This page was last updated on:
Version 220.127.116.11 introduces the Staging Directory. The system notifies you if there is insufficient space available to complete the upgrade and allows you to select a new location for the Staging Directory.
For more information, read our MySQL/MariaDB Upgrade documentation.
|You may see an unsigned certificate warning on your iOS device when you use this option. It is safe to accept the configuration file.|
For more information, read our AutoConfig and Autodiscover documentation.
In cPanel & WHM version 11.48, we have added Restricted Restore functionality to restoration API calls and the following interfaces:
The Restricted Restore feature performs additional security checks on the backup file in order to mitigate the risk of transfers from unfamiliar sources. If a component of the backup file has an issue (for instance, a MySQL grant table is compromised or a symbolic link attack), the system will not restore that portion of the backup and will add a warning to the log file.
If you do not trust the source of the account backup with
root access to your server, use the Restricted Restore feature to protect your server.
/bin/view_transfer script checks the status of and monitors transfer sessions.
For systems that support SNI, you can now enable SNI for a domain during SSL installation. You can also enable or disable SNI for domains that have SSL certificates already installed.
We have increased the default email quota – which is available in cPanel's Email Accounts interface (Home >> Mail >> Email Accounts) – to 1,024 MB. The maximum value is 2,048 MB for 32-bit systems and 4 TB for 64-bit systems.
In cPanel & WHM version 11.48, we now distribute the OWASP ModSecurity Core Rule Set (CRS). The OWASP ModSecurity CRS is a set of rules for use with the ModSecurity Apache module to help protect your web server from malicious traffic. Through the guidance of OWASP, cPanel now distributes a curated set of these rules. You can install and manage these rules with the WHM ModSecurity applications. For more information about the OWASP ModSecurity CRS, that includes installation pre-requisites and instructions, read our OWASP ModSecurity CRS documentation.
In cPanel & WHM version 11.48, we now provide the ability to add ModSecurity rule sets with the ModSecurity Vendors interface (Home >> Security Center >> ModSecurity Vendors). In addition, we have provided the ability to create custom ModSecurity vendors. For more information about how to create a ModSecurity vendor, read our How to Create a ModSecurity Vendor documentation.
cPanel & WHM version 11.48 introduces the
/usr/local/cpanel/bin/set_hostname utility. Run this utility as the
root user to change the server's hostname and automatically perform all of the necessary system updates. This utility is useful if you wish to change the server's hostname during a process that requires you to call the binary (for example, automated cloning processes).
For more information, read our The set_hostname Utility documentation.
In cPanel & WHM version 11.48, the transfer and restore system now uses
rsync to copy files from the source server to the destination server.
In cPanel & WHM version 11.48, we have added two options to the Exim Configuration Manager interface (Home >> Service Configuration >> Exim Configuration Manager).
Do not forward email to external recipients if it matches or exceeds the Apache SpamAssassin™ internal spam_score setting.
These two options allow you to prevent spam from being forwarded to external recipients.
In cPanel & WHM version 11.48, the restore package script (
/scripts/restorepkg) is now a part of the new transfer and restore system.
The package script now performs the following steps:
Adds the package to the
Starts the restoration process.
Tails the log file after the restoration process for the account begins.
You can now enter a value for the Apache RLimitsMEM, and optionally restart Apache.
Furthermore, cPHulk will not consider a user at an IP address who uses the same username and password combination repeatedly to be a brute force attacker. This often happens when a user has not yet updated their email password on a handheld device.
The Block IPs that trigger brute force protection at the firewall level and Block IPs that match the criteria for a one-day block at the firewall level options are not available on Virtuozzo.
For more information about these new settings, read our cPHulk Brute Force Protection documentation.
We have expanded the Login/Brute History Report tab in WHM's cPHulk Brute Force Protection interface (Home > Security Center > cPHulk Brute Force Protection) to include the following four tables:
Blocked IP Addresses
Blocked IP Addresses with Excessive Login Failures
We have also expanded the columns within each table to show the time that remains in the lockout or block period.
We redesigned the user interface for cPHulk to improve navigation and functionality. The tables for whitelist and blacklist entries now include comments and the ability to sort. You can also add your IP address to the whitelist by clicking the button on the warning notification.
In cPanel & WHM version 11.48, we have added the ability to report a issue with a vendor provided ModSecurity rule in the ModSecurity Tools interface (Home >> Security Center >> ModSecurity Tools).
iContactmodule. The system logs the changes in the
usernamerepresents the cPanel account name. This provides better performance and consistent contact management.
|If the user has modified their IP address, the IP address in the notification email may not be accurate.|
In cPanel & WHM version 11.48, users may request a notification when someone authenticates to any service that uses cPanel & WHM's authentication scheme. The system will also notify users when the notification settings change.
