cPanel® Blog

Development Update: cPanel & WHM version 58 is coming, and starting version 60

UPDATE 7/7/16

Due to problems in the security and usability, the following features have been removed from cPanel & WHM version 58, and are now targeted for v60:

  • Enhanced PHP-FPM support
    This includes both the UI that was included in WHM and the relevant API calls. In the event that you have configured your server to use PHP-FPM on EDGE, your current implementation will not be altered, but you will not be able to manage PHP-FPM though the WHM user interface.
  • EasyApache 4 conversion interface
    This only involves the interface in WHM that allowed customers who were not comfortable with the command line to more easily convert to EasyApache 4.

————–

Since our last Development update, we’ve had a lot of motion. We released a new version of PHP for EasyApache 3, a slew of updates for EasyApache 4, and a ton of updates for the EDGE tier of version 58. Version 56 has been in STABLE for 3 weeks, and its release triggered a lot of useful feedback for us. I always get excited to see people care about cPanel as much as I do. You are why we do this, and your feedback is crucial to what we do.

EasyApache 3 and 4

EasyApache 4 is leaving BETA in cPanel & WHM version 58. If you are running CentOS 6 or 7 then you should definitely consider migrating to EasyApache 4. Next week EasyApache 4 will get an entire blog post to cover its improvements. Between PHP 7 and the native PHP-FPM support in version 58, EasyApache 4 is definitely the way to go for anyone looking to increase the speed of their website.

If you are running CentOS 5 you won’t be able to take advantage of EasyApache 4, but we did release PHP 5.6 for EasyApache 3. While cPanel & WHM version 56 is the last version of cPanel to support CentOS 5, we wanted to give our customers time to upgrade without leaving them on an End of Life version of PHP.

Version 58 to CURRENT next week!

Version 58’s feature development has completed. If our bug fixing and testing goes well over the next few days, we’ll be pushing the first version of 58 to CURRENT early next week! We spent a lot of time on maintenance and updates to the software we include in cPanel & WHM in this release, but there’s a couple very cool new features. The full release notes for v58 will be pushed out around the same time as it goes to CURRENT, but there’s a lot of good stuff. Two of the most noteworthy are EasyApache 4’s new conversion interface in WHM and expanded functionally in the Addon-To-Account tool. Keep an eye out for the full release notes next week!

A look ahead to Version 60

In 2016 we want to fulfill two of our most highly voted features from the feature request site: DNSSEC, and Remote Incremental Backups.  To accomplish these two we’ll be making incremental changes over the next few versions, and in fact have already started.

Step one for getting DNSSEC support is adding PowerDNS to our product. We’ve had a few conversations with the PowerDNS people and have been impressed with the software they’re providing. We’ll be working closely with them. Sometime after version 60 we plan to deprecate and remove NSD and MyDNS-ng. That timeline has not yet been defined, but once it is we will share that information.

Step one for Remote Incremental Backups was adding MDBox (multi-dbox, meaning multiple messages per file) support for Dovecot in version 58. We’re adding the ability to convert mailboxes back and forth between Maildir and MDBox, and the ability to default to MDBox format for new accounts. There are a lot of questions that we need to answer (which we’re working to address in version 60), but we’ve been using MDBox on our own cPanel-based Mail server for months without issue, and we’ve been incredibly happy with the performance increases we’ve seen. If you have concerns with performance related to inode use in email accounts, MDBox may be your answer.

Version 60 will also be the first version of cPanel & WHM to ship without x3 since it was introduced in cPanel & WHM version 11.0 (circa 2007). With the impressive adoption rate of Paper Lantern already, we’re excited to give x3 the sendoff it deserves after nearly 10 years of serving us and our users. 

Below I’ve listed a few more things that we’re working on, and hope to include this year:

* Improving the User Manager, and adding full Sub-Accounts to cPanel
* Expanding the SSL Market Providers to support Wildcard, OV, and EV certificates.
* Working toward making cpsrvd support SNI, which would mean per-domain SSLs would work for cPanel, webmail, and WHM.
* Working on updating WHM’s icons and theme.

Feature requests!

