We are happy to announce that cPanel, Inc. has released cPanel & WHM Version 76 to the CURRENT tier! Take a look at the full release notes, then join us on Slack, Discord, or Reddit to talk about all the exciting improvements.

Apache PHP-FPM for Faster Websites

We are enabling PHP-FPM for Apache by default for all new installations of cPanel & WHM, allowing your websites to serve more visitors.

All UIs now using PHP 7.2!

We are upgrading the internal PHP Version in cPanel & WHM to the faster and more secure PHP 7.2.

SUMMARY
cPanel, Inc. has updated RPMs for EasyApache 4 with PHP versions 5.6.38, 7.0.32, 7.1.22, and 7.2.10 and released EasyApache 3.36.8 with PHP version 5.6.38 on September 19, 2018. This release addresses vulnerabilities related to CVE-2018-17082. We strongly encourage all PHP 5.6 users to upgrade to versions 5.6.38, all PHP 7.0 users to upgrade to version 7.0.32, all PHP 7.1 users to upgrade to version 7.1.22, and all PHP 7.2 users to upgrade to version 7.2.10.

AFFECTED VERSIONS
All versions of PHP 5.6 through 5.6.37
All versions of PHP 7.0 through 7.0.31
All versions of PHP 7.1 through 7.1.21
All versions of PHP 7.2 through 7.2.9

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

CVE-2018-17082 – MEDIUM
PHP 5.6.38
Fixed bug in Apache2 XSS related to CVE-2018-17082

PHP 7.0.32
Fixed bug in Apache2 XSS related to CVE-2018-17082

cPanel TSR-2018-0005 Full Disclosure

SEC-409

Summary

ClamAV daemon can be shut off by any local user.

Security Rating

cPanel TSR-2018-0005 Announcement

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

cPanel has rated these updates as having CVSSv3 scores ranging from 3.3 to 7.4.

Information on cPanel’s security ratings is available at https://go.cpanel.net/securitylevels.

If your deployed cPanel & WHM servers are configured to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then we strongly encourage you to update your cPanel & WHM installations at your earliest convenience.

cPanel, the Hosting Platform of Choice, is excited to announce the release of cPanel & WHM Version 74, which includes Automated Website Deployment using Git, drastically improved backup speeds, and the fastest and easiest free SSLs yet.

Houston, Texas – September 2018 cPanel & WHM® Version 74 is the third release of 2018 and includes improvements in many of cPanel & WHM’s most popular features.

Git Version Control allows users to easily create and manage Git repositories on their cPanel hosting account. Version 74 now includes the ability to automatically deploy sites and applications from a repository, making it even easier to host your applications on cPanel servers.

The development team has been hard at work over the last year to improve the speed and quality of cPanel’s Automated Backups. cPanel users benefit from up to 60% faster backups and restores. The File and Directory Restore interface for server administrators and hosting users, along with new and improved remote destinations, make cPanel’s backup system one of the most robust on the market.

AutoSSL and SSLs ordered through the cPanel Market Place will see a much higher success rate with this version. cPanel has improved its Domain Control Validation (DCV). DNS-Based validation and Ancestor-based (or primary-domain) validation reduce the work required of a user to get an SSL.

As of cPanel & WHM Version 74’s release to STABLE on September 4th, cPanel & WHM version 72 has reached End of Life and will no longer be supported by cPanel except when upgrading to a supported version.

In accordance with our EOL policy (https://go.cpanel.net/longtermsupport), 72 will continue functioning on servers where it is already installed. The last release of cPanel & WHM version 72, 72.0.12, will remain on our mirrors indefinitely. However, no further updates, such as security fixes and bug fixes, will be provided for 72. Older releases of cPanel & WHM 72 have been removed from our mirrors.

We recommend that all customers migrate any existing installations of cPanel & WHM Version 72 to the most recent version of cPanel & WHM 74, which you can read about on https://releases.cpanel.net.