In order to prevent unnecessary messages, the system will halt notifications for 24 hours after a successful login for a specific service, user, and IP address combination.
|ProFTP does not currently use the cPanel & WHM authentication scheme.|
In cPanel & WHM version 11.48, we have added the Service interruptions option to the Contact Manager interface (Home >> Server Contacts >> Contact Manager). This allows you to customize the notifications that your server sends when a service fails, restarts, or times out.
The Paper Lantern theme is still in development in cPanel & WHM version 11.48. Eventually, Paper Lantern will become the default theme for cPanel.
In cPanel & WHM version 11.48, you can view the favicon and logo that you previously uploaded in WHM's Customize Paper Lantern interface (Home >> cPanel >> Customize Paper Lantern). You can also delete and upload new items in this interface.
In cPanel & WHM version 11.48, we restyled the Webmail interface to match the Paper Lantern theme. For more information, read our Webmail documentation.
Paper Lantern now ships with the Retro style. To change your interface to the Retro style, navigate to cPanel's Change Style interface (Home >> User Settings >> Change Style).
In cPanel & WHM version 11.48, WHM's cPanel Plugin File Generator interface (Home >> Development >> cPanel Plugin File Generator) is now compatible with the Paper Lantern theme. This interface generates an installation file for a cPanel plugin. The plugin file that you generate can contain one or more items.
In cPanel & WHM version 11.48, passwords and passphrases throughout cPanel and WHM may now contain spaces. Also, the system rejects any leading and trailing spaces in passphrases during GPG key creation.
Finally, GPG keys that you create without passphrases through the
Gpg::genkey() function in cPanel API 1 now process correctly.
|The cPanel interface requires that GPG keys contain passphrases.|
In cPanel & WHM version 11.48, we have changed the Backup Restoration feature so that it uses the restoration functionality in the new Transfer and Restore system.
We have also added the View Log option to WHM's Backup Restoration interface (Home >> Backups >> Backup Restoration).
In cPanel & WHM version 11.48, we have improved the performance and speed of WHM's Mail Delivery Reports interface (Home >> Email >> Mail Delivery Reports).
In previous versions of cPanel & WHM, the
/etc/init/startcpsrvd script was verbose by default.
In cPanel & WHM version 11.48 and later, you must explicitly include the
--verbose flag when you run the script in order to receive verbose output.
cPanel & WHM now provides compliant IPv6 address validation in WHM's Advanced DNS Zone Editor interface (Home >> Domains >> Advanced DNS Zone Editor). We also now reformat AAAA records to their most compact representation.
We have updated the
cpsrvd daemon to log
X-Forward-For header data in the access log.
New installations of cPanel & WHM version 11.48 include timestamps in the BASH history.
We have updated the email notification that the system sends when a user reaches a bandwidth limit threshold. These emails now include predictive warnings that indicate when the user will exceed the account's bandwidth limits.
We have rebuilt the following cPanel-provided RPMs:
For more information about cPanel RPMs, read The rpm.versions System documentation.
For a list of cPanel-provided third-party software, read our Third-Party Software documentation.
In cPanel & WHM version 11.48, due to a conflict with the Exim RPM, you cannot install the following RPMs:
New cPanel & WHM installations will now monitor the following services by default:
New cPanel DNSONLY installations will now monitor the following services by default:
WHM users can view a list of monitored services in WHM's Service Status interface (Home >> Server Status >> Service Status).
In cPanel & WHM version 11.48, Dovecot now uses the COMPRESS extension to IMAP to make IMAP connections more efficient. For more information about IMAP compression, read IETF's IMAP COMPRESS extension article.
Initial defaults for the following variables now exist in the
All of these variables default to
For more information, read our The cpanel.config File documentation.
We have refactored cPanel & WHM's
/usr/local/cpanel/scripts/restartsrv_* scripts to provide better coverage to start and stop services. For more information, read our WHM Scripts documentation.
In addition, the following scripts now include improved output:
If your custom applications use a
/usr/local/cpanel/scripts/restartsrv_* script, you may need to update and test your code.
Update any custom code that touches a
restartsrv-managed service to use the appropriate
/usr/local/cpanel/scripts/restartsrv_* scripts. Custom code should not call scripts in the
For help to update your custom code, contact firstname.lastname@example.org.
In cPanel & WHM version 11.48, we have added column selection and sorting to UAPI, WHM API 1 and cPanel API 2. This allows you to return only the data you need, which reduces system load and increases performance.
