cPanel is an online Linux-based web hosting control panel that provides a graphical interface (GUI) and automation tools designed to simplify the process of hosting a web site to the website owner or the “end user”. cPanel utilizes a three-tier structure that provides capabilities for administrators, resellers, and end-user website owners to control the various aspects of website and server administration through a standard web browser. While cPanel is limited to managing a single website, the server administration panel of which cPanel is a part is known as WHM, short for WebHost Manager.
In addition to the GUI, cPanel also has command line and API-based access that allows third-party software vendors, web hosting organizations, and developers to automate standard system administration processes
WHM is designed to function either as a dedicated server or virtual private server. The latest WHM version supports installation on CentOS, Red Hat Enterprise Linux(RHEL), and CloudLinux OS.] cPanel 11.30 is the last major version to support FreeBSD
Application-based support includes Apache, PHP, MySQL, PostgreSQL, Perl, and BIND (DNS). Email-based support includes POP3, IMAP, and SMTP services. cPanel is accessed via HTTPS on port 2083, while WHM is accessed via HTTPS on port 2087.
Once installed, WHM cannot be easily removed. WHM’s FAQ states that the best way to uninstall WHM is by reformatting the server. However, uninstall guides are available online for expert server administrators who do not wish to reformat their server. Similarly, it should only be installed on a freshly installed operating system with minimal prior configuration.
Change Log for 78.0.21Entry: 2019-04-09, 01:30 (UTC)
- Fixed case CPANEL-25310: Fix uninitialized variable warning in Backblaze transport.
- Fixed case CPANEL-26688: Fix bug in backup transporter testing script caused by bad require.
Change Log for 78.0.20Entry: 2019-04-02, 17:30 (UTC)
- Fixed case CPANEL-23165: Ensure cphulkd service checks verify the socket files exist.
- Fixed case CPANEL-23889: Ensure the PHP-FPM packages are installed prior to switching PHP versions.
- Fixed case CPANEL-24289: Display modsec_vendor SSL error during upcp process.
- Fixed case CPANEL-25278: Make account removal tolerate invalid web vhosts config.
- Fixed case CPANEL-25310: Fix bug where the file upload part counter was being improperly incremented when a part failed to upload in a manner we could re-try.
- Fixed case CPANEL-25611: Fix checkallsslcerts for servers with an IPv6 address.
- Fixed case CPANEL-26195: Ensure MariaDB 10.3 is supported on new cPanel installs.
- Fixed case CPANEL-26228: Reuse DNS query ID for parallel queries in DNS resolver.
- Fixed case CPANEL-26238: Disable persistent UDP in DnsRoots::Resolver.
- Fixed case CPANEL-26312: Ensure install is successful when /etc/install_legacy_ea3_instead_of_ea4 exists.
- [security] Fixed case CPANEL-26539: Update dovecot to 2.3.5-3. Fixes CVE-2019-7524.
Change Log for 78.0.18Entry: 2019-03-20, 01:30 (UTC)
- [security] Fixed case SEC-477: Unsafe file operations as root in SSL certificate storage.
- [security] Fixed case SEC-479: Local root via userdata cache misparsing.
- [security] Fixed case SEC-480: Code execution via addforward API1 call.
- [security] Fixed case SEC-481: Unsafe terminal capabilities determination using infocmp.
- [security] Fixed case SEC-483: Open mail relay due to faulty domain redirect routing.
- [security] Fixed case SEC-484: Limited file read as root via EXIM virtual_user_spam router.
- [security] Fixed case SEC-487: Demo account code execution via securitypolicy.cgi
- [security] Fixed case SEC-493: Remote Stored XSS Vulnerability in BoxTrapper Queue Listing
Change Log for 78.0.17Entry: 2019-03-11, 17:30 (UTC)
- Fixed case CPANEL-25247: Fix erroneous use of continue instead of next in backblaze transport.
- Fixed case CPANEL-25795: Update exim to version 4.91-5.cp1178
- Fixed case CPANEL-25926: Update cpanel-perl-528-Net-Amazon-Signature-V4 to 0.19-2.
Change Log for 78.0.16Entry: 2019-03-07, 06:30 (UTC)
- Fixed case CPANEL-25577: Don’t generate errors attempt to convert non-existent ssl-parameters.dat on new installs.
