Improvements on RASP / WAF rule updates in long running PHP process'

Further iteration of WAF / RASP rule support

Bug fix when updated waf / rasp rules in long running PHP process'

Updates to allow the payload size from protect -> agent to be configurable (in support of waf / rasp rules)

Bug fixed for 5.* versions of php causing the extension not to load in some environments (introduced in prior build)

Improved IP tracking capabilities

Minor bug fixes around the evaluation of rasp / waf rules and generally improved performance

Further iteration on WAF and RASP rule execution (bug fix, really)

Improved error handling in our autodetect script to capture and carry on rather (when appropriate) rather than exist installation entirely.

Implementing new communication structure to support WAF and RASP rule updates and telemetry tracking.

Bug fixed when blocking malicious requests in alt php env's

Further implementation of WAF functionality / rule execution and audit

Bug fixed in the autodetect scripts for debian variants

Introducing support for copying .so files into place for Enhance Control Panel

Measuring communication time between our agent and zend extension

Improvements to the additional telemetry introduced on 5.0.155

Additional telemetry to enable evaluating additional preventative rules in the php engine

Cleaned up an edge case causing occasional invalid JSON messages from protect

PHP 8.3 Support

Additional telemetry and remediation capability for unlinked php process an in-memory php malware

Initial support for Ubuntu 23 (Lunar Lobster)

Additional telemetry for malicious file inclusions

Telemetry tracking sql usage, admin user creation and permission adjustment

Resolved a bug in autodetect installation in Debian / Ubuntu environments where apache isn't available

Resolved a bug in autodetect installation in RPM environments causing symlinks to .so files to be removed during the upgrade process

Implemented more reasonable limits on backtraces captured during file creation

Removal of support for 5.x versions of php in autodetect

Debian 12 / Bookworm Support

Bug fix resulting invalid JSON being sent to the agent

Additional PHP install locations for litespeed in monarx-protect-autodetect package

Extension wide optimization and improved test coverage.

Enabling monarxprotect extension in CloudLinux php selector for version 8.2

Started signing our RPM packages with GPG keys (it's about time)

PHP 8.2 Support

Optimization reducing the amount of trips to the file system in environments where it's not warranted

Introduced monitoring of continuous execution within our watched php functions.

Long running php process analysis enabling remediation of some strains of persistent malware

Resolved a bug causing protect to forward on invalid json onto our agent - which it didn't like.

Bug resolved resulting stack overflow caused by function recursion

PHP 8.1 support for Ubuntu 20 environments

Cache optimizations

Improved handling or the required and include call monitoring

PHP 8.1 support for cloudlinux php version selector

PHP 8.1 support (new monarxprotect-php81.so available)

Additions to the monarx-protect-autodetect package to create symlinks / ini files in common php locations

Removing additional UDP request to the agent when a clean file is activated.

Remove ancillary calls to the agent when evaluating what action should be taken on a file.

Reduced protect connection timeout when communicating with the agent

Additions to support php 7.4 discovery in litespeed environments with autodetect package

Resolved bug with deb autodetect script failing to restart apache

Resolved issue with missing sparse JSON being sent to the agent

Improvements to autodetect discovery scripts for RPM variants

Excluded deposits that weren't actually deposits, causing useless load / noise

Support for file-attribute-disabled files systems

Agent 4.* compatibility updates

Increase timeout to 10ms for file attribute lookups

Prep for coming agent revisions

Pruning out any possibility of writing out .mx files, regardless of configuration\

Pruning out tracking of obsolete functions

Reverting local variable and stack use optimization introduced in prior deploy

Local variable and stack use optimization

Updated to how we use zend memory manager

Resolved bug with caching of file classification causing intermittent blocking of file execution

Resolved bug with blocking of included files that would result in the entire execution to be blocked

Introduced spam research capability for 5.* versions of PHP

Introduced spam filtering rules for 5.* and 7.* versions of PHP

Resolved bug causing deposits to be intermittently dropped due to a data integrity issue

Resolved bug causing file uploads to fail intermittently due to too many file handles open

Support to for additional function tracking coming from the protect module, including metrics around php mailer.