For more information, read the following documentation:
In cPanel & WHM version 11.48, we removed support for the User Mode Linux, FreeVPS, and ServeXchange Virtual Private Server environments.
In cPanel & WHM version 11.48, we removed the
Cpanel::Config::SaveCpUserFile module in favor of the
Cpanel::Config::CpUserGuard module, which avoids race conditions. You can no longer use the
The integrated Logaholic application is no longer available in cPanel & WHM. During the upgrade to cPanel & WHM version 11.48, the system automatically removes the integrated Logaholic application from the server. This removal will not affect any Logaholic user data.
Because of these changes, cPanel's Logaholic interface (Home >> Logs >> Logaholic) is no longer available.
For more information, view the Logaholic Web Analytics website.
We have removed the following scripts:
To install SSL certificates, use one of the following methods:
cPanel & WHM version 11.48 includes the following third-party applications:
Email::get_default_email_quota— This function retrieves the system's default email quota.
Email::get_max_email_quota— This function retrieves the system's maximum email quota.
CustInfo::displaycontactinfo— This function now includes new parameters for notification types.
CustInfo::savecontactinfo— This function now includes new parameters for notification types.
ZoneEdit::edit_zone_record— This function now supports CNAME flattening for root domains.
If you attempt to call these functions in cPanel & WHM version 11.48 and later, they will not produce any output.
— This function retrieves the system's default email quota.
— This function retrieves the system's maximum email quota.
Webmailapps::listwebmailapps— This function lists an account's available webmail clients.
SSL::disable_mail_sni— This function disables mail SNI for an account.
SSL::enable_mail_sni— This function enables mail SNI for an account.
SSL::is_mail_sni_supported— This function checks whether the
sslinstallfeature is enabled.
SSL::mail_sni_status— This function retrieves the status of the domain's SNI mail services.
SSL::rebuild_mail_sni_config— This function rebuilds the SNI configuration files.
modifyacct— This function now includes new parameters to list password change failures.
start_background_mysql_upgrade— This function upgrades MySQL or MariaDB in the background.
background_mysql_upgrade_status— This function retrieves the status of a background MySQL or MariaDB upgrade.
installable_mysql_versions— This function lists all available versions of MySQL and MariaDB.
current_mysql_version— This function retrieves the server's version of MySQL or MariaDB.
This function retrieves the latest available version of MySQL or MariaDB.
— This function adds a new ModSecurity™ vendor rule set to the server.
— This function copies a ModSecurity rule with a new rule ID.
— This function deploys the staged changes for all of the ModSecurity configuration files into the live configuration files.
— This function disables a ModSecurity vendor rule set.
— This function disables all the configuration files owned by a ModSecurity vendor.
— This function disables automatic updates for a ModSecurity vendor.
— This function discards the staged rule changes, if present, for all of the configuration files.
— This function enables a ModSecurity vendor rule set.
— This function enables all the configuration files owned by a ModSecurity™ vendor.
— This function enables automatic updates for a ModSecurity™ vendor.
— This function returns a list of configured ModSecurity™ vendors.
— This function returns the metadata of a ModSecurity™ vendor rule set.
— This function removes all of a ModSecurity™ vendor's includes, disablement directives, configuration files, and the metadata file.
— This function submits ModSecurity™ rule error reports to a remote receiver.
modsec_update_vendor — This function updates a vendor with the current version of the rule set available at the specified URL.
cphulk_status— This function returns the status of the cPHulk service.
enable_cphulk— This function enables cPHulk.
disable_cphulk— This function disables cPHulk.
create_cphulk_record— This function creates a record in the cPHulk whitelist or blacklist.
read_cphulk_records— This function returns the records in the cPHulk whitelist or blacklist.
delete_cphulk_record— This function deletes records from the cPHulk whitelist or blacklist.
load_cphulk_config— This function lists cPHulk's current configuration settings.
save_cphulk_config— This function modifies cPHulk's configuration settings.
get_cphulk_brutes— This function lists the records for brute attacks in the cPHulk database.
get_cphulk_excessive_brutes— This function lists the records for excessive brute attacks in the cPHulk database.
get_cphulk_failed_logins— This function lists the records for failed login attempts in the cPHulk database.
flush_cphulk_login_history— This function clears the login history from the cPHulk database.
remove_logo— This function removes an existing logo or favicon.
editzonerecord— This function now supports CNAME flattening for root domains.
— This function disables mail SNI for an account.
— This function enables mail SNI for an account.
— This function retrieves the status of the domain's SNI mail services.
— This function rebuilds the SNI configuration files.