setting reverted - nginx 1.15.3-2 was configured with strong cipher suites list  from https://cipherli.st/

But because this list was not compatible with some old mobile devices, which is still used in developing countries, the cipher settings have been reverted in this release. The setting from cipherli.st is still available in /etc/nginx/conf.d/http_settings.conf  in the commented form and a server administrator can still choose this over the old setting by uncommenting it 

2. The WHM UI now includes an abnormal process tracker that show any Perl based malware or binary malware running under cpanel users. http://i.imgur.com/75hRp8x.png . This script was included as part of XtendWeb because we have found that many commercial malware scanners lack the simple ability to determine such process and it often keeps running for ages consuming system resources and often sending spam.Note that the GUI just provide an administrator with the details of the malware and it is up to the admin to clean up any malware and kill the malware process 

3. Better and stable Mod_sec v3  -- Mod_Sec v3 (libmodsecurity ) that comes packaged with this release is more stable with a lot of upstream fixes. Although the beta warning still holds, it should work fine in most environments. OWASP CRS v3.1(dev) branch is bundled with this release 


* All installations and upgrade are free with license subscription. Please open a support ticket if you need assistance in installing  or upgrading XtendWeb or XtendWeb cluster

** If you have managed service with us - the upgrade is already complete or scheduled 

Thank you,