Recently cPanel made an announcement on their official blog about deprecation of Squirrelmail as a webmail option in cPanel.
As of cPanel & WHM version 74, cpanel will begin to deprecate support of SquirrelMail and stop shipping SquirrelMail for new installations of cPanel & WHM in version 76 followed by removing their support with version 78.
The news may come as a shock to many people who are used and habitual to use Squirrelmail as webmail option. Squirrelmail has been favourite webmail for years due to its simplicity and ease of managing emails using webmail.
But it seems, there has not been much progress in development of Squirrelmail which has forced cPanel to stop offering squirrelmail as an option. As per the official blog post from cPanel website,
SquirrelMail’s last update was May 30th, 2013, with their last release on July 12, 2011. In that seven years, 4 versions of PHP have reached End of Life, and we have worked with others in the community to maintain SquirrelMail. Unfortunately, recent security patches have significant problems, forcing us into a choice. Exclude the security fix and ship SquirrelMail with known security flaws, ship a secure version with known interface issues, or attempt to fix the problems.
Webmail users now expect a better experience than SquirrelMail provides. Rather than continuing to ship an unmaintained application, we decided to remove SquirrelMail.
While we can certainly understand cPanel’s concern from security point of view, it would have been really helpful if Squirrelmail was able to cope up with developments and upgrades.
Following the removal of Squirrelmail eventually with release of cPanel version 78, WebHostUK will also stop offering SquirrelMail as a webmail option on our cPanel hosting servers. We urge our customers, who are using Squirrelmail, to consider using other alternative webmail options such as Horde or Roundcube and export any address book they may have under Squirrelmail.
With over 12 years in Web hosting Business, WebHostUK LTD is one of the Best UK Web Hostingproviders and has made a name for it-self by offering quality web hosting and support services to more than 150K websites. WebHostUK continues to offer most reliable, secure and cost-effective web hosting products in one of the Best UK Data Centers.
On the occasion of Easter and Holiday Weekend, WebHostUK LTD proudly presents huge discount and offer on its Shared Hosting and Reseller Hosting Plans. Sign up for Shared Hosting Plan by using EASTER coupon code and get 1 Year Additional Hosting absolutely free! Or Order Reseller Hosting Plan and get 40% Discount on the first payment. To redeem 40% Discount on Reseller Hosting Plan, use EASTER40 coupon code while placing the order.
Note: 1 Year Free Hosting will be added manually by Billing Department for the customers who order Shared Hosting Plan using EASTER Coupon Code. As this process requires manual verification, it will be done manually after the order is processed and activated.
Extensive Features available with Shared Hosting Plans:
1. We provide 24/7 support through live chat and ticket system.
2. Free Backups.
3. Free account migration.(Only in case your current host use cPanel)
4. 99.9% Uptime Guarantee
5. Free Softaculous integrated with cPanel (300+ scripts)
6. Free Attracta SEO Tools integrated with cPanel
7. Free Spam Assassin.
8. Free Site Builder.
9. Upgrade/Downgrade account anytime.
10. Efficient and prompt support.
11. 30 Day Moneyback Guarantee
Features and Free Takeaways available on Reseller Hosting Plans:
1) 100% private labeled end user support through ticket system.
2) Free Softaculous Integrated with Cpanel (350+ scripts).
3) Free Enom reseller account.
4) Free private labeled nameservers.
5) Free SSL Certificates (on selected reseller plans).
6) Free Attracta SEO Tools
7) 99.9 % uptime guarantee
8) 24 /7 live chat and ticket support
9) Instant account activation
10) Free Daily and Weekly Backups
11) 30 Day Moneyback Guarantee
Support Guarantees for our Customers:
1) 99.9% Uptime Guarantee SLA.
2) 24/7 Server Monitoring.
3) 24/7 Live Chat and Helpdesk Support.
4) 20 Minutes Ticket Response Time, 1 Hour Resolution Time Guarantee.
5) Daily and Weekly Backups.
6) 30 Day Moneyback Guarantee.
Thanks to EA4 (EasyApache 4), WHM cPanel now allows multiple php versions to be installed simultaneously. Here is a peculiar example of getting php 7.2 enabled on a cpanel server with LiteSpeed and grsec kernel enabled on server.
Assumption: Here we are assuming a scenario where we have WHM cPanel server installed on Centos 6 and configured with ASL (Atomic Secured Linux) available from Atomicorp.com.
When ASL is enabled, server will be booted into ASL kernel powered by grsecurity modules and rules.