If your server setup complicates the process of migrating to a newer version of cPanel & WHM (an upgrade blocker list is available at https://go.cpanel.net/blockers), then cPanel is here to help. Simply open a support ticket at https://tickets.cpanel.net/submit so that our knowledgeable support team can provide recommendations, migration assistance, and more.

For the PGP-Signed version of this announcement please see 72 EOL Reminder-signed

The 2018 cPanel Conference in Houston on October 2nd & 3rd, Announces the Tuesday Keynote, Evening Events, and Welcomes More Sponsors!

Houston, Texas – September 2018 – cPanel, L.L.C., the Hosting Platform of Choice, is pleased to announce an addition to the conference schedule! This year’s Tuesday Morning Keynote will be presented by Monty Munford! Monty brings 15 years experience in the mobile, web, and digital sectors. He writes for The Economist, MIT Tech Review, Mashable, TechCrunch, and Wired UK, and speaks on topics that impact technology industries around the world.

Monday night, WHMCS will be hosting a networking event at Chapman and Kirby, with free drinks and light bites. Tuesday, cPanel welcomes all of our attendees to the Irish Cowboy for an 80’s & 90’s themed party with live music by HipHopHurray! Wednesday night attendees only need to go to the fourth floor of the hotel to join us for game night. We’ll have board games and video games to help round out the week.

Over 200 people have already registered this year! All three evening events are included in the cost of an attendee ticket. The attendees who stay at the conference hotel and book their stay before September 8th receive a significant discount on the cost of accommodations.

“We are on track to again meet our goal of releasing four new versions this year, making continuing education more important than ever. Our annual conference provides training on the updates we’ve made this year, as well as insight into where we’re headed,” said Ken Power, Vice President of Product Development.

We are happy to announce that cPanel, Inc. has released cPanel & WHM Version 74 to the STABLE tier! Version 74 includes updates for some of our biggest features. Take a look at the full release notes, then join us on Slack, Discord, or Reddit to talk about all the exciting improvements!

Protect your server’s reputation

The combination of the Monitor Recipients for Potential Spammers, and the Action Taken when Spammers Found additions to Tweak Settings will monitor outbound mail on a per-account basis, and allow webhosts to prevent negative impact from a compromised account.

Host Contact Info Shown to Visitors

To help avoid confusion for hosting clients that are looking for their webhost, we now display the hosting provider’s contact information on the Account Suspended and Default Webpage placeholder pages.

SUMMARY
cPanel, Inc. has updated RPMs for EasyApache 4 with OpenSSL version 1.0.2p on August 29, 2018. This release addresses security vulnerabilities related to CVE-2018-0732 and CVE-2018-0737. We strongly encourage all OpenSSL users to update their version of OpenSSL.

AFFECTED VERSIONS
All versions of OpenSSL through 1.0.2o

SECURITY RATING

CVE-2018-0732 – MEDIUM
Fixed bug key agreement related to CVE-2018-0732

CVE-2018-0737 – MEDIUM
Fixed vulnerability in RSA Key generation algorithm related to CVE-2018-0737

On August 20th, 2018, cPanel signed an agreement to be acquired by a group led by Oakley Capital (Oakley). The group also owns Plesk and SolusVM. This investment will enable significant investment in new product and feature innovation and will support growth in headcount in Houston, Texas, USA where cPanel will continue to be headquartered.

Established in 1997 by CEO Nick Koston, cPanel provides one of the Internet infrastructure industry’s most reliable and intuitive web hosting automation software platforms. With its rich feature set and customer first support, the fully-automated hosting platform empowers infrastructure providers and gives customers the ability to administer every facet of their website using simple point-and-click software. Based in Houston, TX, cPanel employs over 220 team members and has customers in more than 70 countries.
cPanel has developed an FAQ at https://go.cpanel.net/investmentfaq/ that it hopes answers many questions that typically arise following the announcement of a transaction.

“This investment reflects a great step forward for cPanel. Our team has developed software that contributes to the success of millions of websites operating globally and looks forward to continuing to do so with the same passion that you, our loyal customers have come to love. This investment will give Internet infrastructure providers access to a wider range of software, features and support. I am excited about what the future holds for the company and the great team at cPanel.” — Nick Koston, CEO

For further information please contact:
cPanel, Inc.
benny Vasquez, Manager of Community Engagement
832-433-4005
This email address is being protected from spambots. You need JavaScript enabled to view it.