- Fixed case CPANEL-25846: Email Deliverability +include customization now validates as zone-name.
- Fixed case CPANEL-25909: Cache root nameserver lookups in DNS resolver.
- Fixed case CPANEL-25929: Ensure pkgacct can dump MySQL data as the user.
- Fixed case CPANEL-25954: Honor email notification setting for UAPI Backup::fullbackup_to_homedir.
- Fixed case CPANEL-25955: Add support for some OpenStack QEMU systems.
- Fixed case CPANEL-25960: Prevent spurious update error notification when yum writes to STDERR.
Change Log for 78.0.15Entry: 2019-03-05, 02:30 (UTC)
- Fixed case CPANEL-25389: Preserve munin-node.conf when changing major Perl versions.
- Fixed case CPANEL-25413: Make create_user_session return an ip if the hostname is missing dns.
- Fixed case CPANEL-25806: Match exim white-space behavior when parsing /etc/mailips.
- Fixed case CPANEL-25849: Rename invalid PHP-FPM config files during service startup.
- Fixed case CPANEL-25893: Block updates for CentOS/RHEL 7 when outdated openssl is installed.
- Implemented case CPANEL-25414: Provide a one time login url after the install.
- Implemented case CPANEL-25899: Fallback to IPv4 DCV when IPv6 DCV fails for known proxies.
Change Log for 78.0.13Entry: 2019-02-27, 02:30 (UTC)
- Fixed case CPANEL-25203: Add a stronger out of date notification for MySQL versions less than 5.6.
- Fixed case CPANEL-25612: Ensure Global DCV passthrough defaults to On.
- Fixed case CPANEL-25626: EA4 install should use cPanelPublicRPMKey.asc.
- Fixed case CPANEL-25629: Add removed options for MariaDB 10.3 to migration.
- Fixed case CPANEL-25680: Improve reliability of gpg key download in fix-cpanel-perl.
- Fixed case CPANEL-25682: Resolve installer and UI errors when no license is provisioned.
- Fixed case CPANEL-25734: Prevent resolver from inheriting nameservers for root domains.
- Fixed case CPANEL-25762: Improved validation of the mdbox_rotate_interval dovecot setting.
- Fixed case CPANEL-25765: Update cpanel-phpmyadmin to 4.8.3-7.
- Fixed case CPANEL-25785: Fix restoration of MySQL password hashes in account restorations.
- Fixed case CPANEL-25790: Block updates to cPanel & WHM version 78 from LiteSpeed versions which are older than 5.3.6.
Change Log for 78.0.12Entry: 2019-02-25, 02:30 (UTC)
- Fixed case CPANEL-25816: Fix cpsrvd startup issues.
Change Log for 78.0.11Entry: 2019-02-21, 06:30 (UTC)
- Fixed case CPANEL-25758: Prevent cpsrvd from calling cpkeyclt too many times at startup
Change Log for 78.0.10Entry: 2019-02-19, 02:30 (UTC)
- Fixed case CPANEL-22906: SPF record types in zone files are now treated as TXT records.
- Fixed case CPANEL-25216: Remove unneeded .ssh directory from /var/lib/mysql.
- Fixed case CPANEL-25351: ChkServd must do hard restarts to recover failed services.
- Fixed case CPANEL-25395: Prevent checkallsslcerts from running from restartsrv_httpd.
- Fixed case CPANEL-25402: Ensure graceful tailwatchd restarts are successful.
- Fixed case CPANEL-25425: Reduce time needed to update EA4.
- Fixed case CPANEL-25455: Nameserver lookup always fails during zone creation.
- [security] Fixed case CPANEL-25461: Update cpanel-dovecot to 184.108.40.206-1 for CVE-2019-3814.
- Fixed case CPANEL-25481: Check for conflicts in the userdata cache when restoring domains.
- Fixed case CPANEL-25483: Prevent removing dns zones that are still linked to active domains.
- Fixed case CPANEL-25495: Fix rebuild_phpconf to continue when there are errors due to an account being over quota.
- Fixed case CPANEL-25522: Prevent cPanel logins from blocking forever if cphulk is unresponsive.
- Fixed case CPANEL-25560: Fix permissions on update_sa_config.
- Fixed case CPANEL-25580: CloudLinux 7 install can fail if libicu is missing.
- Fixed case CPANEL-25594: Auto clear dovecot auth cache after cpsrvd recovery.
