cPanel Protects Against PHP Vulnerability

cPanel & WHM servers using the default cPanel PHP CGI configuration are not vulnerable to the command line switch vulnerability.

A recently disclosed flaw in PHP’s CGI implementation allows malicious users to remotely view and execute source code. The exploit was documented by the Eindbazen team and documented as CVE-2012-1823.

cPanel & WHM servers are not affected by this, thanks in part to a wrapper script used by cPanel & WHM when Apache is configured to use CGI for the PHP handler. This wrapper script does not pass through any command line options.

Server administrators are encouraged to verify their PHP configuration.

When configured to use CGI or FCGI, cPanel & WHM instructs Apache to use the following wrapper script /usr/local/cpanel/cgi-sys/php5 or /usr/local/cpanel/cgi-sys/php4 (The number after “php” is based upon the current major version of PHP.) The unmodified version of the wrapper script looks like the following:

The $binary placeholder will contain /usr/bin/php or /usr/php4/bin/php By default, no command line parameters are included.

# If you customize the contents of this wrapper script, place
# a copy at /var/cpanel/conf/apache/wrappers/php$php_version
# so that it will be reinstalled when Apache is updated or the
# PHP handler configuration is changed
exec $binary

Read CVE-2012-1823

Posted in News

cPanel releases EasyApache 3.12

EasyApache 3.12 improves CloudLinux’s modhostinglimits, modmono compatibility on CentOS 4, and mod_ruid2 to suPHP support

We are excited to announce the release of EasyApache 3.12. The latest version provides numerous updates.

  • CloudLinux’s mod_hostinglimits has been updated to 0.9-5. This will impact all of those who use CloudLinux.
  • The issues caused by the glib2 update when building mod_mono on CentOS4 have been resolved.
  • Switching between mod_ruid2+DSO to suPHP will no longer cause permission errors that can cause PHP sites to no longer function.
  • PHP will now use the system time zone database rather than the one built into PHP, which will ensure PHP applications receive timely updates to time zone changes

We strongly recommend that all server administrators rebuild their EasyApache profile immediately.

To rebuild the EasyApache profile:

  1. Log in to WHM as the root user.
  2. Click on the EasyApache (Apache Update) link in the left menu.
  3. If you wish to keep the same configuration, simply click Build Profile.
Posted in Release Announcements

cPanel Releases cPanel & WHM 11.32 to the RELEASE tier

Houston, TX — cPanel & WHM version 11.32, which released today to the RELEASE tier, offers numerous updates, including enhancements to mail functionality and login screens. It also officially supports DKIM and includes the Logaholic web analytics application. This latest release features 202 bug fixes and case implementations since going to the EDGE tier on February 15, 2012.

Learn more about 11.32 updates and enhancements:

Posted in Release Announcements

cPanel releases EasyApache 3.11.2

EasyApache 3.11.2 includes improvements to FastCGI, along with numerous interface adjustments

The release of EasyApache 3.11.2 removes a previous patch that hindered FastCGI performance. This update also corrects a previous patch that resulted in problems with FcgidMaxRequestLen. Both, FastCGI and FcgidMaxRequestLen, now operate at expected performance levels.

The interface has also been updated to make the navigation and setup of EasyApache easier. These changes include:

  • Marking PHP 4 as End of Life.
  • Marking Frontpage as deprecated.
  • Providing a link to documentation when enabling mod_ruid2.

Frontpage has also been added as incompatible with mod_ruid2.

We strongly recommend that all server administrators rebuild their EasyApache profile immediately.

 To rebuild the EasyApache profile:

  1. Log in to WHM as the root user.
  2. Click on the EasyApache (Apache Update) link in the left menu.
  3. If you wish to keep the same configuration, simply click the Build Profile
Posted in Release Announcements

cPanel releases updates for cPanel & WHM 11.30

cPanel & WHM provides major fixes for CentOS 4 as well as other minor fixes

The recent end of life to CentOS 4 by CentOS, provided issues when updating or installing packages from YUM. cPanel located the correct files at and pointed the YUM repository to them. Updates were also made to the YUM process of attempting to autorepair the package manager.

Changes have been made to the Modify an Account process. Issues that may occur when changing CGI settings and CGI access have been addressed.

