An upgrade to 11.38 will be blocked if Interchange is enabled. As of cPanel & WHM 11.38, Interchange will no longer be included in an installation.
The Security section of Tweak Settings includes four new features:
rootor a reseller in WHM with the all ACL enabled.
rootand reseller accounts with root privileges can only run applications that are registered with AppConfig.
More information about these settings is available.
The Backup Configuration feature in WHM has a new section. Under the Advanced Settings section, you can control how long a backup will attempt to run before it times out.
You may now reuse an active security token for additional
Cpanel::LogMeIn requests. This ensures that the new login URL shares the same security token.
In 11.38, WHM offers a new interface to create backups. This new interface has several features that give system administrators the opportunity to customize the backup configuration.
In 11.38, WHM features an updated interface for the Backup Configuration screen in WHM's Backup section. System administrators who may not feel comfortable with this update can still use the 11.36 version of Backup Configuration, formerly called Configure Backups now called Legacy Backup Configuration.
We added a new feature called 11.38 Release Notes under the Backup section in WHM. This feature allows system administrators to backup each account with the Legacy Backup Configuration, the new Backup Configuration, or both. For example, a system administrator can configure
user1 to use the Legacy Backup Configuration while
user2 is configured to use the new Backup Configuration.
The new Backup Restoration feature will not restore backups saved with the Legacy Backup Configuration.
For more information, read our documentation about the user backup selection.
The Backup Configuration feature allows system administrators to choose when to run a backup. A system administrator may choose one or more days of the week, or once or twice a month. After a system administrator decides when to run backups, he can choose how many backups to keep.
For more information, read our documentation about the timing settings.
The new Backup Configuration feature allows a system administrator to choose to backup access logs, bandwidth data, system files, and databases. A system administrator may also choose whether or not to assign the accounts a local DNS during the backup.
For more information, read our documentation about the account settings.
After a system administrator chooses when to run backups and what content to back up, he can decide where to save the backups. The Configure Backup Directory feature allows the system administrator to choose the path for backups.
For more information, read our documentation about backup directory configuration.
A key aspect of the Backup Configuration feature is the ability to save backups to one or more additional destinations such as FTP, Additional Local Directory, SFTP, or WebDAV. In addition to these pre-configured destinations, a system administrator may also choose to create a custom destination.
For more information, read our documentation about additional destinations.
WHM 11.38 has a new Backup Restoration feature that allows system administrators to choose to restore backups by account or by date.
The Backup Restoration feature allows a system administrator to choose individual accounts to restore. After the system administrator selects an account, he may choose which backup date to restore, and then which Additional Options to restore.
For more information, read our documentation about how to restore by account.
The Backup Restoration feature allows a system administrator to choose a date to restore, and then which accounts with backups on that date to restore. After you select an account, you may choose which Additional Options to restore.
For more information, read our documentation about how to restore by date.
The Restoration Queue feature allows a system administrator to see which accounts are queued to be restored. From this queue, a system administrator can also see the status of each restoration, or remove any queued accounts.
For more information, read our documentation about the restoration queue.
In 11.38, the SSL Management System has been updated.
These updates include:
In 11.38, system administrators can explicitly set an IP address’s primary SSL and non-SSL virtual hosts through the following calls:
set_primary_servernamethrough Remote API version 1 in the HTTPD module.
set_primary_sslthrough UAPI in the SSL module.
The primary virtual host serves 2 purposes:
In 11.38, we changed the SSL support system in the cPanel and WHM interfaces. It is important to note that any x3-cloned themes from 11.34 or 11.36 will not work in the updated SSL sections in the 11.38 version of cPanel.
To resolve this issue, system administrators should follow the steps below. System administrators should replace the
$your_theme_backup text with the name of their x3 theme.
cp -afv /usr/local/cpanel/base/frontend/$your_theme /usr/local/cpanel/base/frontend/$your_theme_backup
rsync -av /usr/local/cpanel/base/frontend/x3/ssl/ /usr/local/cpanel/base/frontend/$your_theme/ssl/
rsync -av /usr/local/cpanel/base/frontend/x3/js2/ssl/ /usr/local/cpanel/base/frontend/$your_theme/js2/ssl/
rsync -av /usr/local/cpanel/base/frontend/x3/css2/ssl/ /usr/local/cpanel/base/frontend/$your_theme/css2/ssl/
rsync -av /usr/local/cpanel/base/frontend/x3/js2-min/ssl/ /usr/local/cpanel/base/frontend/$your_theme/js2-min/ssl/
rsync -av /usr/local/cpanel/base/frontend/x3/css2-min/ssl/ /usr/local/cpanel/base/frontend/$your_theme/css2-min/ssl/
pkgaccthas been improved by changing how the home directory is stored within the archive.
Backups and account transfer speeds can be improved by using the newly supported, pigz utility.
The EXPERIMENTAL: Rewrite From: header to match actual sender option is located in the Mail section of the Exim Configuration Manager (Home >> Service Configuration >> Exim Configuration Manager >> Basic Editor >> Mail).
This option rewrites the From header in emails to show the original identity of the actual sender for messages sent from your server. Email recipients can see the original From header as X-From-Rewrite along with the rewritten From header. This option is useful to determine the actual mail sender.
Beginning with version 11.38, MySQL 5.5 is installed during a fresh install of cPanel & WHM.
In 11.38, in a jailshell, all filesystems are mounted with the
nosuid option by default. The
nosuid option blocks the operation of
setgid commands, such as
ping. This does not apply to the
/usr/sbin/directory for Exim.