HOUSTON, August 15, 2018 (Newswire.com) – cPanel Inc., the Hosting Platform of Choice, is pleased to announce the conference schedule is now live for its 2018 cPanel Conference in Houston, Texas, on Oct. 1-3. A copy of the schedule is now available on the conference website. Visitors will be pleased with what they see.

Over 100 people have already registered this year, which puts registration well ahead of average. All three evening events are included in the cost of an attendee ticket and with the schedule released, there is no better time to register. Even better yet, attendees who stay at the conference hotel and book their stay before Sept. 8 will receive a significant discount on the cost of accommodations.

Ken Power, Vice President of Product Development, is excited to see growth for the cPanel Conference. “This year’s early success over previous years is a product of us reacting to the feedback that our attendees provide. The subjects that our speakers have picked will cover a broad spectrum of disciplines, and the sponsors and exhibitors are precisely who our attendees want to see.”

This year’s early success over previous years is a product of us reacting to the feedback that our attendees provide. The subjects that our speakers have picked will cover a broad spectrum of disciplines, and the sponsors and exhibitors are precisely who our attendees want to see.

We are happy to announce that cPanel, Inc. has released cPanel & WHM Version 74 to the RELEASE tier! Version 74 includes updates for some of our biggest features. Take a look at the full release notes, then join us on Slack, Discord, or Reddit to talk about all the exciting improvements!

Improved Domain Validation

Both DNS-based DCV (Domain Control Validation) and Ancestor- (or primary-domain) DCV have been added in Version 74. These two will drastically reduce hiccups with SSLs issued by AutoSSL and Market Place Providers.

Object-Storage, S3-Compatible Backup Destinations

We have expanded the remote backup destinations further to include object storage destinations similar to Amazon S3.

SUMMARY
cPanel, Inc. has updated RPMs for EasyApache 4 with PHP versions 5.6.37, 7.0.31, 7.1.20, and 7.2.8 and released EasyApache 3.36.7 with PHP version 5.6.37 on July 25, 2018. This release addresses security vulnerabilities with no CVE numbers currently assigned. We strongly encourage PHP users to update their version of PHP.

AFFECTED VERSIONS
All versions of PHP 5.6 through 5.6.36
All versions of PHP 7.0 through 7.0.30
All versions of PHP 7.1 through 7.1.19
All versions of PHP 7.2 through 7.2.7

SECURITY RATING

At this time, no CVE numbers are assigned. We will update this notice when they are available.

SOLUTION
cPanel, Inc. has released updated RPMs for EasyApache 4 on July 25, 2018 with PHP versions 5.6.37, 7.0.31, 7.1.20, and 7.2.8. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM’s Run System Update interface.

We are happy to announce that cPanel, Inc. has released cPanel & WHM Version 74 to the CURRENT tier! Version 74 includes updates for some of our biggest features. Take a look at the full release notes, then join us on Slack, Discord, or Reddit to talk about all the exciting improvements! :thumbsup:

Git Automatic Deployment

Improving on the new Git Version Control feature, we now include the ability to automatically deploy changes merged into any branch of your cPanel-hosted git repositories.

Stop Spammers Instantly

The combination of the Monitor Recipients for Potential Spammers, and the Action Taken when Spammers Found additions to Tweak Settings will monitor outbound mail on a per-account basis, and allow webhosts to prevent negative impact from a compromised account.

SUMMARY

cPanel, Inc. has updated RPMs for EasyApache 4 with cURL version 7.61.0 and Apache 2.4.34 and released EasyApache 3.36.6 with cURL 7.61.0 and Apache 2.4.34 on July 18, 2018. This release addresses vulnerabilities related to CVE-2018-0500, CVE-2018-8011, and CVE-2018-1333. We strongly encourage all cURL users to update to version 7.61.0 and all Apache 2.4 users to upgrade to version 2.4.34.