- Fixed case CPANEL-25604: find_outdated_services must ignore auditd.
- Fixed case CPANEL-25609: Prevent check_mysql from running when local MySQL is disabled.
- Fixed case CPANEL-25615: cphulkd fails to bring dbprocessor back up if it fails.
- Fixed case CPANEL-25623: Prevent deadlock while running build_mysql_conf during MySQL upgrade.
- Fixed case CPANEL-25624: Wait for mysql to startup before declaring an upgrade has failed.
Change Log for 78.0.7Entry: 2019-02-08, 06:30 (UTC)
- Fixed case CPANEL-25205: Updated display of domain names in the Site Publisher interface.
- Fixed case CPANEL-25257: De-duplicate restart requests for Apache PHP-FPM when creating or enabling FPM for cPanel users.
- [security] Fixed case CPANEL-25286: Update to cpanel-phpmyadmin to 4.8.3-6 to address CVE-2019-6798 and CVE-2019-6799.
- Fixed case CPANEL-25292: Present the appropriate Litespeed licensing options in the EasyApache 4 interface based on the server’s installed RAM.
- Fixed case CPANEL-25320: EasyApache 4: Autoscroll the output window instead of the browser window.
- Fixed case CPANEL-25377: Fix initial cPanel installs stalls because dnsadmin was started too late.
- Fixed case CPANEL-25397: Prevent duplicate service restarts during tweaksettings save.
- Fixed case CPANEL-25401: Prevent setupmailserver from running checkallsslcerts.
Change Log for 78.0.6Entry: 2019-02-05, 06:30 (UTC)
- Fixed case CPANEL-21675: The “Create Support Ticket” wizard will now suggest opening tickets with the users license provider.
- Fixed case CPANEL-22514: Adjust maxmem minimum to 4GiB for mmap()ed files.
- Fixed case CPANEL-22775: Lift quotas during Roundcube sqlite conversion sooner.
- Fixed case CPANEL-23334: Update ClamAV to version 0.100.2
- Fixed case CPANEL-24687: Add mysqlclient16 to the MySQL installers incompatible list.
- Fixed case CPANEL-25047: Add thread_concurrency to the MySQL 5.7 migration list.
- Fixed case CPANEL-25083: Update PTR Messaging in Email Deliverability.
- Fixed case CPANEL-25089: Email Deliverability: Let users scroll through DKIM keys in the UI.
- Fixed case CPANEL-25090: Verify DKIM validity cache when validity check API confirms validity.
- Fixed case CPANEL-25091: Update cpanel-perl-528-munin to 2.0.30-2.
- Fixed case CPANEL-25108: Make service manager always check local MySQL version.
- Fixed case CPANEL-25126: Rebuild user’s PHP handlers on upcp to 78 in case format changes.
- Fixed case CPANEL-25132: Ensure WHM can load when proxied under CloudFlare.
- Fixed case CPANEL-25146: Reject invalid tags in DKIM RR parsing.
- Fixed case CPANEL-25147: Email Deliverability: Fix double HTML-encode in read-only form values.
- Fixed case CPANEL-25153: Regenerate DKIM public keys when they are missing.
- Fixed case CPANEL-25157: Update MySQL56 to 5.6.43-2.
- Fixed case CPANEL-25165: Correct display of data for third party hostname certificate replacement.
- Fixed case CPANEL-25169: Update cpanel-phpmyadmin to 4.8.3-5.
- Fixed case CPANEL-25171: Ensure Cookie IP Validation works with IPv6.
- Fixed case CPANEL-25197: Use SafeRun Object for sql backups to ensure failure detection.
- Fixed case CPANEL-25209: IPv6 Support for DCV.
- Fixed case CPANEL-25219: Fix quota under dovecot 2.3 when an inode limit is setup.
- Fixed case CPANEL-25220: Prevent mailrecords from loading Crypt::Format for most matches.
- Fixed case CPANEL-25264: Change the wrapper hash key in whmapi EmailAuth to payload.
- Fixed case CPANEL-25294: Ensure the EasyApache 4 interface is functional when cPStore is unreachable.
- Implemented case CPANEL-25098: Email Deliverability: Re-term “Download” as “View” for DKIM keys.
- Implemented case CPANEL-25180: Disable LiteSpeed links in EA4 interface when needed.