If you have a request that you don’t see listed there, or have a new idea, make sure it’s on our Feature Request site! If your request has already been submitted but isn’t on the list of things we’re working on make sure you point it out to me. I might be able to give you a better idea of what’s holding it up. Make sure you don’t miss any of our updates: Follow me on twitter, and sign up for our mailing lists. As always, let me know what questions you have!

benny Vasquez

scripter, crafter, cPanel’s Manager of Community Engagement. Facilitating communication between cPanel’s amazing development team, and cPanel’s amazing community. Find me on twitter: @cpaneldev

  • Déviku

    We are very glad with your service, guys!!! Your panel let us give a good Service for our clients 🙂 Kind regards from our team in Barcelona https://deviku.com !

    • cPanelbenny

      So glad to hear it. 🙂

  • Spork Schivago

    So, AutoSSL is in no way affiliated with Let’s Encrypt and they’re two totally different things? If so, I have a question. In order to get Let’s Encrypt working with webmail, cPanel, whm, etc, I’ve had to disable the sub-domain proxy’s and setup actual subdomains. If I use AutoSSL, would I be able to reenable the sub-domain proxies under Tweak Settings and have valid SSL (not self signed) available for stuff like cpanel.mydomain.com, whm.mydomain.com, etc? Thanks.

    • cPanelbenny

      AutoSSL isn’t going to add that functionality itself, but we are working on adding SNI support to cpsrvd, which would allow proxy subdomain to work with the SSLs provided by AutoSSL.

      https://features.cpanel.net/topic/sni-support-for-cpanel-webmail-whm-ftp-mysql-mariadb

      I also talk about AutoSSL in a more recent blog post here:

      https://blog.cpanel.com/autossl/

      • Spork Schivago

        Thank you cPanelbenny for the response. So the functionality that I’m talking about is called SNI? I had read about SNI but was a bit confused as to what it actually was. Thanks for the explanation!

        • cPanelbenny

          No problem at all, and that’s correct! SNI is what allows multiple valid SSL certificates to be served on a single IP address, and while Apache supports it the cPanel daemon doesn’t yet. Hopefully soon!

          • Spork Schivago

            This is why I needed to use the workaround. I had to disable the Tweak Settings sub-domain proxy settings, create manual sub-domain redirects to the various points. After that, I was successfully able to use Let’s Encrypt to install a valid SSL certificate for the various sub-domains (webmail.example.com, whm.example.com, example.com, http://www.example.com, etc). It works real well but I kind of miss the proxy subdomains.

            I then created a crontab entry that run’s the Let’s Encrypt program to check for new certificates and a perl script that installs them via the cPanel API’s. I didn’t actually create the perl script, I borrowed it and then modified it a bit. It works really well. I have the Let’s Encrypt SSL certificate installed, it shows up properly under WHM, it automatically renews the cert. I don’t have to do anything anymore. The system handles it all and I don’t get the red X through the https sign for the cPanel / WHM / webmail stuff anymore.

  • Spork Schivago

    I’ve just tried upgrading to v58 from v56, hoping it’d fix some issues I’m having. I noticed in the logfile though this:

    Warning: something’s wrong at /usr/local/cpanel/scripts/check_security_advice_changes line 62.

    Whenever I run /usr/local/cpanel/scripts/check_security_advice_changes –notify, I get that message. Line 62 of that script is:

    if ( !$merged ) {
    warn @result; <– This is line 62
    }

    Not very informative. I wonder if I need to reboot. The update in WHM shows it's at 92% but says the output won't be updated because some program had to be killed. Perhaps it's time to reboot and see if the issue still occurs? What do you think?

    Also, I'm going to upgrade to EasyApache 4, but right now, unless the upgrade to v58 enabled EasyApache 4 by default, I'm still on EasyApache 3.

    • cPanelbenny

      Hi there! Thanks so much for that. cPanel updates shouldn’t eve require a reboot. Can you please open up a ticket with our support team, so they can take a look? We can identify if there’s a bug and get it filed. https://tickets.cpanel.net/submit/

      • Spork Schivago

        Yes cPanelbenny. I will open up a ticket. What should I say? I noticed in the e-mails I get every day, I get the same message, saying there’s something wrong on line 62.

