{"id":67337,"date":"2024-10-29T14:17:06","date_gmt":"2024-10-29T14:17:06","guid":{"rendered":"https:\/\/devel.www.cpanel.net\/?p=67337"},"modified":"2024-10-29T14:18:51","modified_gmt":"2024-10-29T14:18:51","slug":"from-detection-to-action-handling-fraudulent-cpanel-whm-licenses","status":"publish","type":"post","link":"https:\/\/devel.www.cpanel.net\/blog\/security\/from-detection-to-action-handling-fraudulent-cpanel-whm-licenses\/","title":{"rendered":"From Detection to Action: Handling Fraudulent cPanel & WHM Licenses"},"content":{"rendered":"\n

Don’t let fake cPanel licenses ruin your business. Fraudsters are on the rise, targeting both Partners and end-users. In this blog, we’ll expose their tactics, provide tools to protect yourself, and guide you toward legitimate licensing solutions. It’s time to take a stand against fraud and ensure the security and integrity of your cPanel environment.\u00a0<\/p>\n\n\n\n

Warning Signs<\/h2>\n\n\n\n

Do you ever encounter pricing for a high cPanel license tier that seems almost too good to be true? Do you attempt to contact your license provider for cPanel troubleshooting only to get the run-around? Does your license provider or host need to frequently \u201creplace\u201d the installed cPanel license on your server? These are some indicators of red flags with fraudulent retailers.  <\/p>\n\n\n\n

Fraudsters will also claim that they are using a \u201cGPL\u201d version of a cPanel license to back up their false claim of legitimacy. GPL stands for General Public License, a license type that allows users to copy, modify, and otherwise share applicable software for distribution as they see fit. To be clear, there are no GPL versions of cPanel & WHM. <\/p>\n\n\n\n

The Risks<\/h2>\n\n\n\n

Due to how cPanel\u2019s licensing system functions, fraudsters need to go to great lengths to \u201ccrack\u201d the mechanisms we have in place by configuring license circumvention scripts and software. This software is installed at the root level and almost always contains additional backdoors. Independent security investigations have found known compromises related to these licenses. <\/p>\n\n\n\n

Because these licenses also try to evade our licensing servers, they often will not receive important updates containing vital security patches. This can leave your server and website vulnerable to third-party exploits. <\/p>\n\n\n\n

In the event a user of a circumvented license reaches out to cPanel support for assistance, unfortunately, we must consider the associated server as root compromised, and we will not be able to provide support. The only actions that can be considered to address a root compromised server reasonably are to perform a fresh Operating System and WHM\/cPanel installation and restore account backups, or to migrate the accounts to a known clean server that has not been previously root compromised. <\/p>\n\n\n\n

Is My License Legitimate? <\/h2>\n\n\n\n

You want to believe you can trust a vendor, but if some of the red flags we outlined above sound all too familiar then you need to verify claims that the license you purchased from them is legitimate. Fortunately, verify.cpanel.net<\/a> is free and easy to use at any time.<\/p>\n\n\n\n

How to verify a license<\/h3>\n\n\n\n
    \n
  1. Navigate to verify.cpanel.net<\/li>\n\n\n\n
  2. Input your server\u2019s IP address and click \u201cVerify License\u201d. If you do not know your server\u2019s IP address, access your server via terminal and run the following command: curl -L https:\/\/cpanel.net\/myip<\/a> <\/li>\n\n\n\n
  3. A legitimate cPanel license will appear like this: <\/li>\n<\/ol>\n\n\n\n