The procedure to enable php 7.2 from WHM would be to login to WHM -> EasyApache 4 -> Customize – PHP versions -> Enable 7.2
Once PHP 7.2 is enabled on server, you will need to enable in Litespeed. To do so, login to Litespeed web interface by visiting your server url with port 7080
Once logged in login to Configuration -> Server -> External App -> Add
Then you will need to add Script Handler so click on Script Handler -> Add. Make sure to configure handler type as “LiteSpeed SAPI” and handler name as “[Server Level]: lsphp72”
Save and restart LiteSpeed web server. Now when you configure php 7.2 for a particular account from WHM -> MultiPHP Manager and access the website in browser, you will notice error “503 Service Unavailable, Please try again later”
On debugging you will notice logs in /usr/local/apache/logs/error_logs as follows:
connection to [/tmp/lshttpd/APVH_xxxxxxx_Suphp72.sock.825] on request #0, confirmed, 1, associated process: 14544, running: 1, error: Connection reset by peer!
2018-01-26 09:45:21.065 [NOTICE] [xxxxxxx:59282] No request delivery notification has been received from LSAPI process group , possible run away process.
2018-01-26 09:45:21.066 [NOTICE] [xxxxxxxx:59282] Retry with new process group.
2018-01-26 09:45:21.066 [NOTICE] Graceful stop process group lead by pid: 14544
2018-01-26 09:45:21.067 [INFO] [APVH_xxxxxxx_Suphp72:] PID: 23289, add child process pid: 14593, procinfo: 0x4e5e970
2018-01-26 09:45:21.155 [INFO] [xxxxxxxx:59282] connection to [/tmp/lshttpd/APVH_xxxxxx_Suphp72.sock.413] on request #0, confirmed, 1, associated process: 14593, running: 1, error: Connection reset by peer!
2018-01-26 09:45:21.155 [NOTICE] [xxxxxxx:59282] Max retries has been reached, 503!
2018-01-26 09:45:21.155 [NOTICE] [xxxxxxx:59282] oops! 503 Service Unavailable
2018-01-26 09:45:21.155 [NOTICE] [xxxxxxx:59282] Content len: 0, Request line: ‘GET /~xxxxxxxx/ HTTP/1.1’
2018-01-26 09:45:21.155 [NOTICE] [xxxxxxx:59282] Redirect: #1, URL: /index.php
2018-01-26 09:45:21.155 [INFO] [xxxxxxx:59282] abort request…, code: 4
2018-01-26 09:45:21.155 [INFO] [xxxxx:59282] File not found [/home/xxxxx/public_html/503.shtml]
Further tailing /var/log/messages, you will notice errors similar to:
Jan 26 11:05:19 xxxxxxx kernel: [1331781.378288] PAX: terminating task: /opt/cpanel/ea-php72/root/usr/bin/lsphp(lsphp):25821, uid/euid: 591/591, PC: 0000036c959c2010, SP: 000003d92b1a9c28
Jan 26 11:05:19 xxxxxxx kernel: [1331781.381445] PAX: bytes at PC: 53 41 57 41 56 41 55 55 48 8b df 48 83 ec 50 48 8b 43 10 48
Jan 26 11:05:19 xxxxxxx kernel: [1331781.383039] PAX: bytes at SP-8: 0000036c92aa5460 00000000004c3253 000003d92b1a9cc0 00000000040b3d70 0000000004187f20 0000036c92a01900 0000036c92a01900 0000036c92a01909 000003d92b1a9cc0 0000000000000004 0000000000000000
Jan 26 11:05:19 xxxxxxx kernel: [1331781.386756] grsec: From xxxxxxx: denied resource overstep by requesting 64 for RLIMIT_CORE against limit 0 for /opt/cpanel/ea-php72/root/usr/bin/lsphp[lsphp:25821] uid/euid:591/591 gid/egid:589/589, parent /opt/cpanel/ea-php72/root/usr/bin/lsphp[lsphp:25820] uid/euid:591/591 gid/egid:589/589
Jan 26 11:05:19 xxxxxxx PAM-hulk: Brute force detection active: 580 LOGIN DENIED — EXCESSIVE FAILURES — IP TEMP BANNED
Jan 26 11:05:19 xxxxxxx kernel: [1331781.391657] grsec: From xxxxxxx: denied resource overstep by requesting 120 for RLIMIT_CORE against limit 0 for /opt/cpanel/ea-php72/root/usr/bin/lsphp[lsphp:25821] uid/euid:591/591 gid/egid:589/589, parent /opt/cpanel/ea-php72/root/usr/bin/lsphp[lsphp:25820] uid/euid:591/591 gid/egid:589/589
Jan 26 11:05:19 xxxxxxx kernel: [1331781.396551] grsec: From xxxxxxx: denied resource overstep by requesting 176 for RLIMIT_CORE against limit 0 for /opt/cpanel/ea-php72/root/usr/bin/lsphp[lsphp:25821] uid/euid:591/591 gid/egid:589/589, parent /opt/cpanel/ea-php72/root/usr/bin/lsphp[lsphp:25820] uid/euid:591/591 gid/egid:589/589
