CSF Firewall Behaviour chaged after recent update

I notice that all of a sudden after the update too 11.52.0 that many notifications are no longer working with CSF firewall. It's happening on each server after they updated. Anyone else seeing this? Any suggestions as to why? No answers on the configserver forum.

 

Root access and relay alerts for sure. There may be others. I am receiving block, excessive and suspicious process notices.

 

Nope that did not work. Tried changing the syslog settings and did a restart and that changed nothing as well. Checked my receiving email account to verify that the sending servers' email addresses were in the allowed groups. OK. Checked the junk mail files. Nothing there. I am at a bit of a loss now.

 

Here's something interesting. Not sure it's related. It's the cPanel error log.

Code:

cpanel::cpsrvd::servcontent("./robots.txt", "text/plain", 1, 0, 1, 1, 0) called at cpsrvd.pl line 4428
cpanel::cpsrvd::handle_unprotected_docs() called at cpsrvd.pl line 1033
cpanel::cpsrvd::handle_one_connection() called at cpsrvd.pl line 884
cpanel::cpsrvd::script() called at cpsrvd.pl line 379
[2015-11-17 09:50:08 -0500] warn [cpsrvd] Duplicate logaccess:  at /usr/local/cpanel/Cpanel/Server/Logger.pm line 84, line 2. Cpanel::Server::Logger::logaccess(Cpanel::Server::Logger=HASH(0x37371c8)) called at /usr/local/cpanel/Cpanel/Server.pm line 379 Cpanel::Server::logaccess(Cpanel::Server=HASH(0x38e75c8)) called at cpsrvd.pl line 3106 cpanel::cpsrvd::logaccess() called at cpsrvd.pl line 2761 cpanel::cpsrvd::servcontent("./robots.txt", "text/plain", 1, 0, 1, 1, 0) called at cpsrvd.pl line 4428 cpanel::cpsrvd::handle_unprotected_docs() called at cpsrvd.pl line 1033 cpanel::cpsrvd::handle_one_connection() called at cpsrvd.pl line 884 cpanel::cpsrvd::script() called at cpsrvd.pl line 379 at /usr/local/cpanel/Cpanel/Server/Logger.pm line 84, line 2. Cpanel::Server::Logger::logaccess(Cpanel::Server::Logger=HASH(0x37371c8)) called at /usr/local/cpanel/Cpanel/Server.pm line 379 Cpanel::Server::logaccess(Cpanel::Server=HASH(0x38e75c8)) called at cpsrvd.pl line 3106 cpanel::cpsrvd::logaccess() called at cpsrvd.pl line 2761 cpanel::cpsrvd::servcontent("./robots.txt", "text/plain", 1, 0, 1, 1, 0) called at cpsrvd.pl line 4428 cpanel::cpsrvd::handle_unprotected_docs() called at cpsrvd.pl line 1033 cpanel::cpsrvd::handle_one_connection() called at cpsrvd.pl line 884 cpanel::cpsrvd::script() called at cpsrvd.pl line 379

 

Just an update. I am receiving relay alerts. Not secure logins though.

 

Hey. Weird. I did that and got the notice. I guess it works after all.

 

Thanks for your help. Not sure why it won't notify me of my sign-ins but as long as I know about sign-ins from other IP addresses, that's what counts.