        Also, I’ve ran this command and here’s the output:
        cd /
        find -name “*rpmnew”

        ./home/virtfs/sporkschivago/usr/local/cpanel/3rdparty/php/54/lib/php/.filemap.rpmnew
        ./home/virtfs/sporkschivago/usr/local/cpanel/3rdparty/php/54/lib/php/.depdb.rpmnew
        ./home/virtfs/sporkschivago/etc/pam.d/sshd.rpmnew
        ./usr/local/cpanel/3rdparty/php/54/lib/php/.filemap.rpmnew
        ./usr/local/cpanel/3rdparty/php/54/lib/php/.depdb.rpmnew
        ./etc/pam.d/sshd.rpmnew
        ./etc/my.cnf.rpmnew
        ./etc/pure-ftpd.conf.rpmnew
        ./etc/issue.net.rpmnew
        ./etc/named.conf.rpmnew
        ./etc/sudoers.rpmnew
        ./etc/yum.conf.rpmnew
        ./etc/issue.rpmnew
        ./etc/sysctl.conf.rpmnew
        ./etc/localdomains.rpmnew

        Should I go through and replace the config files with the rpmnew ones? I think yum.conf has some custom repositories in it. Everything else I think I can just replace.

        I think when the system packages are being updated, if there’s a new config file but the old one isn’t getting replaced, instead of just calling it rpmnew, the system should let us know about the rpmnew files. Perhaps this isn’t a problem with cPanel though and more or less the package manager that comes with CentOS.

        • cPanelbenny

          Just explain everything you’ve shared here, and the support folks will be able to take a look for you and get things sorted for you!

          • Spork Schivago

            It seems this is a known bug and is referenced by internal case number CPANEL-7657. Perhaps I can find out what’s causing the issues when I get some time and if I find the bug and a fix, I’ll let you guys know.

          • cPanelbenny

            Oh! I just looked at the case, and I have an idea for you. I’m going to send you a quick email.

          • Spork Schivago

            Thank you cPanelbenny. Perhaps you can let me know when the e-mail gets sent so I can check my mail servers. Not 100% certain which e-mail address you’ll send it to because I have a few.

            I’ve noticed some other things and created a topic on the forums. For example, /etc/init.d/httpd doesn’t seem to be correct. It appears it’s looking for a PID file at /usr/local/apache/logs/httpd.pid

            But the PID is (and should be, in my opinion) be located at /var/run/apache2/httpd.pid

            Stuff like:
            service httpd stop
            service httpd restart
            etc.

            Just don’t work because of this. I need to execute /scripts/restartsrv_httpd to restart Apache. I think the PID=/usr/local/apache/logs/httpd.pid line in /etc/init.d/httpd needs to be changed to something like:
            PID=/var/run/apache2/httpd.pid

            I opened a new topic in the security forum though so hopefully this can get addressed. Not sure if it’s a bug or what. Maybe I’m not even supposed to have a init script for Apache in /etc/init.d anymore. I dunno.

          • Spork Schivago

            I’ve also found another bug but I’ve reported it and that too is referenced by an internal case number. I’ve provided with that bug what I believe is a simple fix that should work. It’s just a perl script that initializes a few variables without setting them to 0. If you initialize them to 0, the script works as expected. Because it’s such an easy fix, hopefully it’s fixed very soon. I understand cPanel developers are extremely busy though. To bad there wasn’t an option to submit patches for stuff like this where they can just be reviewed and implemented, to help remove some of the load from all the developers.

          • Spork Schivago

            I just wanted to give you an update cPanelbenny,

            It looks like the switch to EasyApache 4 wasn’t completed. I now have some EasyApache 3 stuff floating around along with EasyApache 4 stuff. Tech support is going to help fix this mess. Thanks!

          • cPanelbenny

            Thanks for that! No need to update me at all. I’ve got an eye on your ticket, so I’ll see what’s there. If you need anything, however, definitely feel free to email me: benny@cpanel.net

          • cPanelbenny

            No problem at all! I’ve sent the email to the address associated with your Disqus user. If you don’t get it, feel free to email me ( benny@cpanel.net ) from your preferred address.

  • Rod Pascoe

    I’ve had a nightmare with 58.

    As well as my EA4 problems in other posts I’ve made here I’ve had WHM and cPanel broken for me and my users for days since I installed. Loads ok but trying to do anything gives pink error screens.