By default, jailed shell users cannot run the
setgid commands. Again, this does not apply to the
/usr/sbin directory for Exim. Additional settings allow jailed shell users to run the
setgid commands in
/bin and =/usr/bin=
All of an account's background processes are terminated when a jailshell exists for that user.
In the System tabs in the Tweak Settings feature, system administrators can enable or disable new options for their jailed shells.
These new options are:
More information about these options is available in our documentation.
In 11.38, system administrators can remove all bind mounts for a particular user with the command below. In the following command, replace
USER with the desired user:
/usr/local/cpanel/3rdparty/bin/perl -MCpanel::Filesys::Virtfs -e 'Cpanel::Filesys::Virtfs::clean_user_virtfs("USER");'
In 11.38, the Tweak Settings section in WHM includes a new option. Under the Security tab, users can enable the **EXPERIMENTAL: Jail Apache Virtual Hosts using mod_ruid2 and cPanel(®) jailshell option.
When you enable this setting, the
mod_ruid2 module chroots Apache virtual hosts. (This action will run Apache virtual hosts in a jailed environment.)
This item defaults to Off.
More information regarding this option is available.
When a user's shell is configured to
noshell, Exim will now run any process created from alias or filter files inside of VirtFS.
More information regarding VirtFS in 11.38 is available.
In 11.38, the Service Manager section in WHM includes the new TailWatch driver called JailManager. This TailWatch driver manages jails used for the EXPERIMENTAL: Jail Apache Virtual Hosts using mod_ruid2 and cPanel® jailshell? option. This TailWatch driver keeps each user's jail updated with the
Additionally, Chkservd now monitors the
crond daemon and knows about non-standard SSH and FTP ports.
More information regarding these additions is available on our SDK website and in our Service Manager documentation.
httpd.confdoes not have to be regenerated for the entries to appear.
In 11.38, addon domains, subdomains, and newly created accounts now use the same template system. The Apache template system allows your customizations to remain in place after you rebuild the Apache configuration file. As a result, we have removed the legacy
/httptemplates/ system. An Apache configuration file rebuild will override the
More information regarding custom templates is available in the EasyApache: Changes Contained Within a VirtualHost Directive document.
The Domain section of Tweak Settings includes two new features:
More information about these options is available.
Security tokens are always on and are no longer allowed to be disabled, as of version 11.38.
The Apache template system that was used prior to cPanel & WHM 11, has been removed. This was located in
/usr/local/cpanel/etc/httpdtempates. More information on the updated Apache Template System can be found in our EasyApache Documentation.
Interchange has been removed from cPanel & WHM 11.38. Upgrades from cPanel & WHM 11.36 will be blocked if Interchange is enabled.
cPanel & WHM 11.38 includes the following third-party applications. This section lists the applications' version numbers and the minor build of cPanel & WHM that corresponds to each version.
|Third-party application||Version||Corresponding cPanel & WHM minor version|
New UAPI Calls
New Remote API Functions
set_primary_servername) — This function allows WHM users to set the primary domain on an IP address and port type for their accounts' sites.
restore_queue_add_task) — This function allows you to restore a user's account from a backup file.
restore_queue_activate) — This function allows you to activate the restore queue and trigger a process to restore all queued accounts.
restore_queue_is_active) — This function allows you to see if the queue is actively processing restore jobs.
restore_queue_list_pending) — This function allows you to list all queued accounts to be restored.
restore_queue_list_active) — This function allows you to list all accounts currently being restored.
restore_queue_list_completed) — This function allows you to list all completed restorations along with the success or failure of the restore and the restore log.
restore_queue_clear_pending_task) — This function allows you to clear a single pending account from the Restoration Queue.
restore_queue_clear_all_pending_tasks) — This function allows you to clear all pending accounts from the Restore Queue.
restore_queue_clear_completed_task) — This function allows you to clear a single, completed account from the Restoration Queue.
restore_queue_clear_all_completed_tasks) — This function allows you to clear all successfully completed tasks from the Restoration Queue.
restore_queue_clear_all_failed_tasks) — This function allows you to clear all failed tasks from the Restoration Queue.
restore_queue_clear_all_tasks) — This function allows you to clear the Restoration Queue of all jobs, no matter the status.
backup_config_get) — This function allows you to receive detailed data from your backup destination config file.
backup_config_set) — This function allows you to save the data from the backup config page and put the data in
backup_skip_users_all) — This function allows you to save the configuration for a given backup type. You can enable or disable backups all users.
backup_skip_users_all_status) — This function allows you to retrieve the value from the status log file in the
backup_set_list) — This function allows you to find all backup files available on the server. This function also returns a list of users and dates so that the Restore Account(s) feature in WHM can show them.
backup_date_list) — This function allows you to retrieve a list of all dates that have backups.
backup_user_list) — This function allows you to list all users with a backup file on a specific date.
backup_destination_validate) — This function allows you to run a validation routine on a specified backup destination.
backup_destination_add) — This function allows you to create a backup destination and save it to a config file.
backup_destination_set) — This function allows you to modify the setup and data for a backup destination. The information is saved to the config file of the backup destination.
backup_destination_delete) — This function allows you to remove the backup destination config file.
backup_destination_get) — This function allows you to retrieve detailed data for a specific backup destination from the backup destination config file.
backup_destination_list) — This function allows you to list all backup destinations, including their configuration information.