Jan 26 11:05:19 xxxxxxx kernel: [1331781.401450] grsec: From xxxxxxx: denied resource overstep by requesting 232 for RLIMIT_CORE against limit 0 for /opt/cpanel/ea-php72/root/usr/bin/lsphp[lsphp:25821] uid/euid:591/591 gid/egid:589/589, parent /opt/cpanel/ea-php72/root/usr/bin/lsphp[lsphp:25820] uid/euid:591/591 gid/egid:589/589
Jan 26 11:05:19 xxxxxxx kernel: [1331781.406601] grsec: From xxxxxxx: bruteforce prevention initiated for the next 30 minutes or until service restarted, stalling each fork 30 seconds. Please investigate the crash report for /opt/cpanel/ea-php72/root/usr/bin/lsphp[lsphp:25821] uid/euid:591/591 gid/egid:589/589, parent /opt/cpanel/ea-php72/root/usr/bin/lsphp[lsphp:25820] uid/euid:591/591 gid/egid:589/589
The error is likely due to the fact that the grsec kernel which is installed on server from ASL, is assuming php 7.2 as insecure and hence, restricting it. This means that PHP is trying to violate the kernels memory protection features. Unfortunately, PHP 7 needs to operate in this insecure manner. To allow PHP to operate this way, follow the steps below:
The solution here is to configure the system to allow php to run insecurely. This can be achieved by :
Stopping Litespeed webserver on the server using command:
Then give the command:
paxctl -m /opt/cpanel/ea-php72/root/usr/bin/lsphp
If you receive error similar to “file /opt/cpanel/ea-php72/root/usr/bin/lsphp does not have a PT_PAX_FLAGS program header, try conversion” then try following solution
paxctl -c /opt/cpanel/ea-php72/root/usr/bin/lsphp
and finally restart Litespeed webserver using command:
Accessing your website now configured with php 7.2 version on a cPanel server with Litespeed and ASL (Automic Secure Linuc) or grsec kernel should now work sucessfully.
After the CloudFlare plugin is installed, you will see a CloudFlare icon in cPanel.
Step 2 – Activation
If they already have a CloudFlare direct account, sign-in. If not, click on Sign up.
Step 3 – CNAME or Full DNS setup
CNAME setup : By default, CloudFlare is set up for your customers using CNAME. To enable CloudFlare on CNAME, please click Provision Domain with CNAME Setup green button.
Full DNS option
Once you enable the Full DNS option in the config.js file, your customers can select and use either CNAME or Full DNS setup. Customers will need to refresh the page after the hosting provider updates their name servers
to CloudFlare’s name servers.
Step 4 – Enable CloudFlare for subdomains
For subdomains, click the grey cloud icon and toggle to orange. This means traffic will flow through CloudFlare for these subdomains.
Step 5 — Analytics
Your can see CloudFlare analytics for each site by clicking the “Analytics” icon
Step 5 — Additional settings and upgrades
Users can now control more CloudFlare security settings right from cPanel.
In addition to selecting the basic security level of your site from Essentially Off, Low, Medium, or High, you can configure the Challenge Passage, which specifies how long a visitor is allowed access to your website after completing a challenge.
You can enable Browser Integrity Check which evaluates HTTP headers from your visitors browser for threats, if a threat is found a block page will be delivered. In addition, users can select ‘I’m under attack mode’ when experiencing a DDoS attack on Layer 7. To access additional settings and upgrade from “Free” to “Pro”, customers need to log in to their cloudflare.com account.
cPanel continues to surprise the industry-releasing one new feature here and there, making sure that its clients get the most out of their investments. With its newest innovation, cPanel is set to enhance the client’s web hosting experience.
The launch of EasyApache 4 (EA 4) brings various improvements in installation, update, and other features that are important for the client. EasyApache 4 is a major revamp of how cPanel and WHM ships and maintains the Apache and PHP distribution.