The final issue addressed in resolves a problem when enabling or disabling AWStats through WHM. 

We strongly recommend that all server admins update their cPanel & WHM servers immediately.

To update cPanel & WHM manually:

  1. Log into WHM as the root user. 
  2. Click on the WHM 11.30.X (build X) link on the top right corner of the screen.
  3. Click the button labeled Click to Upgrade.
Posted in Release Announcements

PHP 4 End of Life announcement

cPanel to End Support for PHP 4. cPanel announces that EasyApache will no longer support PHP 4 beginning May, 2012.

PHP 4 has not been actively developed, or supported by the PHP developers, for several years. Many CVEs reported against newer versions of PHP are also applicable in version 4, but remain unaddressed by the PHP developers.

EasyApache will soon warn administrators that PHP 4 has reached End of Life when PHP 4 is selected. As early as EasyApache 3.12, PHP 4 will be removed from EasyApache. For an indeterminate period PHP 4 will be available as a Custom Option Module on This Custom Option Module is provided as a convenience for those who may need a longer period of time to transition away from PHP 4.

Posted in Press Releases

Pre-Launch for Attracta SEO Tools Integration

At cPanel Conference 2011, cPanel announced the upcoming launch of Attracta SEO tool features within cPanel & WHM.  cPanel and Attracta have launched a special site ( ) dedicated to partners wishing to gain full access to the upcoming features.

Attracta SEO tools are scheduled for release to the cPanel & WHM EDGE tier at the beginning of April with availability in the CURRENT tier later in the month. Continue reading

Posted in Press Releases | Tagged: ,

Web Hosting at South By Southwest

On Monday, March 12, 2012, cPanel will travel to Austin, Texas and join a number of Partners, industry friends, and hosting guru’s at this year’s South by Southwest 2012 (SxSW) conference.

cPanel & WHM powers some of the largest and most successful web hosting companies in the world and provides web site owners with complete control over their hosting environment.

cPanel will also unveil its new “Launch in 60 Seconds Challenge” at SxSW!  This interactive game will challenge attendees to build a website as quickly as possible for a chance to win awesome grand prizes.  Do you think you have what it takes to beat our best score of 60 seconds?  If so, stop by booth number 204 and show your skills!

Here is how the challenge works:
You will become a website user who has just had account created by a server administrator.  Your mission is to get a website launched as quickly as you can!  We will record the top times in three-hour blocks.  The fastest time in each three-hour block will win a Kindle Fire tablet!

The hosting community has increased its presence at SxSW over the past few years.  Below is a list of some our closest friends and Partners who will exhibit next week:


* Current cPanel Partner NOC’s

Stop by booth number 204 and we will show you how cPanel & WHM can improve your web hosting experience.  If you love hosting or have questions, come by and talk to one of our cPanel experts during the conference.

We’ll see you in Austin!

Posted in Events | Tagged: , ,

CentOS 4 and RHEL 4 6-Month End of Life Notice

For continued compatibility with the latest versions of cPanel & WHM, please update your server to CentOS 6 or RHEL 6.

CentOS and Red Hat discontinued support for version 4 of their respective operating systems on February 29, 2012.

cPanel & WHM version 11.32 will be the last to support version 4 of these operating systems. In accordance with our end of life policy, cPanel & WHM will continue to function on these systems after the operating system end of life date.

If you currently run version 4 of CentOS or RHEL, we recommend upgrading your server to version 6 of your operating system.

To determine your installed operating system version, use the following command:
cat /etc/redhat-release

For more information, please visit:

Posted in Press Releases

cPanel Acquires Small Web Hosting Company to Increase User Testing

cPanel, Inc., announced that its subsidiary, Hostbed, L.L.C., has acquired, a small website hosting solutions provider.  The purchase gives cPanel a direct platform for real-world testing of its products. will continue to operate under its current name.

cPanel Vice President Aaron Philips said that with the acquisition, cPanel will be able to gain a deeper understanding of how website owners use cPanel’s software. “This will be accomplished by having direct access to live server data, help desk tickets, and hosting company feedback” Continue reading

Posted in Press Releases
Page 18 of 33« First...10...1617181920...30...Last »