    I’ve got tickets open with cPanel and they’ve had me reboot (giving everyone downtime of course) and now they are asking me to change my Linux Kernel in the hope that it might be that!!!!!

    It was working perfectly before 58 was installed 🙁

    • cPanelbenny

      I’m very sorry for the frustration, and I’m very glad you’ve got tickets open with us.

      • Rod Pascoe

        I’ve ended up provisioning a new server today to install 58 on to test.

        I’m not prepared to start fiddling with changing kernels etc as per your support team on the basis that it *might* fix things.

        I’ll see how things go on a fresh machine.

  • terrih83

    Feature request:

    KEEP x3 for versions 60 through 9999999999999999999999999

    otherwise I will never update cpanel again.

  • Rod Pascoe

    You say that EasyApache4 is now out of beta (your site says “production ready” but you should really be telling people about the problems you still have with it.

    I tried to upgrade a server last night and ran into the following :-

    First, it might be helpful if you mentioned that upgrading stops Apache running for the whole time the upgrade script is running – 250 sites went offline for half an hour triggering downtime emails aplenty.

    Second, the script failed because I had some custom RPS’s installed (as most people would I guess?) – EA4 cannot handle anything other than out of the box setups.

    Thirdly, only once I got a tech from cPanel involved did I find that as I am running DSO and mod_ruid2 (not supported) – again, no mention or warnings – I cannot do this anyway as you have a bug in EA4 (which can be tracked under label EA-4744) that would change the PHP handler to the only setup you support and as the permissions are different between the handlers all of my sites using PHP would then not run!

    In my humble opinion until EA4 can migrate any configuration from EA3 that a user may have it is *not* production ready and will cause massive headaches for anyone who is not using a default out of the box SuPHP vanilla configuration.

    • cPanelbenny

      Hey there! Thanks so much for the information. I’m reaching out to the team who managed EasyApache 4, but based on what you’ve laid out here it does seem like you hit every edge-case possible. For that, we sincerely apologize. Can you email me a ticket number, so I can make sure everything you saw gets looked at by our team?

      • Rod Pascoe

        cPanel tickets ID# 7598389 is the ticket number.

        Even if I did hit all the edge-cases only one of them is needed to make the EA4 upgrade a no-go.

        This is not production ready for a lot of peoples server – your documentation is not complete – there is the potential to wreck a server from operating.

        I think you should put some warnings up.

        • cPanelbenny

          Sorry I missed your response! Looking at your ticket it looks like you were attempting to migrate from an unsupported EA3 profile, which is what caused the root of the problem. We are adding a slew of pre-migration checks to help prevent this in the future. Thank you so much for bringing it to our attention!

          • Rod Pascoe

            You make that sound like it was my fault. The whole point of EA3 is to customise your installation.

            As I said, unless you have a default installation that you haven’t touched then EA4 won’t migrate you.

            If that is the case and you aren’t customising then there is no point upgrading anyway!

          • cPanelbenny

            I’m sorry for that, I definitely didn’t intend to assign a fault or blame. It’s our goal to provide the cleanest experience for all of our users, whether they have customized their installation of EA3 or not.

    • terrih83

      oh wow, this would be a disaster. I am glad I searched to see if cpanel 5988 would have major issues because it’s clear that cpanel doesn’t care about their customers and they brought in new devs who are clueless. Looks like I also won’t be upgrading to version 58, guess I will be on version 56 for the rest of the life of cpanel. no more cpanel updates for me — ever.

  • cPanelbenny

    I added a bit to the top of this post, but wanted to make sure it gets seen down here as well:

    ———
    Due to problems in the security and usability, the following features have been removed from cPanel & WHM version 58, and are now targeted for v60:

    Enhanced PHP-FPM support
    This includes both the UI that was included in WHM and the relevant API calls. In the event that you have configured your server to use PHP-FPM on EDGE, your current implementation will not be altered, but you will not be able to manage PHP-FPM though the WHM user interface.

    EasyApache 4 conversion interface
    This only involves the interface in WHM that allowed customers who were not comfortable with the command line to more easily convert to EasyApache 4.

    • Hello Benny,

      When will be the 58 in current tier? Your post published date Jun 23rd. And you wrote “next week”. That was the last week.

      • This week, probably.