AFFECTED VERSIONS
All versions of cURL through cURL 7.60.0
All versions of Apache through Apache 2.4.33

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

CVE-2018-0500 – MEDIUM
cURL 7.61.0
Fixed bug related to CVE-2018-0500

CVE-2018-8011 – MEDIUM
Apache 2.4.34
Fixed bug in mod_md module related to CVE-2018-8011

We are happy to announce that cPanel, Inc. has released cPanel & WHM Version 72 to the STABLE tier! Version 72 includes a focus on improving backups, security, and application development. Take a look at the full release notes, then join us on Slack, Discord, or Reddit to discuss more! :wave:

File and Directory Restoration

We have improved and updated the File Restoration interface to include directory restoration. We take you through the new interface on cPanelTV.

Backup Metadata Improvements

The metadata system that powers our File and Directory Restoration interface has been rebuilt from the ground up with a focus on speed and scalability.

More Information

Check out the cPanel Release site to see an overview of the latest features and updates cPanel & WHM has to offer! All of the details about all cPanel & WHM Version 72 features can be found in the Release Notes.

To ensure that you receive up-to-date product news from cPanel, we encourage you to subscribe to the “Product & Security Notifications” mailing list at cPanel Mailing List.

cPanel TSR-2018-0004 Full Disclosure

SEC-367

Summary

Stored-XSS in WHM File Restoration interface.

Security Rating

cPanel TSR-2018-0004 Announcement

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

cPanel has rated these updates as having CVSSv3 scores ranging from 2.8 to 6.5.

Information on cPanel’s security ratings is available at https://go.cpanel.net/securitylevels.

If your deployed cPanel & WHM servers are configured to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then we strongly encourage you to update your cPanel & WHM installations at your earliest convenience.

cPanel & WHM version 62 has reached End of Life and will no longer be supported by cPanel except when upgrading to a supported version. This was an extension of support, which can be read further about here: http://news.cpanel.com/support-for-cpanel-whm-version-62-extended-to-june-2018/

In accordance with our EOL policy (https://go.cpanel.net/longtermsupport), 62 will continue functioning on servers where it is already installed. The last release of cPanel & WHM version 62, 62.0.48, will remain on our mirrors indefinitely. However, no further updates, such as security fixes and installations, will be provided for 62. Older releases of cPanel & WHM 62 will be removed from our mirrors.

We recommend that all customers migrate any existing installations of cPanel & WHM version 62 to the most recent version of cPanel & WHM presently. They can upgrade to version 70 if they would like to upgrade to the 2018 LTS version. Our latest version, 72 is detailed on our current release site: https://releases.cpanel.net.

If your server setup complicates the process of migrating to a newer version of cPanel & WHM (an upgrade blocker list is available at https://go.cpanel.net/blockers), then cPanel is here to help. Simply open a support ticket at https://tickets.cpanel.net/submit so that our knowledgeable support team can provide recommendations, migration assistance, and more.

For the PGP-signed message, see 62EOLnow-signed.

We are happy to announce that cPanel, Inc. has released cPanel & WHM Version 72 to the RELEASE tier! Version 72 includes a focus on improving backups, security, and application development. Take a look at the full release notes, then join us on Slack, Discord, or Reddit to discuss more! :wave:

Web-Based Terminal

Whether you’re on the road, or just not at your computer, you will love the power of this new feature. Both root-level WHM users and cPanel users can now manage their server or website using cPanel & WHM’s new web-based terminal.

Limit Available PHP Versions​

Web hosting providers can now limit the PHP versions that cPanel accounts are allowed to view and use. Doing so helps to increase server security and reduce complexity for cPanel users.​

More Information

Check out the cPanel Release site to see an overview of the latest features and updates cPanel & WHM has to offer! All of the details about all cPanel & WHM Version 72 features can be found in the Release Notes.

To ensure that you receive up-to-date product news from cPanel, we encourage you to subscribe to the “Product & Security Notifications” mailing list at cPanel Mailing List.