EasyApache 4 represents a total overhaul of how cPanel & WHM ships and maintains our Apache and PHP distribution.
Simply explained, EasyApache is the software that installs, configures, updates, and validates your web server, PHP, and other components of your web server.
cPanel & WHM installs EasyApache 4 by default on new installations of systems that run cPanel & WHM version 58 or higher.
EasyApache 4 offers the following improvements over EasyApache 3:
Binaries are cost-efficient improvements that save time and monetary resources for site owners, server owners, and developers.
Rather than compile binaries from source, we build RPM packages with binaries that you can easily install via yum. This allows for quicker, automatic updates of packages.
The system forks any custom packages from the Red Hat® specification files, but contain the latest version. Binary packages also allow Apache and PHP to automatically update.
Binary Packages allow for quicker updates, installations, and the ability to spin down and spin up different web stacks and configurations quickly. This reduces the cost for site owners and server owners.
These binaries reduce the time it takes for updates and installs to a few minutes. This also allows developers to quickly spin up and spin down different configurations.
EasyApache 4 uses the Software Collections Library (SCL) for PHP packages. The use of SCLs enables the installation of multiple, concurrent version of PHP on the file system.
An SCL is an alternate path inside the /opt file that contains the full file system that various software needs. When you enable an SCL, it adds the path within that environment to the system. Commands that do not specify a path and scripts that use the /usr/bin/env file to determine their path can then use this path to find the appropriate version of the software.
How to execute a script with SCL
To execute a script with a software collection environment, you must run the scl command. For example, to run the php-v command on a php56 collection, run the following command:
scl enable ea-php56 ‘php -v’
This command’s output will resemble the following example:
The system originally stored Apache files in the /usr/local/apache directory. This directory no longer exists except for a few symlinks.
EasyApache 4’s path reorganization includes the following benefits:
The additional paths allow EasyApache 4 to function quicker and more efficiently.
The additional paths allow multiple directories to store data and symlink between files.
The additional paths allow more effective storage of data, especially with backups and recovery.
The following table lists the new file directories where EasyApache 4 now stores the Apache files:
File or Directory location
This directory contains the actual Apache executable, binary file, and webserver.
This directory contains all the logs for the apache2 file as well as all access logs.
This directory contains the configuration directory for Apache and contains all directories for Apache includes, modules, and configuration files. This directory does not contain log files. Note: This directory uses the symlink to the usr/lib64/apache24/ directory.
This directory contains all of the dynamic modules for Apache.
This SCL directory contains all of Apache’s binary files.
This file contains HTTP requests that the server received and that did not go to a domain.
This directory contains a log of HTTP requests that the system routed to a domain.
This file contains error information.
This directory contains the document root for the server. It contains default pages that users can see.
This directory contains an alias to the /var/log/apache2/ directory.
This directory contains an alias to the /usr/lib64/apache2/modules/ directory.
EasyApache 4 supports multiple versions of PHP. Multiple PHP versions allow you to assign different PHP versions to each of your domains. Coupled with automatic upgrades, this ensures that your PHP applications run on the most up-to-date, secured PHP versions.
EasyApache 4 removed OptMods and no longer supports them. However, in addition to the new RPM actions that EasyApache 4 can execute from its specification file, we created yum-plugin-universal hooks. These new hooks allow for executable actions based on the package name they operate in. For example, if you run a script on an ea-* package, if any updated packages exist in the ea4 namespace, the system executes these scripts.
If you are running a cPanel Server, your priority administration task should be the security. Some tricks about Server Security can be read on this blog. If you are running a Web Hosting business you should provide to your costumers the high security level.
A basic security need is to keep cPanel last stable version. The below instructions are intended specifically for checking your version of cPanel or WHM via the command line or the WHM dashboard.
Check Version of WHM / cPanel using the Command
Check the Version of WHM / cPanel looking at the Version File
Check the Version of WHM / cPanel login to WHM
Once you’re logged into WHM you can see version of cPanel / WHM displayed at the top:
Take in mind that keep your server with the last cPanel version is not sufficient to keep the server secure. It is a long process and you should keep always you eye open. Good look 🙂
http://yourdomainname:2082/ or http://cpanel.yourdomainname/
(replace the term yourdomainname with your actual domain name.)
Login using your cPanel username and password.
The username and password can be found in your welcome email sent to your registered email. If you do not have the correct login, please contact your us at Live chat or email firstname.lastname@example.org for help.