cPanel® Blog

All posts by: Phil Hodges

Brace Yourselves, NGINX is Coming

Arguably, one of the most requested and popular feature requests submitted for cPanel & WHM has been the addition of the NGINX web server as an alternative to Apache. We have good news for those of you that have been asking: NGINX is coming. Note: as NGINX support on cPanel & WHM servers is still experimental, it will not be available in the WHM graphic user interface right away. Be advised that this is a representation of …

Force HTTPS Redirection

We’ve talked about SSL (secure socket layer) certificates both on the cPanel blog and at the 2018 cPanel Conference in Houston, Tx as well as many other avenues at length. The importance of having an SSL for services and websites on your server cannot be understated. One of the most common support requests for both hosting providers and end-users is: once an SSL certificate is installed for your website, how do you redirect traffic to …

The cPanel Mail Server – cPanel Eats Its Own Dog Food

“Eating your own dog food” is a popular practice amongst companies where the employees are encouraged, and often do, use their own product in real life scenarios. The phrase “eating your own dog food” was purported to have been coined in the 1970s when television advertisements for Alpo Dog Food. Spokesman Lorne Greene pointed out that he had fed Alpo to his own dogs. Another possibility, even stranger, was a story of the president of …

Announcing ImunifyAV on all cPanel & WHM Servers!

In 2018, cPanel, with their longterm partner CloudLinux, began offering Imunify360 as a featured security product. With cPanel & WHM Version s82 or 84, we are integrating ImunifyAV into all cPanel & WHM servers. Imunify360 is a product set from our industry partner CloudLinux and will provide all customers with the most effective malware detection solution in the industry. We have spent years working extensively with the development teams at CloudLinux on a variety of …

Securing Exim for your Hosting Environment

Exim (Experimental Internal Mailer) is a mail transfer agent known for being a general and flexible mailer, with many tools for checking incoming email. Created in 1995 by Philip Hazel, an estimated 57% of publicly reachable mail servers on the internet use Exim. Using the Sendmail design model, Exim has defined stages where it gains or loses privileges on a server, to help increase the security of mail delivery overall. Many of the benefits that Exim provides …

WordPress/Joomla!/Drupal- A Security Comparison

One of the more popular methods of publishing content on a website is a CMS (Content Management System). A CMS generally has a graphic user interface where a user can log in, create or upload content, update existing content, design how they would want their website to appear, and other related tasks. The three most popular CMS choices by usage are WordPress, Joomla, and Drupal. A cursory glance at these three different pieces of software shows …

Let’s Talk MultiPHP

Many hosting providers have a large customer base with varying needs for their online projects. Available for systems running EasyApache 4, the MultiPHP Manager interface allows you to easily manage the PHP and PHP-FPM configurations of your cPanel accounts and domains. Hosting providers can switch between a number of different PHP versions with the click of a button, or allow more advanced users to upgrade to a newer version of PHP more quickly than others. There are …

Update to WHM’s Create Ticket Interface

If you’re not familiar with the Create Support Ticket interface, this tool lives inside WHM and allows a root user to create a support ticket with the cPanel Support staff. How is this more beneficial than logging in to Manage2 or using a form to submit a ticket? The Create Support Ticket tool streamlines and automates much of the process, including ensuring our support team will be able to access your server, decreasing the time it …

When PHP Went Pear Shaped- The PHP PEAR Compromise

As you may or may not be aware, on January 19th, 2019, a security announcement was published confirming the compromise of the PHP Extension and Application Repository (PEAR) installation script. The PEAR project had the following statement to announce: “A security breach has been found on the http://pear.php.net webserver, with a tainted go-pear.phar discovered. The PEAR website itself has been disabled until a known clean site can be rebuilt. A more detailed announcement will be on the …