        • cPanelbenny

          v58 is now in the CURRENT tier! http://news.cpanel.com/58-now-in-current-tier/

          • Good but PhpMyAdmin is still 4.0.10.14 ?

          • cPanelbenny

            Hey there! First, I have to apologize. The upgrade was not completed in v58, and I incorrectly relayed information here. The Director of Product Development is working on finding a space for this project to get it in to v60, but it’s not yet clear where it will land.

            There were two parts to the project (package and ship PHPMyAdmin as an RPM, and upgrade the version of PHPMyAdmin that we ship), and while one part was completed, the upgrade was not. As soon as I have more information, I will let you know.

      • cPanelbenny

        As Recep indicated, we’re aiming for this week now. Ideally, it’ll be today or tomorrow! The condition right now is whether or not the testing is completed today.

  • Morten

    With PDNS, will there be a option to use SQL or flat line file for the zones?
    Have you tested PDNS vs BIND?

    • cPanelbenny

      In the current plan this will be part of the product available on the local machine. Our first step will be implementing it with BIND format, with the hope of expanding that to include an SQL backend.

      I’m sorry, I meant to link to the feature request for PowerDNS where all of your questions are answered, but I failed to. https://features.cpanel.net/topic/powerdns-as-nameserver-program-option

  • Shawn

    EA4 with caching (memcache) + modsec + modruid or itk – need to run as user with performance.

  • cPanelbenny

    Hey everyone, a quick update to this: we’ve got some more work yet to do before we can move to CURRENT, so we’re pushing out a week. We are now planning to go to CURRENT early next week.

    • Saw it. Better have a stable build than a half baked product.

    • Rod Pascoe

      Are you still planning a launch this week Benny?

      • cPanelbenny

        Hopefully! We’re currently aiming for tomorrow. I’ll have confirmation later today.

        • Rod Pascoe

          Awesome, I’ll keep a lookout for it.

        • Hopefully, this week 🙂

          • Rod Pascoe

            Hopefully today Recep!!! 🙂

          • cPanelbenny

            Just a quick update! We’ve been held up on a couple things are are looking at next week now.

  • EA4 and PhpMyAdmin. Waiting for them.

    • Jose Dieguez

      +1 on phpmyadmin

    • Rod Pascoe

      Do *not* run the EA4 upgrade until you’ve read my post above!

      • My hosting provider did the job and everything is fine.

  • Are you still on track for v58 to include the fixes for EasyApache4 and PECL & PEAR? Thanks! https://documentation.cpanel.net/display/EA4/Current+Status+of+EasyApache+4#CurrentStatusofEasyApache4-Pear

    • cPanelbenny

      Yup! That’s fixed in v58.

      • Jose Dieguez

        Amazing!

  • Chris

    Is Paper Lantern also still getting the stats sidebar back in v58?

  • Let’s Encrypt in version 58?

    • Scott Neader

      That was the first thing that crossed my mind after reading the post… what happened to Let’s Encrypt? 🙂

    • Gregory Young

      Also eagerly awaiting the Let’s Encrypt Announcement that was to come in this release.

    • I’ve been using https://letsencrypt-for-cpanel.com/ thus far, it’s really quite nice.

    • cPanelbenny

      The BETA of the cPanel-provided Let’s Encrypt plugin that we’re building has been going very well, and we’ve gotten some incredible feedback from our testers. The public release of the plugin is still on target to be released during the v58 cycle and we will be sharing a BETA version with our testers soon. As soon as I have more information I’ll let everyone know!

      • juff

        Let Encrypt is already in v58, and has been for several days, as I have been using it. I just updated to Edge a few days ago, and Lets Encrypt was there automatically. What do you mean when you say “we will be sharing a BETA version with our testers soon”?

        • cPanelbenny

          Hey there! I’d love to chat about this more. I think what you’re seeing is AutoSSL, which currently uses cPanel branded SSLs, rather than Let’s Encrypt. If you’re seeing Let’s Encrypt specifically then a plugin has been installed.

          • juff

            Ohhhhh….. I didn’t realize there was a cpanel provider in addition to Let’s Encrypt. You are correct, I see now that I am in fact using the cpanel provided 90 day certs, and not Let’s Encrypt. Thank you for that clarification.

    • Steve

      +1