When cPanel starts up, if it doesn’t have a valid SSL (now valid properly signed SSL) it reissues it’s own SSL, or panics if it cannot.
cPanel is now requiring a valid hostname check (similar to Let’s Encrypt) as a part of that check.
Therefore, a server’s hostname now has to point at the server or cPanel not start.
You will receive an email every day if the hostname doesn’t line up.
You’ve have to touch a file to disable this, and then run the script and then it should be set.
Due to cPanel’s recent change to their self-signed SSL’s, hostnames are required to have DNS entries. If this is not in place, they will not get a valid SSL and therefore cPanel will start and cpsrvd will immediately fail. To correct this we basically need to fix the DNS entry for the server’s hostname and then run /usr/local/cpanel/bin/checkallsslcerts
Error from the /usr/local/cpanel/logs/error_log: cpsrvd: Setting up native SSL support ... Could not load ssl libraries or certificate from /var/cpanel/ssl/cpanel/ at cpsrvd.pl line 554. [root@host] cpanel:/usr/local/cpanel/bin/checkallsslcerts The system failed to acquire a signed certificate from the cPanel Store because of an error: (XID y4txyq) “host.domain.com” does not resolve to any IPv4 addresses on the internet.
Updating DNS for the hostname and then running the check again will resolve the issue. If you do not have access to the customer’s DNS, this will require them to modify the DNS entries at the registrar and cPanel/WHM will remain down until that change is made.
Additionally, this may be a concern when DNS can not change (or should not be changed for some reason). When this is the case, you can skip the cPanel signed SSL. If you touch this file, /var/cpanel/ssl/disable_auto_hostname_certificate the system will no longer order, download, and install a free cPanel-signed hostname certificate. https://documentation.cpanel.net/display/ALD/Manage+>Service+SSL+Certificates has more information on this. After touching this file, you can run a /usr/local/cpanel/bin/checkallsslcerts for a selfsigned ssl on the services.
p.s. You must restart Cpanel after updating the SSL Certs.
As of yesterday, cPanel pushed out the new EA 3.18 build. This is now live in 11.36 and 11.34 (and most likely every other version, as EA seems to update regardless of cPanel version.)
Also of note, if the server does update to 11.36, you are not able to downgrade now. It will be blocked.
One of the major changes in EA 3.18 is it now includes Apache 2.4. The another possible issue will be if no MPM is selected it will default to prefork. So you will want to check apache to see what MPM you are using and be sure to select the corresponding box in EA to not accidentally switch from worker back down to prefork.
Here is the current information from cPanel pages on these new changes:
cPanel v11.36 has now entered the CURRENT tree and you will notice that most of your addon perl scripts failing. You can resolve this easily with our addons by reinstalling them. We have provided a simple script that can do this for you that we posted previously. This has to be done regardless as to whether you are running the latest versions:
This script will update: cmm, cmc, cmq, cse, csf, cxs, msinstall, msfe
Only those scripts that are already installed will be updated. Those that are updated are done so regardless as to whether they are the same or an older version of those available.
To use this method you must be logged into root via SSH to the server and then run:
curl -s configserver.com/free/csupdate | perl
You should take care to read through the output to ensure that all the upgrades have worked as expected. If a perl script that was working before the upgrade is now failing try this. We recommend option 1:
Recently, we saw a number of issues regarding a failed cPanel upgrade that involved the Mail and FTP server. It looks like an incorrect value was updated in the cpanel.config file for the mail server and FTP server. In order to correct this:
1) Login to WHM 2) Change mail server to something other than what it is currently and then save 3) Change it back to the original mail server setting and save 4) Change FTP server to something other than what it is on and save 5) Change it back to original ftp server setting and save 6) Kick off /scripts/upcp in a screen on the server 7) ????? 8) PROFIT!!
This is the notification of the End of Life for cPanel & WHM 11.30. The 18-month lifetime of cPanel & WHM 11.30 ends now. The last release of cPanel & WHM 11.30, being 188.8.131.52, will remain on our mirrors indefinitely. You may continue using this last release, however no updates for version 11.30 will be released going forward. Older releases of cPanel & WHM 11.30 will be removed from our mirrors.
cPanel strongly recommends that you migrate any existing installs of cPanel & WHM 11.30 to a newer version (either 11.32 or 11.34). If you have a server setup that complicates migrating to a newer version of cPanel & WHM, for example an out-of-date operating system, cPanel is here to help. Please open a support ticket via https://tickets.cpanel.net/submit/. Our professional support staff will help with recommendations, migration assistance and more.
Chtaccess is a cPanel plugin designed to increase functionality in the cPanel interface when working with generating htaccess files, htpassword protected directory and more. The following option are provided:
Password Protect File Custom error page Block bad bots Change default directory index Prevent viewing of .htaccess 301 Redirect and 302 Redirect allow or deny IPs WWW Redirection Cache Control
Installation: wget http://prajith.in/cpanel/chtaccess.sh sh chtaccess.sh